Russian digital forensics firm Elcomsoft has found that Apple’s mobile devices automatically send a user’s call history to the company’s servers if iCloud is enabled. Users don’t know this and the data gets uploaded in many instances without user choice or notification.
Vladimir Katalov, CEO of Elcomsoft, said that all you need is to have iCloud enabled for the data to be sent,
Logs sent to Apple contain a list of all calls made and received on an iOS device, complete with phone numbers, dates and times, and duration. They also include missed and bypassed calls.
But Apple would not collect and store that date right? Elcomsoft said Apple retains the data in a user’s iCloud account for up to four months which means that if the FBI gets a court order, then Jobs' Mob must hand over all of it.
This means that it does not matter if the data is stored encrypted on the phone with an unbreakable password.
It’s not just regular call logs that get sent to Apple’s servers. FaceTime, which is used to make audio and video calls on iOS devices, also syncs call history to iCloud automatically, according to Elcomsoft.
The company believes syncing of both regular calls and FaceTime call logs goes back to at least iOS 8.2, which Apple released in March 2015.
With Jobs’ Mob’s latest iOS 10 operating system, incoming missed calls that are made through third-party VoIP applications like Skype, WhatsApp, and Viber, and that use Apple CallKit to make the calls, also get logged to the cloud, Katalov said.
And since Apple has the keys to unlock iCloud accounts, US law enforcement agencies can obtain direct access to the logs with a court order.
Apple acknowledged that the call logs are being synced and said it’s intentional. An Apple spokesman told the Intercept:
“We offer call history syncing as a convenience to our customers so that they can return calls from any of their devices. Device data is encrypted with a user’s passcode, and access to iCloud data including backups requires the user’s Apple ID and password. Apple recommends all customers select strong passwords and use two-factor authentication.”
However, it does mean that Apple has been caught out secretly collecting data. Of course, if you don’t want Jobs’ Mob giving your data to the cops it is better not to use the iCloud or get a proper phone.