Apple Removes Advanced Data Protection for UK Users Following Government Order

Apple will remove its Advanced Data Protection (ADP) for users in the United Kingdom due to a government order. This decision comes after the UK government, under the Investigatory Powers Act, required Apple to create a backdoor for accessing encrypted user data.

The removal of ADP means that data stored on iCloud will no longer be end-to-end (E2E) encrypted in the UK. Law enforcement authorities in the country can access the data whenever they deem necessary. This change affects iCloud data storage, device backups, web bookmarks, voice memos, notes, photos, reminders, and text message backups.

Apple currently offers two methods of encrypting iCloud data. The Standard Data Protection (SDP) is the default setting where encryption keys are secured in Apple data centers. In this case, only certain data is E2E encrypted and Apple can help users with data recovery if needed. The second method, ADP, offers the highest level of security on Apple devices, with encryption keys remaining only on the user’s trusted devices.

In a statement to Bloomberg, Apple expressed its disappointment with the UK government’s decision. The company said it was “gravely disappointed” that ADP protections would not be available to UK customers, especially given the rise of data breaches and other threats to customer privacy.

Customers who are already using ADP will need to manually disable it in the UK during a grace period to keep their data in their iCloud accounts. Apple said it would issue additional guidance for affected users in the UK and noted that it doesn’t have the ability to automatically disable E2E encryption on their behalf.

Despite this change, Apple will continue to offer E2E encryption on other features such as iMessage, FaceTime, Passwords, and Apple Health data, where the encryption is turned on by default.