UK agrees to drop its Apple encryption backdoor request – but digital rights experts aren't ready to celebrate

• The UK has agreed to drop its request for an encryption backdoor into Apple's iCloud, according to the US Director of National Intelligence
• The power to undermine encryption, however, remains in the UK law under the Investigatory Powers Act
• Apple killed iCloud's end-to-end encryption feature in the UK in February, and then challenged the order in Court

The UK has agreed to back down on its request to create an encryption backdoor into Apple's iCloud system for authorities to access.

The US Director of National Intelligence, Tulsi Gabbard, confirmed the UK U-turn in a post on X on Monday, August 18, 2025, adding that such a backdoor "would have enabled access to the protected encrypted data of American citizens and encroached on our civil liberties."

While welcoming the decision, digital rights experts aren't quite ready to call it a victory. The power to undermine encryption remains in the UK law, fueling calls for an amendment.

UK's U-turn on iCloud's backdoor

Apple killed its iCloud's end-to-end encryption feature in the UK in February after it was hit by a Technical Capability Notice (TCN) under the 2016 Investigatory Powers Act, instead of creating the requested backdoor. The Big Tech giant has challenged this request in Court since April.

US officials, including Vice President JD Vance, have reportedly strongly opposed the UK order, warning against "systemic vulnerabilities" that such a backdoor could create.

While not a default feature, once enabled, Apple's Advanced Data Protection (ADP) provides an extra layer of protection across all iCloud-stored data by using end-to-end encryption technology, meaning not even Apple can access the files. It's an extra measure of protection that Brits have been unable to use for months.

A UK government spokesperson told Reuters that both countries have worked together to tackle security threats and ensure citizens' privacy remains protected.

Apple has yet to share more details on how and when ADP is set to be reintroduced for UK users.

"A welcome step"

US officials were far from the only party concerned about the negative impact that a backdoor into Apple's advanced encryption could have had on people's privacy and security.

Over 100 internet leaders, academics, organizations, and companies also raised the alarm only a few days after authorities issued the encryption backdoor order.

Encryption is a technology responsible for preventing unauthorized access to user data. Specifically, the best VPN and secure messaging apps use end-to-end encryption to ensure online communications remain private between the sender and the receiver. A level of protection that is increasingly becoming crucial as major cyberattacks like the Salt Typhoon attack are now the norm.

That's why digital rights groups have welcomed the UK's decision to back down on Apple's encryption backdoor request.

In a post on X, the Interim Director of Big Brother Watch, Rebecca Vincent, said: "This is a welcome step towards protecting the privacy of millions of users in the UK."

That said, the power to issue similar encryption backdoor orders still remains a possibility in the UK law under the Investigatory Powers Act.

This is why, according to experts, an amendment to these powers is what should come next.

"We repeat our call on the Home Office to drop its use of Technical Capability Notices (TCNs) seeking to break encryption, which represents a serious threat to our ability to communicate privately," said again Vincent, arguing that the Investigatory Powers Act " is unfit for purpose and should be amended to protect privacy rights without delay."

You might also like

• The Online Safety Act isn't just about age verification – end-to-end encryption is also at risk
• "A war against online anonymity" – why Switzerland wants to change its surveillance law and what's at stake
• UK government guidelines remove encryption advice following Apple backdoor spat