Apple has removed its advanced data protection (ADP) feature from the UK, following a dispute with the UK government over encryption and access to user data.
This comes after the Home Office requested access to encrypted iCloud data under the investigatory powers act (IPA), a law that requires leading tech firms to provide information to law enforcement when required.
ADP, which ensures that only account holders can access their stored data using end to end encryption, will no longer be available to UK users, making them more vulnerable to cyber and malware attacks.
From Friday afternoon, those trying to activate the feature received an error notification, while existing users will have their access revoked.
Without it, standard encryption will apply, which means Apple will be able to access user data and share it with law enforcement, if presented with a warrant.
Apple expressed its “grave disappoint[ment]” over the decision, saying that it remains committed to offering its users the highest level of security for their personal data.
The tech giant emphasised that strong encryption is more necessary than ever, as cyber threats and data breaches arise.
According to the BBC, the government issued a technical capability notice (TCN) to Apple, requiring the firm to comply with the data access request. The Home Office has declined to comment.
It cited that sources familiar with the matter have said that even if it was issued, it would not grant blanket access to all user data, as individual authorisations would still be required.
Backlash and wider implications
The decision sparked backlash from cyber security experts, who have argued that the government’s stance will weaken online security.
Alan Woodward, a cyber security professor at the University of Surrey, described the move as “an act of self harm”, which will achieve little in terms of security.
And Mike Salem, UK country associate for the Consumer Choice Center (CCC) branded it an “unfortunate move”.
He said: “Everyone in the UK should be extremely worried about what the government aims to access not just in the UK, but across the world.
“This marks a very sad day for the basic principle of consumer privacy in the 21st century, depriving users of the tools that leave UK citizens exposed to governments, criminals and malicious hackers. The fact this has been done without debate, oversight or advance warning to UK Apple users is extremely concerning.”
Beyond privacy concerns, the dispute has also risks ratcheting up geopolitical tensions between the US and UK.
Vice president of the US, JD Vance, recently criticised foreign governments for tightening regulations on American big tech firms at the AI Action Summit in Paris, reflecting growing concern in Washington over the mounting pressures on US firms operating internationally.
The removal of ADP is a significant move in the ongoing conflict between governments and tech firms over encryption and surveillance.
It may set a precedent to its tech rivals such as Google or Microsoft.