Apple user accuses UK government of “dictator style approach” after iCloud Security function ADP withdrawn

The removal of a “shield” that protects Apple users against data breaches is a “drastic move” one user claims, while asking the Government to rethink its “dictator” style approach. Mark Baker says disabling Apple's iCloud Security function known as Advanced Data Protection (ADP) has “repurposed this shield into a weapon against individual privacy” and has launched a petition to reverse the decision.

Mark is not alone in his thinking. When it emerged on Friday (February 21) that the government’s push for data access had led to Apple withdrawing the security tool, experts also claimed it made users “less secure.”

The tech giant said it was withdrawing the opt-in ADP feature after the Government made a request under the Investigatory Powers Act to gain blanket access to that data. Apple has previously said it would never build a “backdoor” to get around its end-to-end encryption as this could also be exploited by bad actors.

Cybersecurity experts criticised the Government’s approach, saying the tech giant has taken the “obvious option” of impacting UK users rather than making its data security tools weaker globally. Encryption expert Matthew Hodgson, chief executive of secure communications firm Element, said Apple’s decision to remove ADP was because it did not want to create a “master key” which could be used to break its encryption tools.

“This is a serious wake up call for the UK government and its never-ending quest to undermine end-to-end encryption. Apple is way more committed to privacy than it is to the UK, and rightly so,” he said.

“Essentially, the Government asked for a master key to be able to look into anyone’s phone back-up – with entry being allowed on the basis of a warrant. This means that if an attacker were to somehow get access to this ‘master key’ they would suddenly have access to every iCloud back-up.”

Speaking to Sky News, Professor Alan Woodward, visiting professor of computing at the University of Surrey, said: “Apple is sending a very strong message here, which is that, if you want to do this for your people, then reluctantly, and with great disappointment, we will do it, but we’re certainly not going to do it globally. So actually, the only thing that the UK government has achieved in all of this is to disadvantage UK users.”

Professor Oli Buckley, a professor in cybersecurity at Loughborough University, said: “There is still encryption on Apple devices, things like iMessage and other on-device data encryption still exist, but now data specifically stored in iCloud (which has a huge number of users) will be accessible to Apple and potentially government agencies through legal requests,” he said.

Meanwhile, Dray Agha, senior manager of security operations at cybersecurity firm Huntress, said the decision to “weaken” encryption would also leave users more at risk from hackers. “Weakening encryption not only makes UK users more vulnerable to cyber threats but also sets a dangerous precedent for global privacy,” he said.

Mark’s petition, Restore Apple’s Advanced Data Protection for UK Customers, reflects these concerns about data security. He said: “I am a concerned Apple customer in the UK, raising my voice against the latest troubling development from our government: disabling Apple's iCloud Security function known as Advanced Data Protection (ADP).

“ADP is not simply an add-on feature to Apple devices, but a vital layer of security that fully encrypts users' data end-to-end on the cloud. It is a shield that protects against data breaches, securing the private, intimate, and crucial data of countless users.

“This drastic government move, driven by a misguided interpretation of safeguarding interests, has repurposed this shield into a weapon against individual privacy. It risks the data of every single person with an Apple device in the UK - their contacts, family photos, private conversations, financial information, all left vulnerable to potential hackers.”

Having received more than 1,500 signatures so far, Mark has also used the petition to make a plea to UK leaders, saying: “I am calling on the UK Government to rethink its DICTATOR style approach to everything and start acting like elected officials and not power mad dictators.”

Despite the backlash, a number of online safety charities, as well as police and security services around the world long warned of the dangers of end-to-end encrypted services, arguing that they allow offenders such as terrorists and child abusers to hide more easily. Rani Govender, policy manager for child safety online at the NSPCC, said this was an opportunity for Apple and other firms to consider other ways of protecting users, particularly children.

“We know that end-to-end encryption allows offenders to groom and manipulate children and build communities where they can share vile child sexual abuse material without detection,” she said. “As Apple change their approach to encryption on their services, they must take this opportunity to ensure that they are considering other measures they can put in place to better protect children.

“All tech companies should be finding ways to tackle online risks to children whilst upholding privacy of their users, and Ofcom and Government should hold them accountable for doing so.”