Apple has announced the immediate removal of the Advanced Data Protection (ADP) feature for iCloud in the United Kingdom following government demands to grant access to encrypted user data.
ADP provided end-to-end encryption for data stored in iCloud, including backups, photos, notes, reminders, and Safari bookmarks. The decryption keys were stored exclusively on the users’ trusted devices, preventing access even by Apple itself.
However, users in the UK will now be limited to Apple’s standard data protection, where encryption keys are retained within the company’s data centers and can be disclosed to law enforcement agencies upon request.
Expressing disappointment over this development, Apple emphasized that the removal of ADP weakens user security at a time when cyber threats are on the rise. Notably, those who have already enabled the feature must manually disable it, as Apple is unable to do so automatically.
The demand to access encrypted data was issued just weeks ago by the UK Home Office under the Investigatory Powers Act (IPA). Authorities insisted on the creation of a mechanism allowing unrestricted access to encrypted content—not merely assistance in specific investigations.
This decision has sparked fierce criticism in the United States. Senator Ron Wyden and Congressman Andy Biggs have even addressed a letter to the Director of National Intelligence, urging a reassessment of cybersecurity and intelligence-sharing cooperation with the UK should the country persist with its demands.
The rollback of Advanced Data Protection in the UK not only jeopardizes user privacy but also sets a dangerous precedent for other nations seeking to weaken data security on Apple devices. In the long term, this could have far-reaching consequences for digital freedoms and global cybersecurity.
