Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government demands for backdoor access to encrypted user data.
The development was first reported by Bloomberg.
ADP for iCloud is an optional setting that ensures that users’ trusted devices retain sole access to the encryption keys used to unlock data stored in its cloud. This includes iCloud Backup, Photos, Notes, Reminders, Safari Bookmarks, voice memos, and data associated with its own apps.
“We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy,” the company was quoted as saying to Bloomberg.
“ADP protects iCloud data with end-to-end encryption, which means the data can only be decrypted by the user who owns it, and only on their trusted devices.”
Customers who are already using ADP will need to manually disable it for an as-yet-unspecified period of time, per the report, as Apple “does not have the ability to automatically disable it on their behalf.”
The unprecedented development comes merely weeks after reports emerged that the U.K. government had ordered Apple to build a backdoor to access any Apple user’s iCloud content.
Per The Washington Post, the demand, issued by the U.K. Home Office under the Investigatory Powers Act (IPA) aka the Snoopers’ Charter, “requires blanket capability to view fully encrypted material, not merely assistance in cracking a specific account.”
With the removal of ADP in the region, Apple now only offers standard data protection for iCloud, which encrypts users’ data but stores the encryption keys in its own data centers, thereby making it accessible to law enforcement subject to a warrant.
Last week, U.S. Senator Ron Wyden and Member of Congress Andy Biggs sent a letter to Tulsi Gabbard, the Director of National Intelligence, urging the U.K. to retract its order, citing it threatens the privacy and security of both the American people and the U.S. government.
“If the U.K. does not immediately reverse this dangerous effort, we urge you to reevaluate U.S.-U.K. cybersecurity arrangements and programs as well as U.S. intelligence sharing with the U.K.,” they added.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
The Hacker News
