According to a new document obtained by The Intercept, Apple records a log of which phone numbers you typed into their iPhone for a message conversation, along with the date and time when you entered those numbers as well as your IP address, which could be used to identify your location.
“Apple records each query in which your phone calls home to see who’s in the iMessage system and who’s not,” The Intercept reports.
Moreover, the company is compelled to turn over this information to law enforcement with a valid court order — generally “pen registers” or “tap and trace devices” warrants that are very easy to obtain.
Pen register warrants are routinely being used to compel telephone companies to provide metadata about customers’ phone calls to law enforcement.
Apple Logs Your IP Address (Location)
But it’s surprising that Apple, which has positioned itself as a staunch defender of its user privacy by refusing the federal officials to provide encryption backdoors into its products, hands over its users’ information on iMessage contacts under such warrants.
The report also points out that keeping logs of users IP address that could be used to reveal one’s actual location is contrary to Apple’s 2013 claim that the company “do not store data related to customers’ location.”
The Intercept obtained the document, titled ‘iMessage FAQ for Law Enforcement,’ about Apple’s iMessage logs as part of a much larger cache originating from within a state police agency, “The Florida Department of Law Enforcement’s Electronic Surveillance Support Team.”
Although your iMessages are end-to-end encrypted, it doesn’t mean that all Apple users are enjoying the company’s so-called privacy benefit.
If you have enabled iCloud Backup on your Apple devices to keep a backup of your data, the copies of all your messages, photographs and every important data stored on your device, are encrypted on iCloud using a key controlled by Apple, and not you.
So, Apple can still read your end-to-end encrypted iMessages, if it wants.
Even if you trust the company that it won’t provide your decrypted data to law enforcement (just don’t forget San Bernardino case in which Apple helped the FBI with the iCloud backup of the Shooter’s iPhone), anyone who breaks into your iCloud account could see your personal and confidential data.
Apple deliberately Weakens Backup Encryption
Fortunately, it is possible to store your backups locally through iTunes, though it is not such an obvious choice for an average user.
What’s even worse is that a recent issue in the local password-protected iTunes backups affects the encryption strength for backups of devices on iOS 10, allowing attackers to brute-force the password for a user’s local backup 2,500 faster than was possible on iOS 9.
Apple has already confirmed that the issue exists and that a fix would be included in an upcoming update.
However, in response to the latest report about iMessage logs, Apple provided the following statement:
“When law enforcement presents us with a valid subpoena or court order, we provide the requested information if it is in our possession. Because iMessage is encrypted end-to-end, we do not have access to the contents of those communications. In some cases, we are able to provide data from server logs that are generated from customers accessing certain apps on their devices. We work closely with law enforcement to help them understand what we can provide and make clear these query logs don’t contain the contents of conversations or prove that any communication actually took place.”
The Florida Department of Law Enforcement still has to comment on the matter.