from the everything-in-its-right-place dept
So much for encryption turning phones into inscrutable blocks of plastic, metal, and glass. The Intercept is reporting that Apple is doing some of law enforcement's work for it, routing call records to users' iCloud storage.
Russian digital forensics firm Elcomsoft has found that Apple’s mobile devices automatically send a user’s call history to the company’s servers if iCloud is enabled — but the data gets uploaded in many instances without user choice or notification.
“You only need to have iCloud itself enabled” for the data to be sent, said Vladimir Katalov, CEO of Elcomsoft.
The logs surreptitiously uploaded to Apple contain a list of all calls made and received on an iOS device, complete with phone numbers, dates and times, and duration. They also include missed and bypassed calls. Elcomsoft said Apple retains the data in a user’s iCloud account for up to four months, providing a boon to law enforcement who may not be able to obtain the data either from the user’s carrier, who may retain the data for only a short period, or from the user’s device, if it’s encrypted with an unbreakable passcode.
Plain vanilla call records aren't that difficult to obtain. They've long been considered third-party records and can be obtained without a warrant. The Intercept quotes a former FBI agent as saying this is a "boon" for law enforcement because the four-month retention period is longer than most service providers'.
That doesn't seem to be correct at all. The EFF's Nate Cardozo points out that most service providers retain call logs for at least a year, with some retaining records for as long as a decade. Kim Zetter, who wrote the piece for The Intercept, believes it might be a misunderstanding. Providers may retain content (messages, etc.) for a shorter time frame than the four months of records Apple automatically uploads, but former agent Robert Osgood (quoted in The Intercept's piece) clearly states he's referring to call logs.
The concerning part of this isn't the normal call logs. Those are retained for years by carriers and can be obtained with a subpoena or a pen register/trap and trace order (for "real-time" data). There are two aspects of this automatic collection that should worry iPhone users.
First, it's not solely limited to calls placed directly through carriers.
FaceTime, which is used to make audio and video calls on iOS devices, also syncs call history to iCloud automatically, according to Elcomsoft. The company believes syncing of both regular calls and FaceTime call logs goes back to at least iOS 8.2, which Apple released in March 2015.
And beginning with Apple’s latest operating system, iOS 10, incoming missed calls that are made through third-party VoIP applications like Skype, WhatsApp, and Viber, and that use Apple CallKit to make the calls, also get logged to the cloud, Katalov said.
Trying to route around service providers to limit easily-obtainable records of your call activity is somewhat pointless on Apple devices. It all gets captured and can be obtained directly from the company. Presumably this information would still fall under the Third Party Doctrine, meaning law enforcement most likely won't have to present a warrant to collect this data from Apple.
The other concerning part of this collection is that Apple does it without informing customers that it's doing it. It does list several forms of data it syncs to users' iCloud accounts, but never states that it's collecting call records. Kate Cox of The Consumerist digs into the iCloud fine print.
Under the header “Privacy and security,” Apple writes:
Apple takes data security and the privacy of your personal information very seriously, and iCloud features are designed with your privacy in mind. All your iCloud content — like photos, documents, and contacts — is encrypted when sent over the Internet and, in most cases, when stored on our servers. If we use third-party vendors to store your information, we encrypt it and never give them the keys. And security enhancements like two-factor authentication help to ensure that the important information in your account can only be accessed by you, and only with your devices.
And the full list of features Apple mentions on the site includes backup for “important stuff like photos and videos”; Notes; iTunes and Apple Music; Mail, Calendar, Contacts, and Reminders; Safari browser history and passwords; Safari password keychain; and Find my [Device]. Nowhere is “call history data” mentioned.
Apple's explanation for this hidden syncing is "convenience:" "history syncing" allows users to "return calls from any device." That's fine but it doesn't explain why Apple doesn't list that in the data it syncs to iCloud or why it doesn't give users an easy way to exclude call data from this process.
Not that users of other devices should feel superior. Android and Windows phones do the same thing and give users no easy way to disable call tracking.
But it does drill another hole in the "going dark" theory. Tons of information from locked phones is being synced to cloud storage that manufacturers hold the keys to. And, in the case of Apple, content from end-to-end encrypted iMessages could be no more than a warrant away from law enforcement's possession.