Apple Inc. has disabled Advanced Data Protection for U.K. users following a reported request from the government to build a backdoor into the feature. 

The company made the encryption tool inaccessible today at 3 p.m. local time. Customers who activated Advanced Data Protection, or ADP, earlier can continue using it for now. However, they will have to disable the feature in the future to retain access to their iCloud accounts. 

Earlier this month, the Washington Post reported that the U.K. government had ordered Apple to implement a backdoor in ADP, which customers use to encrypt their iCloud files. The paper cited sources as saying that such a backdoor would enable authorities to access the data of Apple users in not only the U.K. but also other markets. Earlier, the iPhone maker stated that it would rather pull its services from U.K. devices than add a backdoor. 

“Apple remains committed to offering our users the highest level of security for their personal data,” a company spokesperson told The Verge today. “As we have said many times before, we have never built a backdoor or master key to any of our products or services and we never will.”

Under a 2016 U.K. law called the Investigatory Powers Act, the government can compel companies to help it gather evidence. Such orders are delivered in the form of a document called a technical capability notice. Last month, Apple reportedly received a technical capability notice that ordered it to implement a backdoor in ADP.

By default, iCloud encrypts most user data with an Apple-managed encryption key. This means that the company can in theory decrypt customers’ files, such as if it’s ordered to do so by law enforcement officials. The fact that Apple manages the encryption key also allows it to recover users’ iCloud files if they forget their passwords.

The cloud storage service protects credit card numbers, healthcare information and certain other records using a different technology called end-to-end encryption. The technology is powered by encryption keys that are not controlled by Apple but rather stored on the user’s device. This means the company has no way of decrypting customer data.

Apple’s ADP feature gives users the option to extend end-to-end encryption to most of their iCloud files, as well as those files’ backups. The backdoor reportedly requested by the U.K. would have enabled authorities to decrypt those files. Apple would not have been allowed to notify customers about the backdoor. 

Although ADP is no longer available to U.K. users, iCloud still applies end-to-end encryption to certain types of data. That includes payment card details and information collected by Apple’s Health app. 

The company stated that it “remains committed to offering our users the highest level of security for their personal data and are hopeful that we will be able to do so in the future in the United Kingdom.”

Photo: Unsplash