Everything You Need to Know About Apple's New iCloud Encryption Feature

by

As you may have heard, Apple this week announced it's expanding end-to-end encryption to additional types of data stored in iCloud with a feature called Advanced Data Protection, including device backups, photos, messages, and more. With the new change, even more types of data stored in iCloud will be fully end-to-end encrypted, a higher level of encryption standard.

Apple advanced security Advanced Data Protection screen Feature Orange
To help MacRumors readers better understand what the new feature is, how it works, and more, we've created this short post answering some of the most-asked questions about Advanced Data Protection.

What does it do and why is it new?

Before Advanced Data Protection, Apple only encrypted certain types of user data in iCloud, such as passwords and health data. By encrypting data, only a trusted user device can access that information. Other information stored in iCloud, however, such as your photos, messages, and device backups, were not fully end-to-end encrypted meaning if Apple wanted to, it could access your information. With Advanced Data Protection, that all changes.

With Advanced Data Protection enabled for a specific iCloud account, the vast majority of data stored in the cloud will be end-to-end encrypted, meaning no one, not Apple, law enforcement, or governments can ever gain access to that information. Only a trusted device can decrypt that information.

What data will be fully end-to-end encrypted?

With Advanced Data Protection, users will have the following types of data end-to-end encrypted in iCloud alongside Health data and passwords.

  • Device Backup
  • Messages Backup
  • iCloud Drive
  • Photos
  • Reminders
  • Safari Bookmarks
  • Siri Shortcuts
  • Voice Memos
  • Wallet Passes

It's worth noting that iCloud Mail, Contacts, and Calendar will not be end-to-end encrypted as they all require the ability to connect to external sources, such as Gmail, Yahoo, etc.

Is it enabled by default, and if not, how do I enable it?

Advanced Data Protection will not be enabled by default for users. In a recent interview, Apple's senior vice president of software engineering Craig Federighi explained that Advanced Data Protection requires extra effort from the user to enable a recovery method. The extra process and responsibility that lies on the shoulders of users in case they forget their password or lose access to their account make it impractical to force every user to go through that process, Federighi explained.

Nonetheless, even if not enabled by default, it's still easy to enable. When the feature rolls out to all US users by the end of this month, depending on when you activated your device, you'll be able to go into Settings, iCloud, and Advanced Data Protection, enable it and follow the on-screen prompts.

Can I use it now?

Not yet. Advanced Data Protection will roll out to all US users by the end of this month, and Apple says it will launch globally in early 2023. Specific dates for a global rollout are unknown.

Is it free?

Yes, it's free. Advanced Data Protection is an additional layer of protection offered to anyone with an iCloud account, at no extra charge.

What has the reaction been?

As expected, the reaction from users has been positive. With Advanced Data Protection, user data will stay more secure and private. Privacy groups have also praised the decision by Apple, calling it a "victory for user privacy." On the flip side, governments don't seem especially thrilled about the new option given to users.

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Rumored to Use Same Rear Chassis as iPhone 16

Friday July 19, 2024 7:16 am PDT by
Apple will adopt the same rear chassis manufacturing process for the iPhone SE 4 that it is using for the upcoming standard iPhone 16, claims a new rumor coming out of China. According to the Weibo-based leaker "Fixed Focus Digital," the backplate manufacturing process for the iPhone SE 4 is "exactly the same" as the standard model in Apple's upcoming iPhone 16 lineup, which is expected to...
Read Full Article132 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Just Two Months Away: Everything We Know

Monday July 15, 2024 4:44 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article129 comments
iphone 14 lineup

Cellebrite Unable to Unlock iPhones on iOS 17.4 or Later, Leak Reveals

Thursday July 18, 2024 4:18 am PDT by
Israel-based mobile forensics company Cellebrite is unable to unlock iPhones running iOS 17.4 or later, according to leaked documents verified by 404 Media. The documents provide a rare glimpse into the capabilities of the company's mobile forensics tools and highlight the ongoing security improvements in Apple's latest devices. The leaked "Cellebrite iOS Support Matrix" obtained by 404 Media...
Read Full Article66 comments
tinypod apple watch

TinyPod Turns Your Apple Watch Into an iPod

Wednesday July 17, 2024 3:18 pm PDT by
If you have an old Apple Watch and you're not sure what to do with it, a new product called TinyPod might be the answer. Priced at $79, the TinyPod is a silicone case with a built-in scroll wheel that houses the Apple Watch chassis. When an Apple Watch is placed inside the TinyPod, the click wheel on the case is able to be used to scroll through the Apple Watch interface. The feature works...
Read Full Article133 comments
bsod

