On February 21, 2025, Apple made a decisive move that has sent ripples through both the tech community and the halls of government: it withdrew its Advanced Data Protection (ADP) service from the United Kingdom. This action effectively removes end-to-end encryption for a significant segment of iCloud data—including Photos, Notes, Messages backups, and device backups—for UK customers. Existing ADP users now face the inconvenience of manually disabling the feature during an upcoming grace period, as Apple is unable to automatically transition these accounts. While core protections remain in place for iMessage, FaceTime, Health data, and iCloud Keychain, new UK users will no longer have the option to activate ADP, marking a notable retreat in data security measures.

The roots of this dramatic change lie in a secret government order issued in January 2025 under the Investigatory Powers Act. The UK government’s demand for a backdoor to Apple’s encrypted iCloud data was unprecedented in its scope and secrecy. Issued as a “technical capability notice,” the order would have compelled Apple to create a global backdoor, granting UK security officials access to encrypted user data worldwide. This demand went far beyond standard government requests; it sought to conceal the existence of such a backdoor from users and would have set a dangerous precedent not previously witnessed in any democratic nation. Privacy advocates and security experts immediately warned that complying with such an order could severely compromise global privacy rights and data security.

Rather than succumb to these overreaching and, in our view, fundamentally undemocratic requirements, Apple chose to stand its ground. By discontinuing the ADP feature entirely in the UK market, Apple reaffirmed its commitment to robust encryption—even when facing immense governmental pressure. We believe that asking companies to build backdoors into their software is not only impractical but also an affront to the principles of privacy and security. Such mandates, which force technology providers to sacrifice user trust and privacy, should have no place in any democratic society.

The fallout from Apple’s decision has reverberated across the Atlantic as well. In the United States, the removal of ADP has sparked significant concern among lawmakers who see it as a potential threat to global privacy rights and data security. Several prominent members of Congress have condemned the UK government’s actions, and there has been vocal support for Apple’s refusal to compromise encryption standards. Senator Ron Wyden, a long-time advocate for digital privacy, described the UK’s demand as “a dangerous overreach” and called on the US government to take a firm stand against such intrusive measures. Members of the House Intelligence Committee—drawing support from both sides of the aisle—have also expressed worry about the precedent that could be set for other countries seeking similar access to encrypted data. This incident has reignited debates in Washington about the delicate balance between national security and individual privacy, with some lawmakers pushing for stronger international agreements to protect encryption technologies.

Apple’s withdrawal of ADP in the UK is more than a mere policy adjustment; it is a defining moment in the ongoing struggle between state power and individual privacy. In choosing to protect its users rather than submit to government-imposed backdoors, Apple has underscored a vital principle: the integrity of personal data should never be compromised for political expediency. As this debate unfolds on both sides of the Atlantic, it is imperative that governments respect the fundamental right to privacy and refrain from imposing draconian measures that threaten the security of digital communications worldwide.