Apple Inc. has taken the significant step of disabling its Advanced Data Protection feature in the UK, removing an option that allowed users to secure their iCloud data with end-to-end encryption. The move follows a demand from the UK government, which had requested that Apple introduce a backdoor to enable official access to encrypted data. Rather than complying, Apple chose to disable the feature entirely in the UK, a decision that raises concerns about data security and government surveillance.
What will change for UK users?
The key change for Apple users in the UK is that they will no longer be able to enable end-to-end encryption for several iCloud services. This affects:
- iCloud Backups
- iCloud Drive
- Photos
- Notes
- Reminders
- Safari Bookmarks
- Siri Shortcuts
- Voice Memos
- Passes stored in Apple Wallet
Essentially, this reverts Apple users in the UK to the state they were in before 2022, when the company first introduced Advanced Data Protection.
Without end-to-end encryption, these forms of data will only be protected by standard encryption. While this still provides security when data is in transit and stored on Apple’s servers, Apple will retain the encryption key—which means the company (or potentially hackers and government agencies) could access the data under certain conditions.
What won’t change?
Despite these restrictions, Apple has confirmed that it will continue to offer end-to-end encryption for several key types of user data, both in the UK and globally. These include:
- Health data
- Passwords stored in iCloud Keychain
- Screen Time data
- Apple Maps data
- Safari browsing history
- Journal app entries
- Apple Card transactions and payment data
- Smart home information
- Messages stored in iCloud
Additionally, Apple’s iMessage and FaceTime services will continue to be protected with end-to-end encryption, meaning only the sender and recipient can access messages or calls.
Why is end-to-end encryption important?
End-to-end encryption is one of the most effective ways to protect user data because it prevents Apple, hackers, or government agencies from accessing it remotely. With this security measure, only the user holds the decryption key, which is stored exclusively on their device.
By contrast, without end-to-end encryption, Apple stores the encryption keys on its servers. This means that if required, the company could theoretically hand over user data to government authorities, or a security breach could expose it to cybercriminals.
Apple’s stance on encryption and government access
Apple has long positioned itself as a defender of user privacy and has resisted government demands for encryption backdoors. The company previously refused to help US law enforcement unlock an iPhone belonging to a suspect in the 2015 San Bernardino shooting, citing concerns that creating a backdoor could compromise security for all users.
More Read
The UK government, however, has taken an increasingly strong stance on encryption. Under the Investigatory Powers Act 2016 (often referred to as the Snooper’s Charter), the government has sought greater access to encrypted data for national security and law enforcement purposes. This latest decision by Apple appears to be a direct response to these demands.
Rather than compromising its encryption model by introducing a backdoor that could be exploited worldwide, Apple has instead chosen to disable the Advanced Data Protection feature entirely for UK users.
The future of encryption in the UK
While this decision affects Apple users in the UK, Advanced Data Protection remains available in other countries. UK users who rely on full encryption for cloud storage may need to seek alternative solutions, such as third-party encrypted storage services.
Apple’s move also raises questions about the future of encryption in the UK. With increasing pressure from governments to weaken encryption, major tech companies may face more legal challenges or be forced to alter their services in certain regions.
For now, UK users can still benefit from some level of encryption, but they will need to be aware that their cloud-stored data is now more vulnerable than before.
