It appears that the UK government quietly completed encryption advice from government web pages just weeks after requesting backdoor access to encrypted data stored on iCloud, Apple's cloud storage service.
The change was discovered by security expert Alec Muffet. In a blog post Wednesday, AlecMuffet wrote that the UK's National Cybersecurity Centre (NCSC) does not recommend that high-risk individuals use encryption to protect sensitive information.
In October, NCSC released a document entitled “Cybersecurity Tips for Lawyers, Lawyers and Legal Professionals,” which advises the use of encryption tools such as Apple's Advanced Data Protection (ADP).
ADP allows users to turn on end-to-end encryption for iCloud backups, effectively making it impossible for anyone, including Apple and government authorities, to view data stored in ICloud.
The URL that hosts the NCSC document will be redirected to another page that does not mention encryption or ADP. Instead, we recommend that individuals at risk use Apple's lockdown mode, a “extreme” security tool that restricts access to certain features and features.
Muffet reports that the original document still accessible from the Wayback machine is “a wholesale removed from the internet.” TechCrunch was unable to find encryption advice on the UK government website.
The UK Department of Interior and the NCSC did not answer TechCrunch questions.
The removal of encryption advice comes just weeks after the UK government secretly ordered Apple to build a backdoor that will allow users to access their encrypted iCloud data.
Following the order originally reported by the Washington Post, Apple pulled out ADP functionality in the UK and confirmed with TechCrunch that new users in the UK will no longer be able to function and that the current users will eventually need to disable it.
Apple is challenging UK data access orders reported this week by the Financial Times.