Update: Apple has not yet commented on the specific claims made, but tells us:
We offer call history syncing as a convenience to our customers so that they can return calls from any of their devices. Apple is deeply committed to safeguarding our customers’ data. That’s why we give our customers the ability to keep their data private. Device data is encrypted with a user’s passcode, and access to iCloud data including backups requires the user’s Apple ID and password. Apple recommends all customers select strong passwords and use two-factor authentication.
Elcomsoft – the Russian company which sells iPhone cracking tools to governments and corporations – says that iPhones send near real-time call logs to Apple servers even when iCloud backup is switched off, and that these logs are stored for up to four months.
All FaceTime calls are logged in the iCloud too, whilst as of iOS 10 incoming missed calls from apps like WhatsApp and Skype are uploaded, said Elcomsoft, which provides phone forensics tools to police.
This is likely as a result of iOS 10’s CallKit support.
Katalov said that the logs are uploaded from any iPhone which has iCloud Drive enabled.
“Syncing call logs happens almost in real time, though sometimes only in a few hours,” he added. “But all you need to have is just iCloud Drive enabled, and there is no way to turn that syncing off, apart from just disabling iCloud Drive completely. In that case many applications will stop working or lose iCloud-related features completely.”
The company says that while Apple is open about allowing law enforcement access to iCloud backup data on receipt of a court order, the company doesn’t disclose that it holds call logs even when backups are not enabled. Katalov also challenged the statement on Apple’s website that it only stores FaceTime call logs for 30 days.
Synced data contains full information including call duration and both parties. We were able to extract information going back more than four months.
iOS forensics expert Jonathan Zdziarski told Forbes that he believed this was an oversight by Apple rather than any deliberate attempt to obfuscate the information it holds.
I suspect that this is probably more of an engineering issue around making handoff work when you are answering calls between your phone and your desktop or if you’re using FaceTime on your desktop. They need to be able to sync a lot of that call data. I suspect whatever software engineer wrote that part of it probably decided to just go and stick that data in your iCloud Drive because that’s kind of what its purpose is. I’m convinced it wasn’t very well thought out if that’s the case.
Apple has already indicated an intention to use full end-to-end encryption for iCloud backups at some point in the future. At present, backups are encrypted but Apple holds the key; by switching to end-to-end encryption, Apple would have no access to the data.
A previous report claimed that Apple was intercepting all iMessage contacts, though in that case it was due to a misunderstanding of how Apple’s systems work.