How To End-To-End Encrypt iCloud Backups With Advanced Data Protection

Apple’s latest privacy feature lets you keep your iCloud backups as secure as possible.

With the release of iOS 16.2, Apple added a major new privacy and security feature to the company’s cloud services known as iCloud. That feature is called Advanced Data Protection, and it allows users to finally end-to-end encrypt their iCloud backups – and many other types of data stored in their iCloud account.

Here’s what you need to know about Advanced Data Protection…

• Save

Encryption Versus End-To-End Encryption

Many people are lulled into a false sense of security when they hear their cloud data is encrypted. That’s because many people don’t realize that encryption and end-to-end encryption are no the same thing.

Both encryption and end-to-end encryption secure a user’s data by making it unreadable unless you have a key – most usually a password. Entering the password will decrypt both encrypted and end-to-end encrypted data.

Nearly every major app, website and financial service encrypts a user’s data (and if they don’t: backup your data, then delete your data and then delete your account). But few apps, websites and services end-to-end encrypt user data.

So what’s the difference? If a service merely encrypts your data, that service holds the key to decrypting it (you also hold a copy of the key). That means the service provider can decrypt and read your data any time they want – or lets a government do so. And if a hacker gets a hold of the key, they can read all your data, too.

End-to-end encryption means ONLY the user holds the key. That means that only the user can decrypt their own data. Even the service provider cannot decrypt a user’s data – even if they are given a warrant to do so. This is why the gold standard in privacy and security is end-to-end encryption.

End-To-End Encryption Comes To iCloud Backups With Advanced Data Protection

Most iCloud data has always been encrypted. But remember – that means that Apple held a copy of the key, too, and could turn your data over to governments with a valid court order. Some iCloud data, of course, was always end-to-end encrypted, including Health app data and passwords. However, most iCloud data was merely encrypted – including your iPhone device backups – which risked exposing your messages backups and tons of other iPhone data.

But with iOS 16.2, Apple introduced Advanced Data Protection. This opt-in feature allows you to choose to end-to-end encrypt nearly all of your iCloud data so not even Apple can access it. This includes all your iCloud Photos, Notes, iCloud Drive files, Messages backups, Safari bookmarks, Voice Memos, Wallet passes, and iPad and iPhone device backups.

This is a HUGE MASSIVE IMPROVEMENT in Apple security and privacy. And Apple should be lauded for letting users choose the level of privacy and security they want for their data.

Advanced Data Protection Comes With Risks

However, if you choose to enable Advanced Data Protection on your iCloud account, know that if you forget your password to your iCloud account, you will be permanently locked out of your data. Not even Apple can recover data from an iCloud account that uses Advanced Data Protection – and that’s kind of the point of it to begin with.

The risk of losing your iCloud data if you forget your password and Advanced Data Protection is enabled is why Apple requires you to set up either recovery codes or recovery contacts so you can get access to your iCloud data if you should forget your password.

Advanced Data Protection: Requirements

Before you can set up Advanced Data Protection, you need to make sure your Apple devices have the following requirements. All Apple devices associated with the iCloud account must have their respective minimum requirements met. Those are:

• iPhones must be running iOS 16.2 or later
• iPads must be running iPadOS 16.2 or later
• Macs must be running macOS 13.1 or later
• Apple Watches must be running watchOS 9.2 or later
• Apple TVs must be running tvOS 16.2 or later
• HomePods must be running software version 16.2 or later
• Windows computers must be running iCloud for Windows 14.1 or later

Additionally, you must have:

• An Apple ID with two-factor authentication enabled.
• A passcode set up on your iPhone or iPad.
• A recovery contact or recovery key associated with your iCloud account.

How To Turn On Advanced Data Protection On iPhone Or iPad

You only need to turn on Advanced Data Protection on one of your devices signed into your iCloud account. Which device you choose – iPhone, iPad, or Mac – is up to you.

Here’s how to enable Advanced Data Protection on your iPhone or iPad:

And that’s it! Advanced Data Protection will now be enabled on your iCloud account.

How To Turn On Advanced Data Protection On Mac

Here’s how to enable Advanced Data Protection on your Mac:

And that’s it! Advanced Data Protection will now be enabled on your iCloud account.

And check out the software Apple is expected to introduce in 2023!

• Save

Michael Grothaus

Apple expert and novelist, Michael Grothaus has been covering tech on KnowYourMobile for the best part of 10 years. Prior to this, he worked at Apple. And before that, he was a film journalist. Michael is a published author; his book Epiphany Jones was voted as one of the best novels about Hollywood by Entertainment Weekly. Michael is also a writer at other publications including VICE and Fast Company.