Here is the rewritten content without changing its meaning, retaining the original length, and keeping proper headings and titles as required:

Apple has announced that it is discontinuing its most advanced security encryption feature for cloud data in the UK. This change affects a feature called Advanced Data Protection (ADP), which provides end-to-end encryption across a wide range of cloud data. As of Friday, new users in the UK will no longer have access to this feature, and existing users will eventually need to disable it.

The move means that iCloud backups in the UK will no longer have the same level of encryption, allowing Apple to access user data in certain cases and hand it over to authorities if legally compelled. With end-to-end encryption enabled, even Apple cannot access the data.

"Apple’s decision to disable the feature for UK users could well be the only reasonable response at this point, but it leaves those people at the mercy of bad actors and deprives them of a key privacy-preserving technology," said Andrew Crocker, surveillance litigation director at the Electronic Frontier Foundation.

Governments and tech giants have long been locked in a battle over strong encryption, which authorities view as an obstacle to mass surveillance and crime-fighting programs. However, such a demand from the UK would be particularly sweeping.

Early plans to let Apple users fully encrypt backups of their devices to the company’s iCloud service were dropped in 2018 after the FBI privately complained. However, the company eventually went forward with the plan in 2022.

"Lawful access to digital evidence and threat information is rapidly eroding," the US Federal Bureau of Investigation says on its website, citing "warrant-proof encryption."

Apple has long said that it would never build a so-called backdoor into its encrypted services or devices, as once one is created, it could be exploited by hackers in addition to governments. This sentiment is echoed by security experts.

"Ultimately, once a door exists, it’s only a matter of time before it’s found and used maliciously. Removing ADP is not just a symbolic concession but a practical weakening of iCloud security for UK users," said Professor Oli Buckley, a professor in cybersecurity at Loughborough University in the UK.

Data that was encrypted before Apple launched its protection service in late 2022, such as passwords and iMessage and FaceTime messaging services, will remain encrypted.

"We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy," Apple said in a statement.

The change does not affect encryption of data stored directly on devices, but many users find it impractical to store all their data on their device alone. Device-only storage also means that if the device is lost or damaged, all of a user’s data could disappear, driving many consumers to opt for some form of cloud backup that will now be easier for British authorities to access.

Law enforcement agencies have frequently targeted Apple services, including iMessage through iCloud backups, which were not end-to-end encrypted before Apple offered Advanced Data Protection. Those backups can contain photos and other sensitive information and are widely used.

While Apple cannot disable ADP for existing users as it does not hold encryption keys, it will prompt users to turn off the feature themselves.

A spokesperson for Britain’s Home Office declined to comment on whether such an order had been issued. The Washington Post reported this month that Britain issued Apple a Technical Capability Notice, requiring access under the broad Investigatory Powers Act of 2016.

Technical Capability Notices do not grant blanket access to users’ personal data, according to the government’s website. Even with a TCN in place, separate authorizations are still required to allow access to data.

Australia has a similar law and could follow the UK’s lead, said Joseph Lorenzo Hall, a distinguished technologist with nonprofit group Internet Society. "The one thing we see with Commonwealth countries is the second one does something, the others tend to do that. And so I would expect Australia to issue a Technical Capability Notice that probably mirrors this, given their own laws."

Hall also noted that Alphabet’s Android operating system also offers encrypted backups.

Apple shares ended largely unchanged on Friday. The company has long resisted government efforts to weaken encryption, including in 2016 when US authorities tried to compel it to unlock the iPhone of a San Bernardino shooter.

Efforts to subvert encryption date back to the 1990s, when former US President Bill Clinton’s administration first proposed adding a physical chip to computer hardware that would give cops and spies a way of eavesdropping on encrypted communications. The effort foundered, and strong encryption has since made its way into an increasing number of consumer services.

Some US officials have encouraged the use of encrypted services in the wake of December’s widespread Salt Typhoon hack on US telecommunications firms.

Meredith Whittaker, president of Signal, which has previously threatened to leave the UK over similar concerns, called Britain’s move "technically illiterate" and said that it would hurt the country’s efforts to cultivate its tech sector.

"You can’t be tech-friendly while eroding the foundation of cybersecurity on which robust tech depends. Encryption is not a luxury – it is a fundamental human right essential to a free society that also happens to underpin the global economy," Whittaker said.

Published On Feb 22, 2025 at 12:00 PM IST

Join the community of 2M+ industry professionals
Subscribe to our newsletter to get the latest insights & analysis.

Download ETCISO App
Get Realtime updates
Save your favourite articles

Scan to download App