Apple has removed its strongest iCloud data protection for customers in the UK, as a refusal to comply with a government order demanding backdoor access to user data.
Apple has a security feature called Advanced Data Protection, which offers end-to-end data encryption of files and backups stored in iCloud — meaning only the owner can decrypt and access the data. But now, Apple users in the UK are left without this option because of a dispute between the tech giant and their government. According to The Washington Post, the UK government order demanded blanket access to Apple users’ encrypted iCloud data.
Instead of complying with the demands, Apple subsequently pulled the ADP tool altogether. “We have never built a backdoor or master key to any of our products or services and we never will,” Apple said in a statement to Bloomberg, which first reported the story.
UK-based users who haven’t enabled ADP will no longer be able to add this protection. Those who already have ADP enabled will be given a grace period to disable the setting and guidance on how to adjust to the privacy change, Apple told Mashable. Under default iCloud data protections, data from apps like Health, iMessage, Keychain are still end-to-end encrypted. You can see the full list here.
Mashable Light Speed
Apple’s decision leaves UK users’ data more vulnerable, as would have complying with the order. Removing access to their most advanced version of data protection voluntarily is Apple’s way of saying they won’t participate in granting access to private data for the sake of government oversight. Apple “remains committed to offering our users the highest level of security for their personal data and are hopeful that we will be able to do so in the future in the United Kingdom,” the statement continued.
Privacy and free speech advocates have praised the move for not bending to what they believe is an invasive law, which they say could establish a dangerous precedent for any government seeking access private data. “You can’t be tech-friendly while eroding the foundation of cybersecurity on which robust tech depends,” said Signal President Meredith Whittaker in a statement to Reuters. “Encryption is not a luxury – it is a fundamental human right essential to a free society that also happens to underpin the global economy.”
But still, the fact that Apple was forced to respond to the UK government in some way has users concerned about their suddenly vulnerable private data. The move has people wondering if its grounds for a breach of contract lawsuit, since privacy protection is a longstanding tent pole of Apple’s products and services.
Apple has a long history of battling over government requests for user data. Several times, the company has refused law enforcement requests to unlock the iPhones of suspected mass shooters, once in 2016, and another time in 2020.
UPDATE: Feb. 23, 2025, 2:19 p.m. EST This story has been updated to include statements from Apple.
