Apple on just announced new Advanced Data Protection security features, which will add end-to-end encryption to various Apple apps. iCloud backup is one of the software services that will get end-to-end encryption by the end of the year, and you can enable the feature relatively easily.
End-to-end encryption is so important for iCloud backups because it can prevent anyone from getting your iPhone and iPad data. Apple can’t make that data available to law enforcement because it doesn’t have the keys to decrypt it. And hackers can’t break it either if Apple’s iCloud infrastructure is ever breached.
The problem with such strong encryption is that it’s a double-edged sword. End-to-end encryption will lock you out forever if you forget your password and/or security keys. That’s why enabling the feature has to be done the right way to ensure you can recover your backups later.
Apple said on Wednesday that Advanced Data Protection (end-to-end encryption) is available in the US right away to users enrolled in the Apple Beta Software Program. If you’re testing iOS 16.2 beta on the iPhone, you can enable end-to-end encryption for iCloud backups.
The feature will roll out widely once Apple releases iOS 16.2 to the public. First, US customers will get Advanced Data Protection for iCloud. The rest of the world, including China, will get it in early 2023.
Enabling end-to-end encryption for iCloud backups is more complex than tapping a toggle inside the Settings app. As The Verge points out, you’ll first have to update all your devices to the latest software versions. These have to be OS releases that support Advanced Data Protection.
Also, you’ll have to remove devices that do not support these software releases from your account. They can’t take advantage of end-to-end encryption for iCloud.
After that, you’ll need to set up Account Recovery. This critical step ensures you can recover your data if you forget the password.
Head to the Settings app, go to iCloud, and then Advanced Data Protection. Next, tap Account Recovery to set it up.
You can select a recovery contact in the process, a trusted person like a family member or friend who also owns iPhones. They’ll receive recovery codes if you ever forget your password.
There’s also the recovery key option, which lets you set up a 28-character key. It’s imperative to save that key somewhere safe. Your password manager is one such example. Or you can print it and hide it somewhere safe. Also, since the Notes app also gets end-to-end encryption, you can save it in there, but consider password-protecting the note.
After establishing your recovery procedure, you can enable end-to-end encryption for iCloud backups.
You’ll need to go to Settings again, tap iCloud, and turn on Advanced Data Protection.
That’s it. Now you can save end-to-end encrypted backups in iCloud on all your devices associated with your Apple ID. Remember, you can already save end-to-end encrypted iPhone backups locally on a Mac or PC.
To better understand why you need end-to-end encryption for your iPhone data, iCloud backups included, check out The Wall Street Journal’s interview with Craig Federighi below.