In a significant and unprecedented move, Apple has just removed its highest-level data security tool, Advanced Data Protection (ADP), for iPhone users in the United Kingdom, effective February 21, 2025.

This decision, prompted by a demand from the UK government for access to encrypted user data, has sparked widespread concern among privacy advocates, cybersecurity experts, and Apple customers alike. Here’s what this change means for UK iPhone users and the broader implications for digital privacy.

Advanced Data Protection was an opt-in feature introduced by Apple in December 2022, offering end-to-end encryption for a wide range of data stored on iCloud.

This included photos, notes, voice memos, reminders, device backups, and more. With ADP enabled, only the account holder could decrypt and access this data—not even Apple had the ability to view it.

This robust security measure was designed to protect user privacy, ensuring that sensitive information remained secure even in the event of a cloud data breach.

According to Apple, enhancing cloud security with end-to-end encryption has become “more urgent than ever before” amid rising cyber threats.

The removal of ADP stems from a confrontation with the UK government, specifically the Home Office, which earlier in February 2025 demanded that Apple provide a “backdoor” to access encrypted iCloud data.

This request was issued under the Investigatory Powers Act (IPA) of 2016, a law that compels tech companies to assist law enforcement by providing access to user information when deemed necessary.

Reports from the BBC and The Guardian indicate that the Home Office’s order was not limited to UK users but sought global access to encrypted data for any Apple user, a demand Apple has staunchly opposed.

Apple has long maintained a firm stance against creating backdoors in its products, arguing that malicious actors would inevitably exploit such measures, compromising user security worldwide.

In a statement reported by Reuters, Apple emphasized, “As we have said many times before, we have never built a backdoor or master key to any of our products or services and we never will.”

Rather than comply with the UK’s request, Apple chose to withdraw ADP entirely from the UK market. As of 3:00 PM GMT on Friday, February 21, 2025, new UK users attempting to activate ADP encountered an error message, and existing users were informed that their access would eventually be disabled.

For the millions of iPhone, iPad, and Mac users in the UK, the removal of ADP means that the majority of their iCloud data will no longer be protected by end-to-end encryption.

While Apple has assured users that 14 categories of data—such as health records, iCloud Keychain, and communications via iMessage and FaceTime—will remain encrypted globally,

other critical data types, including photos and backups, will now be decryptable by Apple and potentially accessible to the UK government under legal orders.

This shift significantly weakens the privacy protections previously available to UK customers.

Cybersecurity expert Professor Alan Woodward of Surrey University described the development as “an act of self-harm” by the UK government, telling the BBC, “All the UK government has achieved is to weaken online security and privacy for UK-based users.”

Similarly, Dray Agha from cybersecurity firm Huntress warned The Independent that this decision leaves UK users “more vulnerable to cyber threats,” noting that weakened encryption could set a “dangerous precedent for global privacy.”

The UK government’s push for access to encrypted data reflects a long-standing tension between privacy advocates and law enforcement agencies.

Authorities argue that end-to-end encryption hinders efforts to combat serious crimes, such as terrorism and child exploitation, by shielding offenders’ communications from scrutiny.

Rani Govender of the NSPCC, a UK children’s charity, told The Independent that encrypted services can “allow offenders to groom and manipulate children” undetected, urging Apple to implement alternative child safety measures as it adjusts its encryption approach.

However, Apple and privacy campaigners counter that creating backdoors undermines the security of all users, not just criminals.

The Guardian cited cybersecurity professor Alan Woodward, who argued, “You cannot weaken encryption for your enemies without weakening it for your friends.”

This sentiment was echoed by US lawmakers, who, according to the BBC, warned that the UK’s actions posed such a threat to American national security that intelligence-sharing agreements with the UK might need reevaluation unless the demand was withdrawn.

Apple expressed deep regret over the situation, stating to Bloomberg, “We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy.”

The company remains hopeful it can restore these protections in the future but has made it clear that compromising its core privacy principles is not an option.

This standoff marks a significant escalation in the global debate over encryption and government oversight.

The UK’s Investigatory Powers Act applies worldwide to companies with a UK presence, meaning Apple’s decision to pull ADP may not fully resolve the conflict.

As reported by Reuters, the government could still pursue further action against Apple, potentially deeming the withdrawal insufficient.

For UK iPhone users, the immediate advice is to review their iCloud usage and consider alternative secure storage options for sensitive data.

Meanwhile, the tech world watches closely, as this precedent could pressure other companies to weaken their security protocols, amplifying risks to personal data globally.