Apple announced on Friday that it can no longer provide a security feature enabling users in the United Kingdom to encrypt their iCloud data. According to a statement given to TechCrunch by Apple spokesperson Fred Sainz, the company’s Advanced Data Protection feature will be unavailable to new users, and existing U.K. users will eventually need to deactivate this security measure.
Apple expressed disappointment over the unavailability of Advanced Data Protection (ADP) to U.K. customers, highlighting the increasing risk of data breaches and threats to customer privacy. The company emphasized the heightened urgency of enhancing cloud storage security with end-to-end encryption.
This development follows a reported directive from the U.K. government earlier in the year, requesting that Apple create a backdoor for British authorities to access users’ data on Apple’s cloud servers, even if it is encrypted. This unusual demand in a modern democracy concerned privacy and security experts, who warned that such a precedent might be adopted by authoritarian regimes.
Apple provides the option for users to enable end-to-end encrypted iCloud backups through ADP, making it inaccessible to Apple and government entities. The U.K. Home Office spokesperson did not immediately respond to TechCrunch for comments.
Apple has not yet explained how the process of deactivating ADP will work for users who have already enabled it. James Baker from the U.K. digital rights organization Open Rights Group stated that the Home Office’s action has prevented millions of Britons from using a security feature, potentially putting personal data and family photos at risk.
Some data types, such as health data, iMessage content, and payment information, which are encrypted by default for all users, will remain unaffected by this change. However, U.K. users will lose the ability to opt-in for end-to-end encryption for other data types, like photos and notes, previously protected under ADP.
Apple plans to provide further guidance and a specific timeframe for users who already have ADP enabled to deactivate the feature if they wish to continue using iCloud. ADP remains available for users outside of the U.K., and services such as FaceTime and iMessage will remain unaffected.
Apple reiterated its commitment to not creating a backdoor or master key for its products or services. Reports confirmed that ADP was no longer available for new U.K. users starting from 3 p.m. on Friday.
Historically, governments worldwide have contended that encryption might allow criminals and terrorists to evade law enforcement. Authorities have traditionally found ways to access device data, whether through unencrypted backups or spyware. Matthew Green, a cryptography expert at Johns Hopkins University, advised non-U.K. users to activate ADP, noting that increased usage would make it more challenging to deactivate.
