Apple has quietly disabled its Advanced Data Protection (ADP) feature for iCloud backups in the UK, following tensions between the company and the British government over data access.
The security feature, which provided end-to-end encryption for iCloud backups, ensured that not even Apple could access users’ stored data. However, due to mounting pressure from UK authorities, the tech giant has decided to withdraw from the region, fueling the ongoing global debate about privacy versus government surveillance.
What is Advanced Data Protection, and how does it work?
Apple first introduced ADP as part of iOS 16.2 in early 2023, offering an extra layer of security for iCloud backups. Before this, Apple had encrypted most of the data stored in iCloud but stopped short of encrypting backups, making them accessible to law enforcement when legally requested. This was a primary concern for privacy advocates, especially because encrypted conversations in apps like Messages were previously backed up so that law enforcement could still access them.
With ADP enabled, iCloud backups — including sensitive data like messages, passwords, and health records — were protected by encryption, meaning only the user had access. Apple itself couldn’t unlock the data, even if ordered. However, the feature was never turned on by default, requiring users to opt in manually.
Why did Apple remove ADP from the UK?
Apple’s decision to pull ADP from UK users is tied to the Investigatory Powers Act (IPA). This law allows British authorities to demand access to encrypted data for national security reasons. For Apple to comply, it would have needed to create a “backdoor,” essentially a secret key allowing the government to bypass encryption and access user files when required.
Apple removed ADP from the UK entirely rather than weaken its encryption protocols for one region. The company has long argued that creating a backdoor would put all users at risk, as hackers and other malicious actors could exploit such vulnerabilities. While Apple’s decision reinforces its commitment to user privacy, it also means that UK users now have less control over the security of their iCloud backups.
What does this mean for UK users?
Removing ADP won’t make a noticeable difference for most users, as the feature was always optional. However, those who had enabled it will no longer have access to the enhanced encryption for their iCloud backups. While Apple has pulled ADP, several other iCloud services remain encrypted by default, such as health data and iCloud Keychain.
Apple’s decision highlights the ongoing struggle between tech companies and governments over data access. While authorities argue that encryption helps criminals evade justice, companies like Apple maintain that any compromise in security could leave millions of users vulnerable to cyberattacks. The debate is unlikely to end here, as governments worldwide continue to push for more control over encrypted data, putting companies like Apple in a difficult position.
