Apple has added iCloud Data Recovery Service to iOS 15/iPadOS 15 and macOS 12 Monterey. They mark this as an important new feature to help you if you lose access to devices connected to your Apple ID account and don’t want to lose all your data synced to iCloud and your access to your Apple ID account. Designate trusted contacts—friends, family, colleagues, lawyers, whoever—and you can turn to them to activate a worst-case backup plan.
However, the service has an important limitation: it can only restore data that has been synced in a way that is directly accessible from iCloud.com. You can see how in Apple’s iCloud data security overview. Only your iCloud items listed under “standard data protection” with “in transit & on server” can be recovered with the help of a trusted contact. What’s left is device-locked end-to-end encrypted data that can never be recovered. (If you get a trusted device or unlock one that you thought was locked forever, that device will resync the data with the new hardware you added.)
Apple makes it clear when you set up the service: “The iCloud Data Recovery Service helps you recover your data, including photos, notes, reminders and device backups.… , such as Keychain, Screen Time and Health data.”
I wrote a column on iCloud Data Recovery Service limitations and how to do it back in October 2021; see “How to use the iCloud Data Recovery Service.”
Improvements and features
Apple has slipstreamed many improvements in the current operating system cycle, many related to iCloud. I discovered that includes iCloud Data Recovery Service, with a new name and no more iCloud-accessible data limit.
Apple now calls it Recovery Assistance, and your trusted contacts are now “recovery contacts.” Apple did not announce the change, but it happened with the release of Advanced Data Protection for iCloud data. ADP allows almost all data stored in iCloud to be protected with end-to-end encryption, the gold standard. (I figured the change happened between December 11 and December 13, 2022, by consulting the Internet Archive’s Wayback Machine for Apple’s account recovery support page.)
This makes sense: if you enable ADP, only email, contacts, and calendar entries can be retrieved. Not very useful. The rethink affects both standard and ADP-configured iCloud accounts.
Recovery Help now tells you when you add a contact, “Your recovery contact cannot access your data but can help you recover all of it and regain access to your account.” Note the word all!
Apple is likely to make this happen through the same method it uses with iCloud Keychain: it uses passphrases on the device to lock encryption keys that provide access to iCloud Keychain data. If there is no passphrase on the device, you will not be able to sync iCloud Keychain. Recovery Help uses the data integrated with your contacts to recover the information you have and have access to.
The setup and use of Recovery Assistance is the same as the old version. The main difference is the version numbers:
- The iCloud Data Recovery Service requires a minimum of iOS 15, iPadOS 15, macOS 11 Big Sur, as well as tvOS 15 on all devices logged into the same iCloud account.
- That’s upped by Recovery Help for macOS, which requires 12.0 Monterey or later, and requires watchOS 8 if you have a Watch.
Ask for Mac 911
We have created a list of questions that we are often asked, with answers and links in the columns: read our super FAQ to see if your question is covered. Otherwise, we’re always looking for new problems to solve! Email yours to mac911@macworld.com, including screen captures if appropriate and if you want to use your full name. Not all questions can be answered, we don’t respond to email, and we can’t provide direct troubleshooting advice.