Apple is finally adding a major feature to iCloud, upgrading its security to include end-to-end encryption (E2EE).
iCloud has always included strong encryption, labeled “Data Protection,” but it did not offer E2EE, meaning Apple ultimately held the key to unlocking users’ data. Apple reportedly investigated the possibility of adding E2EE years ago, but abandoned plans in response to FBI objections.
The company has now announced plans to roll out full E2EE for iCloud under its “Advanced Data Protection.”
“Apple makes the most secure mobile devices on the market. And now, we are building on that powerful foundation,” said Ivan Krstić, Apple’s head of Security Engineering and Architecture. “Advanced Data Protection is Apple’s highest level of cloud data security, giving users the choice to protect the vast majority of their most sensitive iCloud data with end-to-end encryption so that it can only be decrypted on their trusted devices.”
Advanced Data Protection is already available to Apple Beta Software Program members and will be available to all users in the US by year’s end. The feature will make its way to worldwide customers in early 2023.
Not surprisingly, the FBI is renewing its objection, saying it was “deeply concerned with the threat end-to-end and user-only-access encryption pose.”
“This hinders our ability to protect the American people from criminal acts ranging from cyber-attacks and violence against children to drug trafficking, organized crime and terrorism,” the bureau said in an emailed statement to The Washington Post. “In this age of cybersecurity and demands for ‘security by design,’ the FBI and law enforcement partners need ‘lawful access by design.’”
Despite the FBI’s concerns, many other organizations are praising Apple.
“We applaud Apple for listening to experts, child advocates, and users who want to protect their most sensitive data,” writes the Electronic Frontier Foundation. “Encryption is one of the most important tools we have for maintaining privacy and security online. That’s why we included the demand that Apple let users encrypt iCloud backups in the Fix It Already campaign that we launched in 2019.”