Yes, Apple keeps a log of who you contact on iMessage for 30 days


A new report is out on Wednesday, claiming that Apple logs your iMessage contacts and may share them with police. The Intercept published the piece, along with an internal law enforcement document that shows Apple tracks information like IP addresses, phone numbers and time, and stores it for up to 30 days.

At first glance, the report can be a bit unsettling, conjuring thoughts like: “isn’t Apple always preaching about user privacy” and “I thought iMessage was one of the most secure messaging services, thanks to its end-to-end encryption.” But it doesn’t take much digging to realize this is likely much ado about nothing.

Here’s the document, titled “iMessage FAQ for Law Enforcement.”

imessage doc

And here is an excerpt from The Intercept’s report:

This is a lot of bullet points to say one thing: Apple maintains a log of phone numbers you’ve entered into Messages and potentially elsewhere on an Apple device, like the Contacts app, even if you never end up communicating with those people. The document implies that Messages transmits these numbers to Apple when you open a new chat window and select a contact or number with whom to communicate, but it’s unclear exactly when these queries are triggered, and how often — an Apple spokesperson confirmed only that the logging information in the iMessage FAQ is “generally accurate,” but declined to elaborate on the record.

In the latest version of Apple’s Legal Process Guidelines PDF (last updated September 2015), Apple explicitly says that it can retain invitation logs for multiple cloud services for up to 30 days, and that this data can be obtained by law enforcement. Here’s what it says about FaceTime, which runs parallel to iMessages.

FaceTime communications are end-to-end encrypted and Apple has no way to decrypt FaceTime data when it is in transit between devices. Apple cannot intercept FaceTime communications. Apple has FaceTime call invitation logs when a FaceTime call invitation is initiated. These logs do not indicate that any communication between users actually took place. Apple has no information as to whether the FaceTime call was successfully established or duration of a FaceTime call. FaceTime call invitation logs are retained up to 30 days. FaceTime call invitation logs can be obtained with an order under 18 U.S.C. §2703(d) or court order meeting the equivalent legal standard or search warrant.

Here’s a deeper explanation of how it works from Apple’s iOS Security Guide, page 41 (via Daring Fireball):

“Users start a new iMessage conversation by entering an address or name. If they enter   a phone number or email address, the device contacts the IDS to retrieve the public keys and APNs addresses for all of the devices associated with the addressee. If the   user enters a name, the device first utilizes the user’s Contacts app to gather the phone numbers and email addresses associated with that name, then gets the public keys   and APNs addresses from the IDS.” 

It also explicitly states in the PDF that IP addresses can be logged when you sign into various services like iTunes or iCloud, or when you make a purchase via its online store, and this info too can be subpoenaed. So put together, it seems like Apple previously divulged most of the information revealed in this leaked document.

The bottom line here is that yes, Apple is keeping a log of fragments of data from your iMessage contacts, but we really already knew that. Should Apple maybe update its legal documents to specifically mention iMessage? Perhaps. But regardless, today’s report shouldn’t impact how you view Apple’s stance on user privacy.

Source: The Intercept