Apple Suspends Advanced Data Protection Tool in the UK Amid Government Security Demands
The tech company confirms it will withdraw its end-to-end encryption feature following a request for access to user data from the UK government.
Apple has announced the removal of its Advanced Data Protection (ADP) tool from the UK, following a request from the government for access to encrypted user data.
ADP provided end-to-end encryption for a majority of user files uploaded to iCloud, ensuring that only the account holder could access their data.
Earlier in the month, reports indicated that the UK government issued an order under the Investigatory Powers Act 2016, seeking the ability to access fully encrypted files from users of Apple’s services.
In its statement, Apple confirmed it will no longer offer the ADP feature to new users in the UK and will initiate processes to transition existing users away from the tool.
The company expressed disappointment about the unavailability of the protections afforded by ADP, citing the rising number of data breaches and threats to customer privacy.
While Apple has committed to maintaining high levels of security for users, it stressed that it has never created a 'backdoor' or master key to its products and services, a point reiterated in their statement.
Apple clarified that 14 types of data stored on iCloud will still remain end-to-end encrypted, including health records and messages sent through iMessage and FaceTime, which continue to be encrypted on a global scale.
However, experts have voiced concerns that the decision to withdraw ADP could increase vulnerability to cyber threats for UK users.
Dray Agha, a senior manager at cybersecurity firm Huntress, highlighted this move as a reaction to increasing government demands for encrypted user data and warned about the potential implications for privacy on a global scale.
Countering the arguments made in favor of access by some law enforcement agencies, various online safety organizations have raised alarms about the challenges posed by end-to-end encryption.
Rani Govender, policy manager for child safety online at NSPCC, emphasized the need for tech companies to explore alternatives for ensuring user safety, particularly in protecting children from online exploitation.
Govender urged Apple and similar firms to address online risks while also safeguarding user privacy and called on regulatory bodies to enforce such measures.
As the debate continues, the implications of Apple's decision extend beyond the UK, potentially influencing the policies of other tech companies regarding encryption and data protection.
ADP provided end-to-end encryption for a majority of user files uploaded to iCloud, ensuring that only the account holder could access their data.
Earlier in the month, reports indicated that the UK government issued an order under the Investigatory Powers Act 2016, seeking the ability to access fully encrypted files from users of Apple’s services.
In its statement, Apple confirmed it will no longer offer the ADP feature to new users in the UK and will initiate processes to transition existing users away from the tool.
The company expressed disappointment about the unavailability of the protections afforded by ADP, citing the rising number of data breaches and threats to customer privacy.
While Apple has committed to maintaining high levels of security for users, it stressed that it has never created a 'backdoor' or master key to its products and services, a point reiterated in their statement.
Apple clarified that 14 types of data stored on iCloud will still remain end-to-end encrypted, including health records and messages sent through iMessage and FaceTime, which continue to be encrypted on a global scale.
However, experts have voiced concerns that the decision to withdraw ADP could increase vulnerability to cyber threats for UK users.
Dray Agha, a senior manager at cybersecurity firm Huntress, highlighted this move as a reaction to increasing government demands for encrypted user data and warned about the potential implications for privacy on a global scale.
Countering the arguments made in favor of access by some law enforcement agencies, various online safety organizations have raised alarms about the challenges posed by end-to-end encryption.
Rani Govender, policy manager for child safety online at NSPCC, emphasized the need for tech companies to explore alternatives for ensuring user safety, particularly in protecting children from online exploitation.
Govender urged Apple and similar firms to address online risks while also safeguarding user privacy and called on regulatory bodies to enforce such measures.
As the debate continues, the implications of Apple's decision extend beyond the UK, potentially influencing the policies of other tech companies regarding encryption and data protection.
