The feature, called Advanced Data Protection, will prevent Apple from seeing the contents of some of the most sensitive user data stored on its servers, and will make it impossible for Apple to provide the content of an encrypted backup to law enforcement.
Encrypted backups will be opt-in, according to Apple, and will be available in the U.S. before the end of the year.
While Apple has previously encrypted a lot of data it stores on servers, entire device backups that included text messages, contacts, and other important data were not encrypted.
It could upset law enforcement, which has used Apple’s policy of not encrypting backups as a way to obtain materials in investigations even though Apple’s iMessage and devices are encrypted.
Apple famously fought the FBI’s attempt to force it through the courts to unlock an encrypted iPhone used by a terrorist in San Bernardino. At the time, Apple said that an unencrypted iCloud backup on its servers was an option to get the same data.
Law enforcement officials around the world generally oppose encryption because it allows suspects to “go dark,” and denies law enforcement access to potential evidence they could previously access under lower levels of security.
Apple also announced two other security features on Wednesday. Users will soon be able to use a physical key as second-factor protection for Apple ID logins. Another update allows users facing significant security threats to confirm that text messages aren’t being intercepted.
Last year, in an apparent effort to appease law enforcement, Apple announced a system to scan for illegal content such as child sexual abuse materials using a complicated system that would still allow Apple to encrypt user photos on its servers. The system was opposed by privacy advocates who said that it would essentially allow Apple to scan people’s hard drives.
The development of the system has been stopped, according to the Wall Street Journal.