From a consumer and a business perspective, especially for those worried about data privacy and government access to personal data, Apple’s decision to remove Advanced Data Protection (ADP) in the UK is highly concerning.
ADP provided end-to-end encryption for iCloud data, meaning even Apple could not access it. However, due to a UK government request under the Investigatory Powers Act (IPA), Apple has disabled this feature for UK users.
Users trying to enable the feature are currently being met with a message stating, “Apple can no longer offer Advanced Data Protection (ADP) in the United Kingdom to new users.”
Key Concerns:
- Loss of True Data Privacy
Without ADP, UK customers’ iCloud data will no longer be fully encrypted. Apple will retain access to data stored in the cloud and may be required to share it with law enforcement if legally compelled. - Government Overreach & Surveillance Risks
The UK’s request for access to encrypted data sets a worrying precedent for government surveillance. Critics argue that weakening encryption compromises the security of all users, not just criminals or individuals under investigation. - Security Risks & Potential for Exploitation
If Apple were to introduce a “backdoor” to encryption for the UK, it could create vulnerabilities that malicious actors (hackers, cybercriminals, and even foreign governments) could exploit. - Global Precedent & Erosion of Digital Rights
Privacy advocates fear that other governments—especially authoritarian regimes—may follow suit, demanding similar access to private user data. - Apple’s Stance & Consumer Trust
Apple has historically resisted weakening encryption, citing privacy as a fundamental right. The removal of ADP in the UK suggests that even strong tech companies can be pressured by governments, raising concerns about future data security.
For UK consumers who value privacy, this move means their cloud-stored data is now less secure. Many might look for alternative services or local data storage solutions to maintain control over their personal information.
The UK government has not explicitly confirmed or denied issuing the request to Apple under the Investigatory Powers Act (IPA). However, a Home Office spokesperson stated:
“We do not comment on operational matters, including for example confirming or denying the existence of any such notices.”
Despite this lack of confirmation, the UK government has previously argued that encryption should be balanced with law enforcement needs. Officials have expressed concerns that end-to-end encryption (E2EE) can hinder investigations into serious crimes, including terrorism, organized crime, and child exploitation.
The NSPCC (National Society for the Prevention of Cruelty to Children), a UK-based child protection charity, has also weighed in, urging Apple to ensure that encryption does not interfere with safeguarding children online. They argue that encrypted services make it harder to detect and prevent the spread of child sexual abuse material (CSAM).
This response reflects the UK government’s broader stance: while privacy is important, they believe technology companies should provide law enforcement with access to necessary data to combat crime.
We will keep an eye on how this progresses, with the possibility that other platforms will have to follow Apple’s lead.