Apple is regarded as the modern day pioneer of user privacy. The company went to great lengths to guard user privacy when FBI asked the Cupertino-based smartphone maker to unlock an iPhone associated with San Bernardino shooter. At that time, Apple said unlocking that iPhone would undermine the whole point of encryption.
Now Apple is found to be releasing user data via iCloud, its online cloud syncing platform. According to Russian digital forensics firm Elcomsoft, Apple's iPhones automatically send a user's call history to company's serves if iCloud is enabled. It says the data is uploaded without user choice or notification. “You only need to have iCloud itself enabled for the data to be sent," Vladimir Katalov, CEO of Elcomsoft told The Intercept.
The call log uploaded to Apple's servers contain list of all calls made and received on an iOS device. The log is complete with phone numbers, dates, times and even duration. The log also stores information about missed and bypassed calls.
Apple is reportedly retaining the data in a user's iCloud account for up to four months. The data won't be accessible from the user's encrypted iPhone or from the carrier but it might serve as a boon to law enforcement. Elcomsoft says the logs are not just limited to regular calls but it also store FaceTime calls.
"The company believes syncing of both regular calls and FaceTime call logs goes back to at least iOS 8.2, which Apple released in March 2015."
Apparently with iOS 10, Apple iCloud also stores logs of incoming missed calls made through third-party VoIP applications like Skype, WhatsApp and Viber. Elcomsoft says call logs will be stored from all apps using Apple CallKit to make calls. Elcomsoft adds that US law enforcement agencies can obtain direct access to the logs from Apple by issuing a court order.
Elcomsoft says agencies will still need a tool to extract and parse the data. Elcomsoft's forensic tools are used by law enforcement, corporate security departments and even consumers. The company is releasing an update to its Phone Breaker software tool that can be used to extract the call data from iCloud accounts.
“We offer call history syncing as a convenience to our customers so that they can return calls from any of their devices,” an Apple spokesperson told The Intercept in an email. “Device data is encrypted with a user’s passcode, and access to iCloud data including backups requires the user’s Apple ID and password. Apple recommends all customers select strong passwords and use two-factor authentication.”
Apple's collection of call logs is a potential risk to user data. The data becomes available to law enforcement and other Elcomsoft customers. Apple was earlier found collecting iMessage logs of users.