Apple has announced its plan to bring end-to-end encryption to iCloud in an effort to further protect its users from data breaches.
Once Advanced Data Protection becomes available, iPhone, iPad and Mac owners will be able to add extra protection to their sensitive data stored in the company’s cloud storage service. This is an optional feature and users will need to enable it themselves from the iCloud settings menu on their devices.
Apple devices running either iOS or iPadOS currently use a file encryption methodology called Data Protection according to an Apple support document (opens in new tab). Meanwhile, while Intel-based Macs use a volume encryption technology called FileVault, Macs powered by Apple silicon use a hybrid model that supports Data Protection.
iCloud already protects 14 sensitive data categories including passwords in iCloud Keychain and Health data using end-to-end encryption by default. Once Advanced Data Protection is enabled though, the number of protected categories will increase to 23 and include iCloud Backup, Notes and Photos.
However, Advanced Data Protection won’t encrypt every data category as iCloud Mail, Contacts and Calendar need to be able to interoperate with other systems and services.
Head of security engineering and architecture Ivan Krstić provided further insight on Advanced Data Protection in a press release (opens in new tab), saying: “Apple makes the most secure mobile devices on the market. And now, we are building on that powerful foundation. Advanced Data Protection is Apple’s highest level of cloud data security, giving users the choice to protect the vast majority of their most sensitive iCloud data with end-to-end encryption so that it can only be decrypted on their trusted devices.”
Making things more difficult for law enforcement
Offering enhanced security for user data stored in the cloud makes a lot of sense for Apple, especially when 1.1 billion personal records were exposed worldwide in 2021 as the result of data breaches according to a new white paper (opens in new tab) (PDF). However, the company’s new Advanced Data Protection feature may make things a lot more complicated for law enforcement.
In a report on this new feature, The Wall Street Journal (opens in new tab) highlights how Apple will no longer be able to provide iCloud phone backups after being requested to do so by law enforcement agencies. Even though the company has prevented the FBI and other government agencies from accessing encrypted data on the best iPhones, it has provided them with iCloud backup data in the past when after being legally requested to do so.
Once Advanced Data Protection becomes generally available and iPhone users start enabling it, Apple will no longer have the ability to comply with these requests which often include chat logs and attachments from iMessage. Law enforcement agencies in the U.S. and around the world will likely take issue with Advanced Data Protection but how this feature will affect future investigations remains to be seen.
In a statement to The Washington Post (opens in new tab) though, the FBI expressed its concerns about the threat posed by end-to-end encryption, saying: “This hinders our ability to protect the American people from criminal acts ranging from cyber-attacks and violence against children to drug trafficking, organized crime and terrorism. In this age of cybersecurity and demands for ‘security by design,’ the FBI and law enforcement partners need ‘lawful access by design.’”
When will Advanced Data Protection be available?
Even though Apple just announced this new feature, Advanced Data Protection is already rolling out to Apple Beta Software Program members in the United States. This will give the company time to tweak and perfect the feature before it becomes generally available.
If you’re not in the Apple Beta Software Program, you’ll need to wait until the end of the year (which is approaching fast) to test Advanced Data Protection for yourself. After the feature is released in the U.S., it will begin rolling out to the rest of the world early next year. At that point, we’ll likely know a bit more about how it works and if there are any downsides to enabling Advanced Data Protection for iCloud.