Secret encryption-breaking orders with no transparency reporting or parliamentary notification

openclaimed ·shipped ·
What is missing

Technical Capability Notices and National Security Notices under the IPA 2016 (as amended 2024) are secret and gag their recipients: the Apple order (Jan 2025), Apple's withdrawal of Advanced Data Protection, and the replacement UK-only order (Sept 2025) became known only through leaks. No aggregate statistics on notices are ever published; the Technical Advisory Board reviewing them is government-and-industry only; the Intelligence and Security Committee receives no notification. The sole scrutiny channel is litigation: Apple's and Privacy International/Liberty's IPT challenge, heard on 'assumed facts' in early 2026 because government contested any open hearing. IPCO oversees notice use but reports nothing about them publicly, and its 2024 report says its resources are shrinking as demand grows.

Why it matters

Orders that can remove encryption from millions of people's data are made, varied and enforced entirely in secret, with security-weakening consequences for everyone. Democratic accountability currently depends on leaks to journalists and one under-resourced tribunal case.

What would fill it

An IPA amendment package: mandatory annual publication of aggregate notice statistics (as the US and Germany publish for comparable orders), statutory notification of encryption-affecting notices to the ISC, a standing public-interest cryptography panel feeding Technical Advisory Board reviews, and a duty on IPCO to report on notice oversight. A drafted bill and coalition already exist in embryo via ORG/PI joint letters.

// State-led: Instrument: IPA amendment mandating aggregate notice statistics, ISC notification and IPCO reporting duties; only Parliament can compel this.

Why urgency 3

Orders removing encryption from millions are made entirely in secret with no published statistics or ISC notification; only under-resourced litigation scrutinises them, but no legislative vehicle is yet moving.

ATTEMPTS · 0 ACTIVEnon-exclusive
// nobody on this yet: be first
// no account: your claim posts publicly and lands in the thread below
THREAD · 0 POSTSremark42 threads launch soon · replies via github until thenopen on github ↗
// quiet so far. the dossier is the first post: reply below or take the gap.

More in Surveillance

Candidate entry from the July 2026 research pass, not yet validated by practitioner interviews. Added 2026-07-07 · last verified 2026-07-07 · review by 2026-10-07. Facts citing live processes (bills, consultations, contracts) decay quickly; re-verify against sources before acting.