U. K.Government Mandates Apple to Disable Advanced Data Protection Feature
In a significant move, the U. K.government has compelled Apple to disable its Advanced Data Protection (ADP) feature for consumers within the country. This decision arises from a government order that necessitates the formation of a backdoor, allowing authorities access to encrypted user data stored on iCloud. Consequently, data stored in the U. K.will no longer benefit from end-to-end encryption (E2E), facilitating law enforcement’s ability to access this data as needed.
Understanding Apple’s Encryption Methods
Apple currently employs two encryption methods for iCloud data. The standard data protection (SDP) serves as the default option for users, where encryption keys are stored in Apple’s data centers. Under this configuration, only selected data is E2E encrypted, allowing Apple to assist users in data recovery if issues arise.
On the other hand, the advanced data protection (ADP) method offers superior security, with encryption keys residing solely on the user’s trusted devices. This approach ensures that not even Apple can access the iCloud data, emphasizing user privacy as the sole authority over recovery. Unfortunately, users in the U. K.will lose this critical security feature, impacting their iCloud data storage across various formats, including backups, notes, photos, and text message archives.
Government Order and Its Implications
The order under which this decision was made is rooted in the Investigatory Powers Act, which has been met with considerable criticism. In response to the government’s actions, Apple expressed its profound dissatisfaction. A spokesperson for the company stated:
“We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy. ADP protects iCloud data with end-to-end encryption, which means the data can only be decrypted by the user who owns it, and only on their trusted devices.”
Transition for Existing Users
Current ADP users in the U. K.will need to take action to manually disable the feature during a grace period to retain access to their iCloud accounts. Apple has committed to providing further information to affected users but clarified that it cannot automatically disable E2E encryption for them.
Continued Encryption on Other Features
Despite this setback, Apple will maintain end-to-end encryption for several other services, including iMessage, FaceTime, Passwords, and Apple Health data, where this encryption is enabled by default.
For more details, refer to the Bloomberg article.
Leave a Reply ▼