Apple iMessage not secure, messages & contacts shared with police
Apple always kept a promise to the customers that all iMessage talks are secure and conversations are just between your and your friends. But according to a document obtained by The Intercept, messages are viewed by Apple and there are chances that they may share it with cops if there is any causality.
According to leaked documents, any time an iOS user begins a text communication, Apple will take note of the target number and see if it corresponds to an iOS device capable of receiving a blue-bubbled iPhone message. While this isn’t new information in and of itself, what was not previously known is that every number Apple checks against their iMessage database is kept in a log for 30 days.
This log also includes the date and time when you entered a number, along with your IP address — which could, contrary to a 2013 Apple claim that “we do not store data related to customers’ location,” identify a customer’s location. Apple is compelled to turn over such information via court orders for systems known as “pen registers” or “tap and trace devices,” orders that are not particularly onerous to obtain, requiring only that government lawyers represent they are “likely” to obtain information whose “use is relevant to an ongoing criminal investigation.”
The underlying purpose of these logs, from a law enforcement perspective, is that it provides them with a clearer picture of who a given individual may have been in contact with. In a broader sense, it helps law enforcement authorities establish a communication network for whomever they happen to be investigating.
Commenting on the matter, Apple issued the following statement:
When law enforcement presents us with a valid subpoena or court order, we provide the requested information if it is in our possession. Because iMessage is encrypted end-to-end, we do not have access to the contents of those communications. In some cases, we are able to provide data from server logs that are generated from customers accessing certain apps on their devices. We work closely with law enforcement to help them understand what we can provide and make clear these query logs don’t contain the contents of conversations or prove that any communication actually took place.