A warning has been issued to iPhone and iPad users after the US giant announced it will scrap encryption in the UK.
Encryption is a form of protecting data which secures it from being accessed by anyone other than the sender and recipient and is used on data stored in the iCloud on all iPhones and iPads.
Apple today announced it will remove its highest level data security tool for iCloud in the UK following pressure from the UK government to give it access to its users’ encrypted data.
Instead of allowing the government to access encrypted files, it has instead removed encryption in the UK altogether.
It means Apple users will have to disable Advanced Data Protection on iCloud data if they are based in the UK. iCloud is used by both iPhone and iPad devices to store data such as photos, videos and other documents online instead of using up local storage on the device and is not currently available on Android based phones such as Samsung or Google handsets.
Now tech experts are warning that the move leaves UK Apple users more vulnerable to cyber threats.
Reports earlier this month said the Home Office had issued an order asking for access to encrypted files stored in the cloud.
In response, the tech giant has now confirmed it is removing a tool called Advanced Data Protection (ADP) from use in the UK, which had meant only account holders could view files as they were end-to-end encrypted.
The iPhone maker has confirmed that it was withdrawing the tool from use in the UK, turning it off as an option for those not already using it, and will introduce a process to move existing users away from it.
In a statement, the tech giant said: “Apple can no longer offer Advanced Data Protection (ADP) in the United Kingdom to new users and current UK users will eventually need to disable this security feature.
“ADP protects iCloud data with end-to-end encryption, which means the data can only be decrypted by the user who owns it, and only on their trusted devices.
“We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy.
“Enhancing the security of cloud storage with end-to-end encryption is more urgent than ever before. Apple remains committed to offering our users the highest level of security for their personal data and are hopeful that we will be able to do so in the future in the United Kingdom.
“As we have said many times before, we have never built a backdoor or master key to any of our products or services and we never will.”
The tech giant added that 14 types of data that can be stored on its iCloud service will still be end-to-end encrypted, including health data, and communication tools such as iMessage and FaceTime remain encrypted globally, including in the UK.
Apple’s decision to remove its highest level data security tool for users in the UK will make them “more vulnerable to cyber threats”, one expert has said.
Dray Agha, senior manager of security operations at cybersecurity firm Huntress said: “Apple’s decision to pull Advanced Data Protection in the UK is a direct response to increasing Government demands for access to encrypted user data.
“Weakening encryption not only makes UK users more vulnerable to cyber threats but also sets a dangerous precedent for global privacy.
“Governments argue this helps law enforcement, but history shows that any backdoor created for one party can eventually be exploited by bad actors.
“The broader concern is that this move could pressure other companies to weaken their security, putting personal data worldwide at greater risk.”