If you own an iPhone, you might already have an iCloud account for your file storage needs. And if you don’t, you should; regular online backups make it much easier to restore your data if your phone is lost or stolen. By default, all of your iCloud data is encrypted, and file transmissions are secure without you having to do anything.
However, if you want even stronger security, you should consider enabling Advanced Data Protection to ensure that no one — not even Apple — can access your data.
What is Advanced Data Protection?
Advanced Data Protection was introduced in iOS 16.2 back in December 2022. Instead of the aforementioned standard data protection that all iPhones have by default, Advanced Data Protection ensures that more of your data is encrypted end-to-end. This means that only the devices you’ve entrusted can access that information. With standard data protection, Apple could still access and unscramble the information, potentially providing it to enforcement agencies if compelled. However, even Apple can’t access that content with Advanced Data Protection. The additional protection also protects your data if there’s a data breach in the cloud.
Of note, this feature is not currently available in the UK due to an order from the country’s Home Office. Many of Apple’s services are still end-to-end encrypted by default, but attempting to enable Advanced Data Protection from the UK will instead lead to a message that informs how it’s not currently available.
When enabled, Advanced Data Protection will cover your iCloud backups, which includes your photos, messages, notes, reminders, voice memos, wallet passes and device backups. It’s worth noting, however, that Advanced Data Protection doesn’t apply to all iCloud data. iCloud Mail, Contacts, Calendar aren’t end-to-end encrypted because they need to interoperate. Also, certain data like passwords, your Health data and Apple Card transactions are already end-to-end encrypted without enabling Advanced Data Protection. You can check this Apple support document for a more detailed list of what’s covered.
However, the potential downside of enabling Advanced Data Protection is that if you lose access to your account, Apple will not have the encryption keys required to help you recover it. Be sure to have a recovery contact or personal recovery key in case this happens — you’ll be guided to create these recovery methods when you enable Advanced Data Protection.
How to turn on Advanced Data Protection on your iPhone
First, you’ll need an iPhone with iOS 16.2 or later and an Apple account with two-factor authentication. To enable this on your iPhone, go to the Settings app, tap your name, then Sign-In & Security and then Turn On Two-Factor Authentication. You’ll then proceed with the on-screen instructions.
To enable Advanced Data Protection, you’ll open the Settings app again, tap your name, tap iCloud and then scroll down until you see Advanced Data Protection.
The Advanced Data Protection option appears in the iCloud settings.
Tap that, and then turn the Advanced Data Protection option on. From there, the phone will guide you in creating two recovery methods: a 28-digit recovery key that you should write down and keep in a safe place or a recovery contact who can assist you in getting your account back.
The menu for setting up the Account Recovery Contact feature.
If choosing a recovery contact, this should be a trusted friend or family member with an Apple account. Apple notes on its support page that the recovery contact won’t otherwise get access to your account but will receive a code if you need help gaining access.
Enabling Advanced Data Protection will cover your entire Apple account, including other devices like your iPad and Mac. If some of these devices aren’t compatible, you can choose to remove them from your account, but that means they will no longer sync with your iCloud account. It’s best to update or replace these devices so they will be compatible.
