Apple is fairly consistent in rolling out new security and privacy options for its users, and one of the latest to be pushed to the public at large is Advanced Data Protection. As the name suggests, it gives you more protection for your data—and it’s something that the majority of iPhone owners should be enabling.
The setting specifically affects data you’re syncing to Apple’s iCloud web storage service, so primarily photos, videos, notes, and anything you’ve stashed in the iCloud Drive app on your device. Turning on ADP ensures more of this data is end-to-end encrypted, which means completely locked up using some incredibly complex algorithms. Only devices you’ve authorized will be able to unlock this data, and the files will be impenetrable to everyone else (including Apple), both on your devices and in the cloud.
As long as all your Apple devices—iPhones, iPads, Macs—are running the latest software versions, you can enable ADP. Though making more of your data more secure sounds like an easy decision, there are some considerations to weigh up before you switch on this setting.
How Advanced Data Protection Works
End-to-end encryption is the gold standard for apps and data. As long as the encryption is implemented properly, it’s virtually impossible for anyone else but you to look at files protected by end-to-end encryption. That includes the companies developing your apps, governments, and law enforcement agencies. It’s a feature you should look for in all of the digital apps and services you use.
By default, Apple applies end-to-end encryption to certain types of data, including your stored passwords, everything in Safari, your health data, your payment information, everything you do in Apple Maps, and your chats with Siri. That’s all fully protected from prying eyes without you having to do anything.
ADP extends that protection pretty considerably to also cover your iCloud backups, iCloud Drive, and the information in Photos, Notes, and Reminders. Without ADP enabled, this data is still encrypted, which adds a strong layer of protection from third parties or bad actors. But Apple can still access this data and turn it over to the cops.
End-to-end encryption closes that loophole. If an Apple employee decides to go rogue, or Apple gets hacked and your files get leaked—and neither of those scenarios have happened, to our knowledge—ADP will ensure your data is still safe. It also means Apple can’t get your files back if you lose access to them: The passcodes and passwords on your Apple devices are the only route through which end-to-end encrypted data can be unlocked. Apple has a full and comprehensive explanation of iCloud’s security and privacy features.
So, do you need ADP? If you want the most complete level of security and privacy possible, then yes. Just make sure you have backup methods for recovering your account (more on this in a moment), as Apple won’t be able to help you unlock your encrypted files if your account becomes inaccessible. While the default, standard encryption Apple puts in place is already very strong, ADP covers more of your data, which is reassuring in the slim chance Apple’s data centers suffer a breach or the FBI wants to take a look at your iCloud files.
It’s also worth bearing in mind that all this extra encryption restricts iCloud access in your web browser (the web portal where you can get at your emails, photos, and so on). You can still log in to iCloud on the web, but you’ll need to confirm the connection on a trusted device (like an iPhone or Mac) every single time you log in—and you’ll need to reauthorize the link every hour while you browse your files. If you use iCloud on the web a lot, you might find life more convenient without ADP enabled.
How to Enable Advanced Data Protection
If you’re ready to enable ADP, you can do it right from your iPhone—as long as all the devices associated with your Apple ID are running the latest software, and your Apple ID has two-factor authentication switched on. (If you haven’t yet done this, you’ll find instructions on the Apple website.)
If you’re using an iPhone or an iPad, open Settings, then tap your name at the top. Choose iCloud, then Advanced Data Protection: You’ll see a screen briefly explaining how the feature works, and you can tap Turn On Advanced Data Protection to do just that. At this point you’ll be told if there are any devices connected to your Apple ID that aren’t compatible with ADP, and you’ll be given the option to “remove” them. If you do remove a device, it will no longer be linked to your Apple ID, and it won’t sync to your iCloud account, so it’s not recommended you “remove” any devices you’re still using. A better option would be to update the software on these devices to make them compatible with ADP, or replace the devices with newer versions.
On the next screen, you’ll be invited to set up new recovery methods, or review the existing recovery methods that you’ve previously put in place. This is how you’ll be able to get your data back if you ever lose access to your trusted Apple devices (through fire, theft, or whatever it is).
The two recovery methods are a 28-digit recovery key (write this down and keep this in a safe place), and a recovery contact who can help you get back into your account. If you ever need to manage these settings, you’ll find the option on the same screen as Advanced Data Protection. Once you’ve verified your account recovery methods and entered your iPhone passcode to confirm you are who you say you are, ADP will be enabled across your Apple account.
It’s easy to enable ADP from a Mac as well. Open the Apple menu, choose System Settings, then click on your name (top left) and iCloud. Select Advanced Data Protection, read the information provided, then click Turn On. You’ll be taken through the same recovery method setup process as iOS and iPadOS, if needed.
You can reverse this process and disable ADP at any time to go back to the standard level of protection. Return to the same screens on your iPhone, iPad, or Mac to turn Advanced Data Protection off. When you do, the encryption keys to access your files will once again be available to Apple, rather than just your devices.