Skip to content
News

Advanced Data Protection for iCloud

What's Happening?

With the release of iOS 16.3 Apple will enable the Advanced Data Protection for iCloud option for all users.

Why Does it Matter?

Data stored in iCloud has previously been (effectively) stored without encryption. This means that Apple has access to that information and can provide it to third parties when legally compelled. 

Advanced Data Protection for iCloud enables encryption for iCloud data and gives control of the encryption key solely to the data owner.

What Data is Stored in iCloud?

Health data, payment data, Contacts, Calendars, Reminders, Notes, iMessage and FaceTime content, iCloud Keychain information, Home app data, Wi-Fi and cellular interactions 

What Happens if I enable ADP for iCloud?

With the exceptions of iCloud Mail, Contacts and Calendars*, your iCloud data will be encrypted using a key that only you know. It will be inaccessible to Apple or any third parties. 

What are the downsides?

You are responsible for the key used to encrypt your iCloud data. If you lose this key, recovering your iCloud data will be impossible.

What's Required to Enable ADP for iCloud?

All of your devices that connect to iCloud must be running the latest versions of their respective Apple operating systems (iOS, iPadOS, macOS, etc.). Additionally, two-factor authentication must be enabled for your Apple ID account.

How is ADP for iCloud Enabled?

Please refer to Apple's ADP for iCloud support article: https://support.apple.com/en-us/HT212520

*According to Apple, even when ADP for iCloud is turned on, there are still some features that can be stored encrypted, but with Apple still holding the decryption keys. Specifically, these are iCloud Mail, Contacts, and Calendars.

The reason, according to Apple, is because these apps and features specifically have to interact with outside and third-party email, calendaring, and contact applications. For users to be able to add their iCloud email, contacts, and calendars to — for example — Microsoft's Outlook, or some other third-party email/contacts/calendar app, the information needs to be in a form that can be understood.

Related News