How to Enable End-to-End Encryption For Your iCloud Data

BY Darryl

Published 12 Jan 2023

How to Enable End-to-End Encryption For Your iCloud Data

To strengthen users’ privacy, Apple has launched Advanced Data Protection. It enables end-to-end encryption for iCloud backups for services that earlier lacked this feature. You need to manually enable Advanced Data Protection and set up security contacts/keys. Additionally, it is only available in selected countries. Here’s how to encrypt your iCloud data using Advanced Data Protection.

Advanced Data Protection is available in iOS 16.2, iPadOS 16.2, and macOS 13.1. It will protect most of your data stored in iCloud by encrypting them. Even Apple cannot access the data let alone hackers trying to hack into the iCloud servers. However, you need to enable the feature manually. Why and how? Read along to find out. 

What is Advanced Data Protection?

Advanced Data Protection is a new security feature that enables E2E (end-to-end) encryption for Photos, Notes, iCloud Backup, etc. The support for end-to-end encryption of data has extended to several native apps and services that lacked this feature earlier. Now, a total of 23 data categories use end-to-end encryption. 

As mentioned earlier, you will have to enable Advanced Data Protection within the iCloud settings manually. It is not enabled by default, as it requires you to set up an alternative recovery method (recovery contact or recovery key). Once the feature is enabled, most of your iCloud data is E2E encrypted and can only be decrypted/accessed on trusted devices. 

Even Apple does not have access to this data, let alone hackers ever gain access to it. Also, if you forget your password, you have to rely solely on the recovery method (recovery contact or recovery key) or make peace with losing all the backed up data forever. 

Which Apple Apps and Services Support End-to-End Encryption?

Standard Data Protection is the default setting for your iCloud account. It only encrypts selected user data, and since a lot of other user data is not encrypted, law enforcement agencies and hackers could easily gain access to it. With Advanced Data Protection, Apple has added end-to-end data encryption to most of its services. Here’s a list of all the Data categories that now support end-to-end encryption.

  • iCloud Backup (including device and Messages backup)
  • iCloud Drive
  • Photos
  • Notes
  • Reminders
  • Safari Bookmarks
  • Siri Shortcuts
  • Voice Memos
  • Wallet passes
  • Passwords and Keychain
  • Health data
  • Home data
  • Messages in iCloud
  • Payment information
  • Apple Card transactions
  • Maps
  • QuickType Keyboard learned vocabulary
  • Safari
  • Screen Time
  • Siri information
  • Wi-Fi passwords
  • W1 and H1 Bluetooth keys
  • Memoji

Apple explains that iCloud Mail does not support E2E encryption because “of the need to interoperate with the global email system. All native Apple email clients support optional S/MIME for message encryption.” Also, data from Contacts and Calendars do not support end-to-end encryption as they are “built on industry standards (CalDAV and CardDAV) that do not provide built-in support for end-to-end encryption.” 

Moreover, even with Advanced Data Protection enabled, some metadata and user information stored in iCloud will remain unencrypted. To know more, refer to Apple’s blog post about iCloud data security overview.

Note that the iCloud data you share with other users is not E2E encrypted if they do not have Advanced Data Protection enabled. So if you use features like iCloud Shared Photo Library, etc., and want your shared iCloud data to remain end-to-end encrypted, inform all participating members to enable Advanced Data Protection. 

How to enable End-to-End Encryption using Advanced Data Protection

Earlier, the Advanced Data Protection feature was limited to users residing in the U.S. However, beginning with iOS 16.3, the feature is available worldwide. If you can’t find it on your iPhone or don’t have the option to enable it yet, ensure to update your iPhone to iOS 16.3 and the feature will be visible and working.  

With that said, if you meet all the requirements, follow the steps mentioned below to enable Advanced Data Protection for iCloud. 

  1. Open the Settings app on your iPhone.
  2. Tap your name (Apple ID) at the top of the screen.
  3. Navigate to the iCloud option.How to enable End-to-End Encryption using Advanced Data Protection
  4. Scroll down and select Advanced Data Protection.
  5. Tap Turn On Advanced Data Protection.
    How to enable End-to-End Encryption using Advanced Data Protection
  6. If you still need to set up an Account Recovery, you will need to do it before proceeding. So, add a recovery contact. Once done, tap the Recovery Key option and copy the 28-digit recovery key for your iCloud account.
  7. Ensure to save the recovery key securely, as that is the only solution to recover your account if you forget your iCloud password. Even Apple can’t help you recover your data.
  8. Once you’ve set up Account Recovery, head back to the Advanced Data Protection option in iCloud Settings.
  9. Follow the on-screen instructions, and complete the process. 

Note: All devices linked to your Apple ID must be running the latest OS version before you can enable E2E encryption. If you do not want to update other linked devices, you must remove them from your Apple ID. 

No More Prying Eyes 

With Advanced Data Protection, Apple is reinforcing its claims to offer the most secure operating systems and rectifying its mistakes. Now that you’re aware that even Apple won’t recover your data if you tend to forget your password, are you going to enable this feature? Let us know in the comments below. Also, check out our guide on all the new features of iOS 16.2 to get the most out of the latest update.