For security reasons, you can’t immediately enable stronger iCloud encryption from a new device.

Apple has good reason to prevent you from immediately enabling improved iCloud encryption called Advanced Data Protection on a new device.

  • What is happening? Advanced Data Protection, Apple’s advanced end-to-end encryption for iCloud, isn’t immediately enabled on a brand new device.
  • Why care? This delay actually protects your iCloud account and data.
  • What to do? Update to iOS 16.2 when it releases on December 12 or 13.

Why Enhanced iCloud Encryption Comes with a Delay

Apple has announced major security updates for iCloud, including expanding end-to-end encryption for device backups and data from apps like Photos and Notes.

The company is calling it Advanced Data Protection for iCloud, but governments are already opposing the feature as law enforcement can no longer use search warrants to force Apple to decrypt suspect data stored in iCloud.

Will Simon’s twitter shared a screenshot of the warning message that appears when trying to enable iCloud Enhanced Encryption on a brand new device.

“Because you recently added this device, you won’t be able to enable extended data protection until February 2, 2023,”it says. Other social media users chimed in, saying they saw deadlines ranging from late January to early February.

Joe Rossignol, MacRumors:

To protect users, Apple does not allow extended data protection to be enabled on a brand new device for an indefinite period of time after the device is first set up and added to the user’s Apple ID account.

“This timeout helps protect your account and data,” the tooltip notes.

Users can still turn on Advanced Data Protection on an older device they added to the same Apple ID, such as another iPhone, iPad, or Mac. In this case, all devices added to that Apple ID account are fully protected by iCloud Advanced End-to-End Encryption, including newer devices that are still pending.

According to an Apple support document, Advanced Data Protection provides end-to-end encryption for almost all categories of iCloud data, with the exception of iCloud Calendar, iCloud Contacts, and iCloud Mail, due to the need for these services to interoperate with global calendar, contacts, and email systems.

How Extended Data Protection Works

Privacy advocates love Advanced Data Protection, calling it a move in the right direction. The FBI doesn’t have much – government spies demand “lawful access by design,”which sounds like some kind of back door. When extended data protection is enabled, your encryption keys stored on Apple servers are deleted.

This makes your data unreadable to intruders even if iCloud gets compromised because the encryption keys are on your device. When Advanced Data Protection is disabled, encryption keys are again securely uploaded to Apple servers.

Enhanced Data Protection is available on iPhone, iPad, and Mac when the device is updated to iOS 16.2, iPadOS 16.2, and macOS Ventura 13.1, respectively.

The toggle in Settings → [your_name] → iCloud → Advanced Data Protection is disabled by default. When setting up Advanced Data Protection, you will need to specify at least one recovery contact or create a recovery key.

CDN CTB