Apple has withdrawn UK access to its advanced encryption service Advanced Data Protection after the UK government ordered the iPhone-maker to give security services access to its data. UK users will no longer have access to the ADP tool, which offers end-to-end encryption giving account holders sole access to items stored on Apple’s iCloud servers. […]
Apple has withdrawn UK access to its advanced encryption service Advanced Data Protection after the UK government ordered the iPhone-maker to give security services access to its data.
UK users will no longer have access to the ADP tool, which offers end-to-end encryption giving account holders sole access to items stored on Apple’s iCloud servers. The tech giant said it was “gravely disappointed” to remove the service from its British users.
UK ministers claim ADP and other end-to-end encryption services are hampering law enforcement agencies from catching criminals, but Apple has fought back against previous efforts for governments to gain backdoor access to the encrypted data.
Apple argues giving access to governments would dilute the security of the tool by making it vulnerable to bad actors and other nations. Removing the end-to-end nature of the encryption would also allow Apple to access the unencrypted data, potentially making the company subject to legal orders to hand over previously private data.
Earlier this month the Home Office served Apple a request under the Investigatory Powers Act, which compels firms to provide information to law enforcement agencies, asking for the right to see users’ encrypted data, which currently not even Apple can access.
Apple switched off the service for new users on Friday at 3pm GMT and said existing users would need to switch it off in the near future. However, messaging services such as iMessage and FaceTime would remain end-to-end encrypted.
Apple said: “We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy. Enhancing the security of cloud storage with end-to-end encryption is more urgent than ever before.
“Apple remains committed to offering our users the highest level of security for their personal data and are hopeful that we will be able to do so in the future in the UK. As we have said many times before, we have never built a backdoor or master key to any of our products or services and we never will.”
Meta’s WhatsApp and Signal have previously threatened to exit the UK market in response to the Online Safety Act 2023, with the latter saying it would “100% walk”. The government later rowed back on its plans to introduce client side scanning, which would have forced companies to scan data before encrypting it.
Much of the industry supports Apple, acknowledging that any backdoor could create wider vulnerabilities that could potentially be exploited by bad actors.
When it was revealed the government were trying to force Apple’s hand, Graeme Stewart, head of public sector at Check Point Software, warned that forcing Apple or any company to create a backdoor “sets a dangerous global precedent” that could be exploited by authoritarian regimes, cybercriminals, and hostile states.
