Starting from 1500 GMT on February 23, UK users attempting to activate ADP have encountered an error message
Apple has announced the removal of its highest-level data security tool, Advanced Data Protection (ADP), for users in the United Kingdom following a request from the government under the Investigatory Powers Act (IPA). The move has ignited debates around user privacy, government surveillance, and the wider implications for global technology companies.
ADP, an opt-in service introduced in December 2022, enables end-to-end encryption for iCloud data such as photos, documents, and messages. The feature ensures that only account holders can access their data — a security measure designed to prevent unauthorised access, including by Apple itself. However, the UK government requested access to this encrypted data under the IPA, which compels companies to provide user information to law enforcement agencies.
Apple expressed disappointment over the development, stating, “As we have said many times before, we have never built a backdoor or master key to any of our products, and we never will.”
Starting from 1500 GMT on February 23, UK users attempting to activate ADP have encountered an error message. Existing users will have their access disabled at a later date, though Apple did not specify when. The tech giant’s decision to withdraw the feature rather than comply with the UK government’s demands marks a rare and significant step in the ongoing battle between privacy advocates and governments seeking greater surveillance powers.
The Home Office refused to confirm or deny the existence of the notice but said, “We do not comment on operational matters.”
Experts have criticised the decision. Prof Alan Woodward, a cybersecurity expert at the University of Surrey, called it a “very disappointing development” and “an act of self-harm” by the UK government. He argued that the decision weakens online security and leaves UK users more vulnerable to cyber threats.
Online privacy expert Caro Robson described Apple’s action as “unprecedented,” adding, “It would be a very, very worrying precedent if other communications operators felt they simply could withdraw products and not be held accountable by governments.”
Apple’s stance aligns with wider concerns raised by privacy advocates and technology leaders. Will Cathcart, head of WhatsApp, voiced his opposition to the UK’s request, warning that forcing backdoor access into Apple’s security could “make everyone in every country less safe.”
The decision has also drawn international attention, with two senior US politicians urging the US government to reconsider its intelligence-sharing agreements with the UK. Senator Ron Wyden called the move a “dangerous precedent” that authoritarian regimes could exploit to demand similar access.
However, the removal of ADP has also sparked conversations about the balance between user privacy and public safety. The National Society for the Prevention of Cruelty to Children (NSPCC) has argued that end-to-end encryption can hinder efforts to detect child sexual abuse material (CSAM) online. Rani Govender, policy manager for child safety online at the NSPCC, said, “We’re calling on Apple to ensure they implement more child safety measures alongside any encryption changes.”
Emily Taylor, co-founder of Global Signal Exchange, countered that encryption plays a vital role in protecting everyday consumer privacy. “Encryption is something that we use every day; whether it’s communicating with our bank or on messaging apps, encryption is a form of privacy in an otherwise very insecure online world,” she said.
The dispute comes amid broader tensions between the US and other countries over regulations imposed on American tech companies. In a speech at the AI Action Summit in Paris earlier this month, US Vice President JD Vance warned against foreign governments tightening control over American tech firms, further complicating the ongoing privacy versus security debate.
Apple reaffirmed its commitment to providing the highest level of security for its users, stating that it remains hopeful the feature will return to the UK in the future. The outcome of this standoff is likely to have far-reaching implications for the tech industry and global privacy standards.
