Apple launched Advanced Data Protection, an optional end-to-end encryption feature preventing data from iCloud from being decrypted on an “untrusted” device.
Advanced Data Protection should keep an iCloud account’s data private even in the unlikely event that Apple is hacked. The Wall Street Journal notes that the feature also blocks Apple from viewing iCloud phone backups in response to law enforcement requests.
Advanced Data Protection is now available for Apple Beta Software Program members in the United States. It will be available to all US users by the end of the year, with the rest of the world following in 2023.
Apple was able to see your backups
The feature makes the trusted devices of iCloud users the only way to access encryption keys for most of their data. Once activated, Apple servers cannot adjust iCloud preferences on behalf of users or access files saved in iCloud backups, Photos, Notes and CloudKit fields marked as encrypted by third-party developers.
Without Advanced Data Protection, iCloud customers can’t prevent Apple from accessing data in device backups, including messages and contacts.
in 2016, Apple fought a legal battle with the FBI over the encrypted iPhone data of the perpetrator of a terrorist attack in San Bernardino, California. The FBI sought to force Apple to unlock a secured iPhone through the courts. Apple said the FBI could access what it needed from its unencrypted iCloud backup servers.
Times have changed
To use Advanced Data Protection, users must enable two-factor authentication for their Apple ID, set a password or passcode on their devices, and then upgrade those devices to the most recent software (iOS 16.2, iPadOS 16.2, macOS 13.1, tvOS 16.2, watchOS 9.2 and the latest version of iCloud for Windows).
Advanced Data Protection currently does not support managed child accounts and Apple IDs. It’s worth mentioning that the consequence of failing to configure an Advanced Data Protection recovery option is severe. If the recovery fails — for example, due to a recovery device or email being inaccessible — all encrypted iCloud data will be lost.