Apple terminates UK data protection after government overreach

As of 10 a.m. (ET) today, Apple is no longer offering new users in the UK the chance to enable Advanced Data Protection. Essentially, anyone who now wants to enable the feature to protect their data against criminal or state surveillance or exfiltration will no longer be able to do so.

The move appears to be a direct response to the foolish and supremely dangerous demand by the UK government to undermine personal data security on an international scale. The UK used its Investigatory Powers Act to demand Apple secretly break encryption protecting data held in iCloud with the creation of a backdoor into that data. Rather than comply, Apple has instead switched off the encryption.

Advanced Data Protection (ADP) gives Apple’s users end-to-end encryption across nine iCloud data categories that are not otherwise so encrypted, These include iCloud Backup, iCloud Drive, Photos, Notes, Reminders, Safari Bookmarks, Siri Shortcuts, Voice Memos, Wallet Passes and Freeform. Other iCloud categories, including iCloud Keychain, Health, and iMessage, will remain encrypted.

Related content: Apple 2025 products, news and discussion of the UK data “back door” request.

What this means to UK users

In a statement, the company said: “Apple can no longer offer Advanced Data Protection (ADP) in the United Kingdom to new users and current UK users will eventually need to disable this security feature. ADP protects iCloud data with end-to-end encryption, which means the data can only be decrypted by the user who owns it, and only on their trusted devices.

“We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK, given the continuing rise of data breaches and other threats to customer privacy. Enhancing the security of cloud storage with end-to-end encryption is more urgent than ever before.”

What the change means is that if you have not already enabled ADP on your device, you will receive a message warning you that the feature is no longer available to new users in the UK. It gets worse, of course.

If you happen to be a UK customer who is already using ADP, you can eventually expect to be told to disable the feature in order to continue using your iCloud account. Apple evidently doesn’t want to have to do this; the company knows full well that in the current threat landscape, it makes sense to encrypt all of your data — which is why it introduced ADP in the first place.

A huge act of self-harm by the UK

Speaking to the BBC, online security expert Professor Alan Woodward called this a “very disappointing development,” slamming the government for an act of self-harm. “All the UK government has achieved is to weaken online security and privacy for UK based users.”

Unfortunately, the incompetent UK government does not understand this. It’s a huge indictment of UK officials in the Home Office, who have effectively given the world’s authoritarians a green light to demand access to people’s data.As anyone who understands digital security knows, no one is safe unless everyone is safe, and the UK has just made everyone less safe. 

Fortunately, the ADP system remains available in the rest of the world. 

It is likely the decision to disable the system in the UK follows the recent UK attempt to demand access to data held in iCloud by anyone in the world. Sadly, we can’t be certain this is the case as, under the law the government used to demand this, we have no right to be told.

That means we do not know the full extent to which Apple has been forced to open up to state surveillance by UK authorities. We do not know how the government is handling that access and have not been told how it will affect users. Nor do we know the extent to which the government is attempting to secure global access to iCloud data, threatening the interests of other nations in the act.

All we do know is that the government is guilty of an authoritarian overreach to the detriment of its own national security. Senators in the US are already threatening to re-evaluate intelligence sharing agreements with the UK unless it ceases this digital overreach.

Apple will continue to fight

As I wrote when this foolish demand was made, far from making people safer, the UK demand threatens everyone: “Ultimately, privacy is a human right, not a feature, and the removal of such rights should at least be a matter of public and democratic debate, which it has not been. As it stands, this UK overreach should be opposed not only by civil rights advocates, but by anyone else who uses — or provides — online services of any kind, and certainly by any nation that does protect privacy among its citizens. “

 The fight for privacy is not over.  Apple will continue to push for it. In the statement, the company stressed: “Apple remains committed to offering our users the highest level of security for their personal data and are hopeful that we will be able to do so in the future in the United Kingdom. As we have said many times before, we have never built a backdoor or master key to any of our products or services, and we never will.”

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.