Apple Uploading Call Data, Including From Third-Party Call Apps, To Users' iCloud Accounts

from the everything-in-its-right-place dept

So much for encryption turning phones into inscrutable blocks of plastic, metal, and glass. The Intercept is reporting that Apple is doing some of law enforcement's work for it, routing call records to users' iCloud storage.

Russian digital forensics firm Elcomsoft has found that Apple’s mobile devices automatically send a user’s call history to the company’s servers if iCloud is enabled — but the data gets uploaded in many instances without user choice or notification.

“You only need to have iCloud itself enabled” for the data to be sent, said Vladimir Katalov, CEO of Elcomsoft.

The logs surreptitiously uploaded to Apple contain a list of all calls made and received on an iOS device, complete with phone numbers, dates and times, and duration. They also include missed and bypassed calls. Elcomsoft said Apple retains the data in a user’s iCloud account for up to four months, providing a boon to law enforcement who may not be able to obtain the data either from the user’s carrier, who may retain the data for only a short period, or from the user’s device, if it’s encrypted with an unbreakable passcode.

Plain vanilla call records aren't that difficult to obtain. They've long been considered third-party records and can be obtained without a warrant. The Intercept quotes a former FBI agent as saying this is a "boon" for law enforcement because the four-month retention period is longer than most service providers'.

That doesn't seem to be correct at all. The EFF's Nate Cardozo points out that most service providers retain call logs for at least a year, with some retaining records for as long as a decade. Kim Zetter, who wrote the piece for The Intercept, believes it might be a misunderstanding. Providers may retain content (messages, etc.) for a shorter time frame than the four months of records Apple automatically uploads, but former agent Robert Osgood (quoted in The Intercept's piece) clearly states he's referring to call logs.

The concerning part of this isn't the normal call logs. Those are retained for years by carriers and can be obtained with a subpoena or a pen register/trap and trace order (for "real-time" data). There are two aspects of this automatic collection that should worry iPhone users.

First, it's not solely limited to calls placed directly through carriers.

FaceTime, which is used to make audio and video calls on iOS devices, also syncs call history to iCloud automatically, according to Elcomsoft. The company believes syncing of both regular calls and FaceTime call logs goes back to at least iOS 8.2, which Apple released in March 2015.

And beginning with Apple’s latest operating system, iOS 10, incoming missed calls that are made through third-party VoIP applications like Skype, WhatsApp, and Viber, and that use Apple CallKit to make the calls, also get logged to the cloud, Katalov said.

Trying to route around service providers to limit easily-obtainable records of your call activity is somewhat pointless on Apple devices. It all gets captured and can be obtained directly from the company. Presumably this information would still fall under the Third Party Doctrine, meaning law enforcement most likely won't have to present a warrant to collect this data from Apple.

The other concerning part of this collection is that Apple does it without informing customers that it's doing it. It does list several forms of data it syncs to users' iCloud accounts, but never states that it's collecting call records. Kate Cox of The Consumerist digs into the iCloud fine print.

Under the header “Privacy and security,” Apple writes:

Apple takes data security and the privacy of your personal information very seriously, and iCloud features are designed with your privacy in mind. All your iCloud content — like photos, documents, and contacts — is encrypted when sent over the Internet and, in most cases, when stored on our servers. If we use third-party vendors to store your information, we encrypt it and never give them the keys. And security enhancements like two-factor authentication help to ensure that the important information in your account can only be accessed by you, and only with your devices.

And the full list of features Apple mentions on the site includes backup for “important stuff like photos and videos”; Notes; iTunes and Apple Music; Mail, Calendar, Contacts, and Reminders; Safari browser history and passwords; Safari password keychain; and Find my [Device]. Nowhere is “call history data” mentioned.

Apple's explanation for this hidden syncing is "convenience:" "history syncing" allows users to "return calls from any device." That's fine but it doesn't explain why Apple doesn't list that in the data it syncs to iCloud or why it doesn't give users an easy way to exclude call data from this process.

Not that users of other devices should feel superior. Android and Windows phones do the same thing and give users no easy way to disable call tracking.

But it does drill another hole in the "going dark" theory. Tons of information from locked phones is being synced to cloud storage that manufacturers hold the keys to. And, in the case of Apple, content from end-to-end encrypted iMessages could be no more than a warrant away from law enforcement's possession.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: call records, control, data, icloud, metadata, privacy, transparency
Companies: apple


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 17 Nov 2016 @ 2:56pm

    I told you guys this before, but I suppose you all were too busy falling for that phony-baloney "you better do it / I refuse to do it" theatrical exchange between Comey and Cook to pay attention.

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 17 Nov 2016 @ 3:06pm

    There are a lot more and easier places for authorities get this information without needing to ask Apple.

    link to this | view in thread ]

  3. identicon
    Anonymous Coward, 17 Nov 2016 @ 4:41pm

    News?

    I'm trying to figure out where the news is here... anyone who uses more than one Apple device knows that their call history and Messages history follows them around, because it's stored (encrypted) on iCloud. It's in the disclaimer when you enable these things. It's been like this for at least 5 years.

    link to this | view in thread ]

  4. identicon
    Greg Chartrand, 17 Nov 2016 @ 7:03pm

    Awful!

    Once data is in the cloud, the law has almost open access to it. Apple knows this, why would they allow it to happen?

    link to this | view in thread ]

  5. icon
    Chryss (profile), 17 Nov 2016 @ 8:03pm

    Why anyone who cares at all about privacy uses anything cloud is beyond me.

    link to this | view in thread ]

  6. icon
    Peter (profile), 17 Nov 2016 @ 11:38pm

    So, when the FBI claimed they had 'hacked' a locked iPhone, it might just have been Apple who voluntarily opened the gates to iCloud instead?

    link to this | view in thread ]

  7. icon
    Ninja (profile), 18 Nov 2016 @ 8:34am

    Sadly even taking additional steps like using a vpn may not help. Only using Signal and other end-to-end encrypted services you can somewhat guarantee your privacy (considering the other person does it right too). Sad.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 18 Nov 2016 @ 10:08am

    "Important stuff"

    it doesn't explain why Apple doesn't list that in the data it syncs to iCloud

    Arguably they do, if you consider it "important stuff".

    link to this | view in thread ]

  9. identicon
    Shou, 6 Jun 2017 @ 5:20am

    Really important

    Once data is in the cloud, the law has almost open access to it. Only using Signal and other end-to-end encrypted services you can somewhat guarantee your privacy (considering the other person does it right too). Sad.

    link to this | view in thread ]

  10. icon
    halloween images (profile), 3 Aug 2017 @ 4:15pm

    have a nice day

    Sexy hot latest Maternity Halloween costumes for city night party 2017 latest special funniest scariest maternity Halloween costumes homemade last minute maternity costumes.

    link to this | view in thread ]

  11. identicon
    anky, 20 Dec 2017 @ 11:27pm

    Thanks a lot

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.