Crowdstrike Says Global IT Outage Impacting Windows PCs, But Mac and Linux Hosts Not Affected

Friday July 19, 2024 3:12 am PDT by
A widespread system failure is currently affecting numerous Windows devices globally, causing critical boot failures across various industries, including banks, rail networks, airlines, retailers, broadcasters, healthcare, and many more sectors. The issue, manifesting as a Blue Screen of Death (BSOD), is preventing computers from starting up properly and forcing them into continuous recovery...
Read Full Article474 comments
New MacBook Pros Launching Tomorrow With These 4 New Features 2

M5 MacBook Models to Use New Compact Camera Module in 2025

Wednesday July 17, 2024 2:58 am PDT by
Apple in 2025 will take on a new compact camera module (CCM) supplier for future MacBook models powered by its next-generation M5 chip, according to Apple analyst Ming-Chi Kuo. Writing in his latest investor note on unny-opticals-2025-business-momentum-to-benefit-509819818c2a">Medium, Kuo said Apple will turn to Sunny Optical for the CCM in its M5 MacBooks. The Chinese optical lens company...
Read Full Article112 comments

Top Rated Comments

zorinlynx Avatar
zorinlynx
21 months ago
Generally when the people like something and governments are upset about it, it's a good thing. :)
Score: 35 Votes (Like | Disagree)
poorcody Avatar
poorcody
21 months ago
I for one would like to store information in Notes that I would not want a hacker to ever access, so this is a very positive development for me.
Score: 14 Votes (Like | Disagree)
DEMinSoCAL Avatar
DEMinSoCAL
21 months ago

Apple is waiting for the FBI to ramp up their servers for the Apple<->FBI APIs. Apple never said the government could not access the keys.
Yesterday's article ('https://www.macrumors.com/2022/12/07/apple-advanced-data-protection/') says that "Not even Apple has access to the encryption keys".
Score: 9 Votes (Like | Disagree)
centauratlas Avatar
centauratlas
21 months ago

What about Notes? Are Notes not included in the advanced protection?
Notes are supposed to be included.

"

* Advanced Data Protection for iCloud ('https://support.apple.com/en-us/HT202303#advanced') is an optional setting that offers our highest level of cloud data security. If you choose to enable Advanced Data Protection, your trusted devices retain sole access to the encryption keys for the majority of your iCloud data, thereby protecting it using end-to-end encryption. Additional data protected includes iCloud Backup, Photos, Notes, and more.

."
https://support.apple.com/en-us/HT202303
Score: 8 Votes (Like | Disagree)
centauratlas Avatar
centauratlas
21 months ago

Which is a lie because in the security document iCould Security Overview ('https://support.apple.com/en-us/HT202303') it says
"You can turn off Advanced Data Protection at any time. Your device will securely upload the required encryption keys to Apple servers, and your account will once again use standard data protection."
Maybe it should say, "Not even Apple has access to the encryption keys unless you tell your phone to give them to Apple by turning ADP off".
Score: 8 Votes (Like | Disagree)
centauratlas Avatar
centauratlas
21 months ago

How so, the keys are sent to Apple so yes they do have access to them. The code exists in the device, the process exists in the device and at Apple, only the claim that it only happens when the user does something. How do you know that there are not other ways to make this happen. Or how do you know that there is not other code that sends the keys directly to the government when requested. No one knows, this is why proprietary security is dangerous.
The keys have to exist on any device as part of the process of encryption and decryption as I am sure you know.

You are right though, there is no guarantee that they are not being uploaded in the background. Opening sourcing the code is one option. Having people monitor the network is another option to see what is going on. Of course if they aren't targeting you right then, you never know what could be sent when.

Of course, one doesn't know if TSMC has inserted a back door into the chipsets without Apple's knowledge at the behest of <name the adversary: CCP, CIA, FBI, MVD etc> or via bribe to employee(s). Or if Motorola etc has in the network chips. Or if the display manufacturer's processor can detect the word "key" on the screen and then send via some backdoor a screenshot.

There are a ton of attack vectors, whether to trust Apple here is a personal choice.

It is certainly better than before. :)
Score: 7 Votes (Like | Disagree)
Read All Comments