Apple recently disabled its Advanced Data Protection (ADP) feature for iCloud backups in the United Kingdom due to a conflict with the government regarding data access. This decision has sparked debate, highlighting the ongoing tension between tech companies and governments over digital privacy and security. Below is an overview of the ADP feature, how it works, and the reasons behind Apple’s move to withdraw it in the UK.
Understanding Advanced Data Protection (ADP)
Apple introduced Advanced Data Protection (ADP) with the release of iOS 16.2 in early 2023, bringing end-to-end encryption to iCloud for the first time. Previously, iCloud backups were not end-to-end encrypted, raising concerns among privacy advocates. This was particularly significant for iMessage backups, as while iMessage conversations were encrypted, their backups were not—allowing law enforcement agencies to access stored conversations when required by legal orders.
Years ago, it was reported that Apple had abandoned plans for encrypted backups following pressure from the FBI. However, despite speculation, Apple ultimately introduced ADP for iCloud users globally.
The ADP feature encrypts iCloud data and ensures that only the data owner holds the encryption key. As a result, Apple and third parties cannot access this data. However, users could still recover lost data if they explicitly request Apple’s assistance.
With iCloud, various types of sensitive data—such as health records, payment details, contacts, calendars, reminders, notes, iMessage and FaceTime content, iCloud Keychain, Home app data, and network settings—are stored. While ADP is an opt-in feature, meaning users must activate it manually, it significantly enhances security by restricting access to the encrypted information.
How Does Encryption Work?
Encryption is a mathematical process that transforms data using an encryption algorithm and a unique key. The field of cryptography has been used for centuries, with governments historically using secret codes for diplomacy and espionage. In the digital age, encryption safeguards data on computer systems and secures online communications.
Each time a person performs a transaction at an ATM or makes an online purchase, encryption helps protect the transmitted data. End-to-end encryption (E2EE) provides an even higher level of security, as it ensures that only the user has access to the encryption key. If this key is lost, recovering the encrypted data becomes impossible. Many modern services, such as Signal and password managers, rely on end-to-end encryption for added security.
Why Did Apple Withdraw ADP in the UK?
Apple’s decision to disable ADP in the UK follows demands from the UK government under the Investigatory Powers Act (IPA). This legislation compels companies to provide user data to law enforcement agencies when requested. To comply, Apple would have been required to create a security “backdoor”—a mechanism allowing government access to encrypted data.
Rather than compromise its security framework, Apple chose to discontinue ADP in the UK. The company has long maintained that introducing a backdoor would undermine encryption, making user data vulnerable to cyber threats. Apple argues that any weakening of encryption could expose iCloud users worldwide to security risks and breaches.
What Does This Mean for UK Users?
Since ADP was an opt-in feature, its removal does not affect users who had not enabled it. However, those attempting to activate ADP in the UK will find it no longer available. Despite this, certain iCloud services—including iCloud Keychain and health data—continue to be end-to-end encrypted by default.
Why Do Governments Want Access to User Data?
The UK government’s request for access to encrypted iCloud data reflects a broader global debate on encryption and law enforcement. Authorities argue that encryption is misused by criminals, such as terrorists and child abusers, making it difficult to monitor illegal activities.
Governments, law enforcement agencies, and surveillance bodies have frequently pushed for greater access to encrypted data, claiming it is necessary to prevent crime. However, Apple maintains that encryption protects user privacy and security and weakening it would expose users to potential cyber threats.
Apple’s decision to withdraw ADP in the UK highlights the ongoing conflict between governments seeking increased surveillance capabilities and technology companies prioritizing user security.
 feature for iCloud backups in the United Kingdom due to a conflict){kind=link}