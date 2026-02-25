Last month, FBI agents raided the home of Washington Post reporter Hannah Natanson with a search warrant as part of an investigation into a Pentagon contractor accused of leaking classified information. They seized her iPhone, two MacBook Pro laptops, and a Garmin watch (source: https://arstechnica.com/tech-policy/2026/02/fbi-stymied-by-apples-lockdown-mode-after-seizing-journalists-iphone/).

According to court filings, the FBI “could not extract” data from the reporter’s iPhone because she had Apple’s Lockdown Mode turned on.

The FBI was able to access her MacBook Pro, though. The reason is that the search warrant authorized them to use her biometrics (like fingerprints) to unlock devices. They just had her press her finger on the MacBook’s fingerprint reader, and they were in. However, because the iPhone was in Lockdown Mode, it required a passcode for access, so the fingerprint wasn’t enough.

I bring this up because it is a representative example of the effectiveness of Apple’s privacy and security features, and how they can be very effective, and accidentally defeated based on settings.

Apple has a privacy and security advantage.

Apple has consistently refused to build backdoors into its devices for law enforcement. Apple also builds features that enhance privacy and security. Two features every Apple user should know about: Advanced Data Protection and Lockdown Mode.

Feature #1: Advanced Data Protection (Everyone Should Turn This On)

Advanced Data Protection (https://support.apple.com/en-us/108756) enables end-to-end (E2E) encryption for your iCloud data. This is Apple's most important privacy feature, and most people don’t have it turned on. I posted about this in early 2025, and it’s important enough to revisit.

When your data is E2E encrypted, only you can access it. Not Apple, not Apple employees, not law enforcement, not anyone who might hack Apple’s servers. Only someone with access to your account and your recovery methods can decrypt your data. This is different from Google Drive and Google Photos. Any files you save in Google Drive can be decrypted and accessed by Google. Although encrypted, they are not end-to-end encrypted.

Without Advanced Data Protection enabled, your iCloud data is encrypted, but Apple retains the encryption keys. This means Apple can decrypt and examine your data, and it has the legal authority to do so under its terms of service (just like Google does). Apple’s ToS allows them to access your data for security reasons or to comply with legal requests from government agencies.

With Advanced Data Protection turned on, most of your data becomes E2E encrypted, including the most sensitive files that most people have:

Photos

iCloud Backup (device backups)

iCloud Drive (files)

Notes

Messages

You have to turn it on. This encryption is not enabled by default.

Important note: Google does not offer an equivalent feature. If you use Google and Android, you don’t have this option. This is one of the biggest reasons I recommend Apple products over Google for anyone who takes their privacy seriously.

How to Turn On Advanced Data Protection

Go to your iCloud settings:

Open the Settings. Tap your name, then tap iCloud. Scroll down, tap Advanced Data Protection, then tap Turn on Advanced Data Protection. Follow the on-screen instructions to set up your recovery methods and enable the feature.

Before you turn it on, Apple will ask you to set up at least one recovery method (a recovery contact or a recovery key). This is because once E2E encryption is on, Apple can’t help you recover your data if you lose access to your account. Save your recovery key in your password manager.

Feature #2: Lockdown Mode (For Higher-Risk Individuals or Situations)

Lockdown Mode is the feature that stopped access in the case referenced earlier. It’s a more extreme security setting that dramatically limits how your device operates, eliminating potential attack paths.

Apple describes Lockdown Mode as “optional, extreme protection that’s designed for the very few individuals who, because of who they are or what they do, might be personally targeted by some of the most sophisticated digital threats.”

What Lockdown Mode does:

When you turn on Lockdown Mode, your iPhone locks down in several ways (more info here https://support.apple.com/en-us/105120):

Messages: Most attachment types are blocked. Links and link previews are unavailable. You’ll still get plain text messages, but the risky stuff that hackers use to deliver spyware is blocked.

FaceTime: Incoming calls are blocked from anyone you haven’t called in the past 30 days.

Web browsing: Some complex web technologies are disabled in Safari, which means some websites might look different or not work properly. This closes off attack paths that sophisticated spyware uses.

Photos: Location data is stripped from shared photos. Shared albums are removed.

Device connections: Your iPhone must be unlocked to connect to accessories or computers. This is a big deal because forensic extraction tools used by law enforcement often work through wired connections while the phone is locked.

Configuration profiles: New profiles can’t be installed, and the device can’t be enrolled in mobile device management. This prevents attackers from installing malicious profiles.

Who should use Lockdown Mode?

Lockdown Mode is probably not for everyone because it makes your phone less convenient to use. Some apps might not work correctly, some websites will look different, and you’ll lose some functionality.

I would recommend considering Lockdown Mode if you are:

A journalist (especially one working with sensitive sources or stories)

An activist or human rights worker

A lawyer handling sensitive cases

A government employee with access to classified or sensitive information

Someone in a high-profile or public-facing role where you might be targeted

Someone who might be speaking out publicly against the current administration (ICE has been sending administrative subpoenas, which don’t require a judge to try and identify people who are speaking up against ICE, source: https://www.yahoo.com/news/articles/homeland-security-subpoenas-databases-protesters-140430251.html)

Anyone traveling to high-risk countries where their device could be targeted

Someone who has received an Apple threat notification warning of targeted spyware

When going to high-risk locations or high-risk activities (i.e., protesting)

How to Turn On Lockdown Mode

On iPhone or iPad:

Open the Settings App. Tap Privacy & Security. Scroll down and tap Lockdown Mode. Tap Turn On Lockdown Mode, review the restrictions, then confirm. Your device will restart. Enter your passcode (not FaceID or fingerprint) to complete activation.

On Mac:

Choose Apple menu > System Settings. Click Privacy & Security. Scroll down, click Lockdown Mode, then click Turn On.

Apple recommends turning on Lockdown Mode across all your Apple devices for consistent protection: if you turn it on on your computer, turn it on on your phone too, and vice versa.

Biometrics work, but can be a weak link, depending on the situation.

The story above highlights another important lesson. The FBI wasn’t able to compel her to give up her passcodes. But the warrant authorized them to use her biometrics (fingerprints and facial recognition) to unlock her devices, and they successfully unlocked her MacBook Pro.

If you are in a custodial situation, meaning someone has control over you, they could use your face or biometrics against your will. But they can’t force you to tell them your passcode or password in the same way.

What this means for you: If you’re in a situation where you’re concerned about someone compelling you to unlock your device, which I generally define as a custodial situation, consider turning off biometric unlock (Face ID or Touch ID) and relying on your passcode only. One example of such a situation is crossing a border (or going through customs). I have a post on this (https://onlinesafety.substack.com/p/protect-yourself-at-border-crossings). Another would be if you are attending a protest and are concerned about being detained.

The easiest way to disable biometrics is to turn your device off (this works on iPhone and Android). When it turns back on, your device requires a passcode.

Summary

Here’s what I recommend for every Apple user:

Turn on Advanced Data Protection for iCloud right now. There’s almost no downside, and it ensures only you can access your most sensitive data. This is the single most important thing Apple users can do to protect their privacy. If you’re in a higher-risk category or situation, turn on Lockdown Mode. Yes, it limits some functionality, but it works and provides more protection. To quickly disable biometrics on your device, turn your phone off. If you use Android and rely on Google for file or photo storage, consider switching to Apple. Google does not offer end-to-end encryption for your cloud-synced data, unlike Apple. This is the number one reason to prefer Apple products from a privacy perspective.

