Apple’s Advanced Data Protection for iCloud offers the company’s highest level of cloud data security. (Image credit: Anuj Bhatia/Indian Express)
A feature that provides end-to-end encryption for iCloud backups, ensuring that no one but you—not even Apple—can access your data, was disabled last week for consumers in the UK following the company’s dispute with the government. The removal of this key data security feature, Advanced Data Protection (ADP), is controversial, highlighting the ongoing tussle between tech companies and governments over increasing access to user data. Here’s a breakdown of Apple’s Advanced Data Protection (ADP) feature, how it works, and why the company pulled it in the UK.
What is Advanced Data Protection and how it works?
Apple began rolling out the Advanced Data Protection (ADP) feature as part of iOS 16.2 in early 2023, bringing end-to-end encryption to iCloud for the first time. Before this, iCloud backups never offered end-to-end encryption, which had been a controversial topic among privacy crusaders and experts. iCloud backups of the Messages app, in particular, were a major concern, as Apple could hand over the data to law enforcement agencies when legally compelled. Although conversations in Messages were end-to-end encrypted, backups of those conversations were not. Simply put, if the police wanted access to those backups, they could gain access to texts. In fact, years ago, Reuters reported that Apple had dropped a plan to encrypt backups after the FBI complained about it. However, despite rumours, Apple managed to launch the encryption feature for iCloud backups for users worldwide.
You have exhausted your monthly limit of free stories.
Read more stories for free with an Express account.
As mentioned earlier, the Advanced Data Protection (ADP) feature for iCloud enables encryption for iCloud data and gives control of the encryption key solely to the data owner. This means the encrypted data cannot be accessed by Apple or any third party. However, Apple could access the data if legally compelled to do so or if a user requested the company’s help in recovering lost data.
Your health data, payment data, contacts, calendars, reminders, notes, iMessage and FaceTime content, iCloud Keychain information, Home app data, and Wi-Fi and cellular interactions are typically stored in iCloud. However, ADP is an opt-in feature, meaning users must choose to enable it—it is not enabled by default.
What is encryption and what does it do?
Encryption is a mathematical process that alters data using an encryption algorithm and a key. The science of encrypting and decrypting information is called cryptography. Encryption has long been used to store sensitive information. If history tells us anything, encryption is not a new concept; for centuries, governments have controlled secret codes and used them in diplomacy and espionage.
By default, Apple’s encryption feature is disabled. (Image credit: Anuj Bhatia/Indian Express)
At a basic level, the purpose of encryption is to protect the confidentiality of digital data stored on computer systems or transmitted over the internet and other computer networks. For example, each time you carry out a transaction at an ATM or buy something online, encryption protects the transmitted data. However, end-to-end encryption is a step up in security—essentially, you are responsible for the key used to encrypt your iCloud data. If you lose this key, recovering your iCloud data will be impossible. These days, end-to-end encryption is commonly used by messaging apps like Signal as well as password managers.
Why is Apple’s ADP being withdrawn from the UK?
Apple’s decision to remove its highest-level data security tool for users in the United Kingdom came after the UK government demanded access to encrypted data earlier this month. This demand was made under the Investigatory Powers Act (IPA), which compels companies to provide information to law enforcement agencies.
Story continues below this ad
To meet such a demand, Apple would have had to create a security “backdoor”—a key that would allow the government to bypass encryption and access files. This would apply to all content stored using what Apple calls “Advanced Data Protection” (ADP). Instead of creating a “backdoor” for the government, Apple decided it would no longer be able to offer the security feature to users in the UK. The company argues that once a backdoor is created, the user data could be easily accessible and targeted by bad actors, weakening its encryption systems and leaving iCloud users worldwide vulnerable to data breaches.
What does the removal of ADP mean for UK users?
For many users, the removal of ADP doesn’t change anything, as the feature was always opt-in, and only those who chose to enable it were using it. However, if you try to turn the feature on in the UK now, it is no longer functional. Although ADP is no longer available in the UK, many iCloud features are still end-to-end encrypted by default, including health data and Apple’s password management system, iCloud Keychain.
Why do governments want access to user data?
The British government’s request for Apple to grant access to its citizens’ encrypted iCloud data may come as a shock to many, but governments and law enforcement agencies worldwide have been demanding greater access to user data, putting companies like Apple at loggerheads with these agencies. Surveillance agencies and law enforcement dislike being unable to access encrypted data. Time and again, governments, police, and security services have argued that end-to-end encryption is being used by criminals such as terrorists and child abusers to hide their activities online, making it more difficult to catch them. Apple, for its part, has made it clear that the lack of encryption would increase attacks on users, and therefore, its priority must be their security.
How to enable Advanced Data Protection on iPhone
Step-by-step guide to enable Advanced Data Protection on iCloud. (Express Photo)
1.)Turn on two-factor authentication for your Apple ID if you haven’t done so already.
Story continues below this ad
2.)Update all your Apple devices to iOS 16.2, iPadOS 16.2, macOS 13.1, tvOS 16.2, watchOS 9.2, or newer.
3.)Open the Settings app.
4.)Tap your name, then tap iCloud.
5.)Scroll down, tap Advanced Data Protection, then tap Turn on Advanced Data Protection.
6.)Follow the onscreen instructions to review your recovery methods and enable Advanced Data Protection.
Anuj Bhatia is a personal technology writer at indianexpress.com who has been covering smartphones, personal computers, gaming, apps, and lifestyle tech actively since 2011. He specialises in writing longer-form feature articles and explainers on trending tech topics. His unique interests encompass delving into vintage tech, retro gaming and composing in-depth narratives on the intersection of history, technology, and popular culture. He covers major international tech conferences and product launches from the world's biggest and most valuable tech brands including Apple, Google and others. At the same time, he also extensively covers indie, home-grown tech startups. Prior to joining The Indian Express in late 2016, he served as a senior tech writer at My Mobile magazine and previously held roles as a reviewer and tech writer at Gizbot. Anuj holds a postgraduate degree from Banaras Hindu University. You can find Anuj on Linkedin.
Email: anuj.bhatia@indianexpress.com ... Read More
