Apple pulls iCloud end-to-end encryption feature in the UK

Apple says it can no longer offer its iCloud end-to-end encryption feature called Advanced Data Protection (ADP) to new users in the United Kingdom. Current users eventually will need to disable this security feature.

“We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy,” Apple says in a statement to the media.

“Apple remains committed to offering our users the highest level of security for their personal data and are hopeful that we will be able to do so in the future in the United Kingdom. As we have said many times before, we have never built a backdoor or master key to any of our products or services and we never will,” the company continues.

Earlier this month, anonymous sources said that the United Kingdom’s government secretly ordered Apple to create a backdoor to access users’ end-to-end encrypted iCloud backups.

These backups aren’t encrypted by default. To do so, users will have to enable a security feature called Advanced Data Protection (ADP). Once activated, it makes it impossible for anyone to view data that’s been stored in iCloud by users. Not even Apple and government authorities can access this information.

According to anonymous government officials, the United Kingdom’s government has demanded a backdoor to this data just in case the country’s national security is at risk. Authorities would still have to request permission and go through a legal process to access a specific account.

The order only concerns iCloud data such as Backup, Drive and Photos. Various other data stored online such as passwords in Keychain, messages in iMessage, FaceTime and Health data are still encrypted.

Human rights groups like Big Brother Watch and Privacy International were appalled by the United Kingdom government’s demand, calling it “disproportionate and unnecessary” and “an unprecedented attack on privacy rights that has no place in any democracy.”

Amnesty International said that the UK’s order to access encrypted cloud data would “severely harm the privacy rights of users in the UK and worldwide.”

Matthew Green, associate professor of computer science at Johns Hopkins School of Engineering and expert on applied cryptography and cryptographic engineering, recommends activating ADP as soon as possible.

“If you are not in the UK, you should turn on ADP now. The more people who use it, the harder it will be to shut off this way,” he says on X.