Apple's effort to avoid becoming an on-demand data dispensary for authorities faces unlikely saboteurs: The company's commitment to convenience and its customers' preference for the same.
Russian digital forensics company Elcomsoft on Thursday published a blog post claiming that Apple's iCloud Drive service stores phone call logs without user notification or consent.
"Using an iPhone and have an active iCloud account?" said Elcomsoft researcher Oleg Afonin. "Your calls will sync with iCloud whether you want it or not."
Basically, if you don't want any data sent to iCloud at all, you can disable iCloud. According to Afonin, disabling iCloud Drive stops call history synchronization. The obvious drawback is that iCloud makes iPhone usage easier, by synchronizing contacts, calendar entries, photos, and the like. Syncing call logs makes call data available to other Apple devices signed in using the same Apple ID.
While Apple may not have publicized this consequence of iCloud synchronization, it also hasn't attempted to conceal it. In its May 2016 paper on iOS Security [PDF], the company notes that iCloud captures and backs up call history, iMessage, text (SMS), MMS messages, and HealthKit data, among other things.
In September, The Intercept reported that Apple stores logs of iMessage conversations.
Afonin points out that Google and Microsoft perform similar call syncing with Android 6.0+ and Windows 10 Mobile, respectively. And it's worth noting that call logs can also be obtained from communications service providers, many of which have shown far more willingness to cooperate with authorities than Apple.
In a statement emailed to The Register, a Apple spokesperson said, "We offer call history syncing as a convenience to our customers so that they can return calls from any of their devices. Apple is deeply committed to safeguarding our customers' data. That's why we give our customers the ability to keep their data private. Device data is encrypted with a user's passcode, and access to iCloud data including backups requires the user’s Apple ID and password. Apple recommends that all customers select strong passwords and use two-factor authentication."
Apple has made a point of defending customer privacy, going so far as to embrace ignorance of iOS users' device encryption keys. "For all devices running iOS 8 and later versions, Apple will not perform iOS data extractions in response to government search warrants because the files to be extracted are protected by an encryption key that is tied to the user's passcode, which Apple does not possess," the company explains on its website.
Apple's stance has put the company at odds with the FBI, which sought to compel the company to cooperate in the decryption of an iPhone associated with an act of terror, before opting to exploit a vulnerability to gain access to the device.
And it has also underscored the narrow confines of privacy in Apple's ecosystem.
Apple may refuse to assist authorities in breaking into customers' iOS devices, but it, like any other cloud service provider, says it will comply with lawful demands for information stored on its servers. iCloud, like other cloud services associated with mobile devices and applications, is a backdoor for any transmitted data, for those who haven't disabled it.
This might be less of an issue if Apple customers knowingly signed on. Apple's Legal Process Guidelines [PDF] for US law enforcement suggest as much: "iCloud only stores content for the services that the subscriber has elected to maintain in the account while the subscriber's account remains active," the guidelines state.
But iCloud activation doesn't involve detailed notice. And judging by the confused customers asking about iCloud synchronization in Apple forums, there's not much informed consent.
Apple could provide specific warnings about call log retention and could provide a more granular mechanism to opt out. But Apple customers would have to care enough about privacy to opt-out.
Apple is said to be working on stronger data privacy measures for iCloud backups of iOS device data, but it's not yet clear whether other data stored in iCloud will be more secure as a result. ®