Source URL: https://www.theguardian.com/technology/2025/feb/21/apple-removes-advanced-data-protection-tool-uk-government
Source: Data and computer security | The Guardian
Title: Apple removes advanced data protection tool after UK government request
Feedly Summary: Users will now be more vulnerable to data breaches from bad actors, Apple says, after Home Office orderBusiness live – latest updatesApple has taken the unprecedented step of removing its strongest data security tool from customers in the UK, after the government demanded “backdoor” access to user data.UK users will no longer have access to the advanced data protection (ADP) tool, which uses end-to-end encryption to allow only account holders to view items such as photos or documents they have stored online in the iCloud storage service.
UK users will now be more vulnerable to data breaches from bad actors, and other threats to customer privacy, Apple said. It will also mean that all data is accessible by Apple, which can share it with law enforcement if they have a warrant. Continue reading…
AI Summary and Description: Yes
Summary: The removal of Apple’s advanced data protection tool for UK users marks a significant compromise in user privacy and security. This decision is a direct response to government demands for access to encrypted data, raising concerns over data breaches and user vulnerability.
Detailed Description:
– **Removal of Advanced Data Protection (ADP) Tool**: Apple has withdrawn its ADP tool from UK customers due to a government request for backdoor access. This tool employed end-to-end encryption, ensuring that only users could access their stored data.
– **Increased Vulnerability**: With the ADP tool no longer available, UK users face heightened risks of data breaches and privacy violations. Apple has indicated that all data will now remain accessible to them, potentially allowing for sharing with law enforcement.
– **Investigatory Powers Act**: The UK government’s application of the Investigatory Powers Act prompted this change, compelling companies to provide user data to law enforcement.
– **Current User Impact**: New users will not have access to the ADP tool, while existing users will need to disable it in the future. Some services, such as iMessage and FaceTime, will still retain their encryption.
– **Apple’s Stance**: The company expressed deep disappointment about the removal of robust security measures at a time when data breaches are rising.
– **Expert Opinions**: Cybersecurity experts highlight the irrationality of government demands that threaten to compromise encryption. Alan Woodward noted the impracticality of dictating terms to a major US company, and Peter Sommer advised that the Home Office should focus on targeted encryption breaches rather than seeking universal backdoors.
Takeaways for Security and Compliance Professionals:
– This case serves as a critical reminder of the challenges posed by governmental regulations on user privacy and data security.
– The implications of Apple’s decision can lead to a heightened discussion on the balance between law enforcement demands and individual privacy.
– Industry professionals must be aware of evolving encryption technology and consider the ramifications of compliance on data security, particularly regarding user trust and potential breaches.
This incident underscores the ongoing tension between privacy rights and law enforcement access, prompting crucial dialogues about the future of encryption and user data protection strategies.