US Director of National Intelligence Tulsi Gabbard announced Monday on X (formerly Twitter) that the UK has agreed to drop its mandate that Apple provide a “back door” to access encrypted data from American users. 

The controversial Technical Capability Notice (TCN) was issued to Apple in January under Section 253 of the UK’s 2016 Investigatory Powers Act (IPA). Under Section 255(8) of the IPA, companies face criminal penalties for disclosing the existence of such notices, creating a legal back door with minimal transparency or oversight.

The order, which sought to compel Apple to grant access to encrypted iCloud data, raised significant concerns about extraterritorial jurisdiction and compliance with bilateral treaty obligations. In particular, it was thought to have violated the 2022 US-UK Data Access Agreement under the CLOUD Act (Clarifying Lawful Overseas Use of Data Act), which bars either country from targeting the other’s citizens’ data, and explicitly states that it “does not create any obligation that providers be capable of decrypting data.”

Apple challenged the order at the UK’s Investigatory Powers Tribunal in April, arguing the mandate exceeded statutory authority and violated established standards for international data protection. The company withdrew its advanced encryption features from UK users in February rather than comply with the mandate. The withdrawal announced on Monday represents a meaningful precedent for Fourth Amendment protections in the digital age, while highlighting the tension between national security interests and global technology infrastructure.

The UK’s withdrawal marks only the most recent international legal development for Apple. Earlier this year, the company was fined $162 million for violating French privacy laws. Additionally, an ongoing class action lawsuit in the UK argues that Apple illegally overcharged its consumers. Last year, the company was ordered to repay Ireland an estimated €13 billion (approximately $15.1 million) of illegal tax benefits.