Apple Inc. has announced the suspension of its most advanced cloud data encryption feature, Advanced Data Protection, for users in the United Kingdom, citing government demands for access to user data.
The decision, confirmed by Apple on Friday, marks an unprecedented shift in the tech giant’s stance on user privacy.
Advanced Data Protection, introduced in 2022, extends end-to-end encryption across a wide range of cloud-stored data, ensuring even Apple cannot access user information such as iMessage backups. However, as of Friday, new users in the UK attempting to activate the feature will receive an error message, while existing users will eventually be required to disable the service.
The removal of ADP means iCloud backups in the UK will no longer have the same level of encryption, allowing Apple to access certain user data if legally compelled. This includes copies of messages, photos, and other cloud-stored information, which could then be handed over to authorities.
“Apple’s decision to disable the feature for UK users could well be the only reasonable response at this point, but it leaves those people at the mercy of bad actors and deprives them of a key privacy-preserving technology,” said Andrew Crocker, Surveillance Litigation Director at the Electronic Frontier Foundation.
The move comes as governments and tech companies continue to clash over strong encryption. Authorities argue that such security measures hinder crime investigations and mass surveillance efforts. Britain’s request for access, however, is particularly sweeping.
Reports indicate that the UK issued Apple a Technical Capability Notice under the Investigatory Powers Act of 2016, compelling the company to assist in data collection efforts. While these notices do not grant blanket access to personal data, they allow law enforcement to demand support for specific investigations.
Apple has historically resisted government efforts to weaken encryption, famously refusing in 2016 to unlock an iPhone tied to the San Bernardino shooting case in the United States. The company has long maintained that creating a backdoor for government use could be exploited by hackers as well.
“Ultimately, once a door exists, it’s only a matter of time before it’s found and used maliciously,” said Professor Oli Buckley, a cybersecurity expert at Loughborough University. “Removing ADP is not just a symbolic concession but a practical weakening of iCloud security for UK users.”
Encrypted data stored directly on Apple devices will remain unaffected. However, with the growing reliance on cloud storage for photos, messages, and device backups, users may find themselves more vulnerable to government access.
Apple expressed disappointment over the change. “We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy,” the company said in a statement.
The UK’s move could inspire similar actions in other countries, with experts suggesting that Australia, which has comparable data laws, might follow suit.
