Blank
Why Apple can be forced to turn logs of your iMessage contacts over to police
By
Andrea Peterson
September 30 at 12:05 PM
When a user sends someone a message through Apple’s iMessage feature, Apple
encrypts that message between Apple devices so that only the sender and
recipient
can read its contents. But a Wednesday
report
from news site the Intercept is a good reminder that not all data related to
iMessage has that same level of protection -- and that information can still
be turned over to law enforcement authorities.
That may be surprising to everyday users who view Apple as a privacy champion
after it's legal battle with the Justice Department this year over a court
order that would force the company to break its own security measures. But to
experts, it's just a fact of how communication systems work. For instance,
as security expert and noted iPhone hacker Will Strafach notes, Apple needs to
know things such as whom you're chatting with via iMessage so that it can
deliver your messages.
[Google’s Allo app lets you send extra-secure ‘incognito’ messages]
According to a document obtained by the Intercept, Apple logs information about
whom you're contacting in iMessage while the app figures out if the person
you are texting is also using an iOS device. If they are using iOS, the message
gets encrypted and routed through iMessage, which is signaled by blue chat
bubbles. If the recipient is not using an Apple device, the message gets routed
as a standard text without that extra layer of encryption, and messages
appear in green bubbles in the iMessage app.
According to the document, which the Intercept says originated "from within the
Florida Department of Law Enforcement’s Electronic Surveillance Support
Team," these logs don’t necessarily show that you messaged someone. Instead,
they show when you opened up a chat window and selected the contact or entered
a phone number.
Apple says those logs are wiped every 30 days. But because that data exists at
all, police can use court orders to force the company to hand it over. And,
as the Intercept notes, in ongoing investigations it's possible to extend court
orders to get new data, which would allow law enforcement to build a record
that goes beyond just 30 days.
[Your Facebook Messenger conversations could soon be more private than ever]
"When law enforcement presents us with a valid subpoena or court order, we
provide the requested information if it is in our possession," Apple told The
Washington Post in a statement. "In some cases, we are able to provide data
from
server logs that are generated from customers accessing certain apps on
their devices."
Apple emphasized that because iMessages are encrypted, the company is not able
to give police access to the content of conversations. Nor do the message
logs "prove that any communication actually took place." All of this seems
consistent with Apple’s
legal process guide,
which notes that information about your contacts is among the data it may turn
over to investigators when served with a court order or subpoena.
The Switch newsletter
The day's top stories on the world of tech.
Sign up
Of course, metadata can still be incredibly revealing, especially when analyzed
over time: Knowing whom you're messaging (or even thinking about messaging)
can reveal who's in your social network or expose personal data. For instance,
if you’re regularly sending text messages to a suicide crisis line someone
reviewing your log could assume that you’re having a serious mental health
crisis.
[This court ruling is a ‘fatal blow’ to consumer protections, advocates say]
That type of privacy concern is among the reasons why civil liberties advocates
pushed back so hard on the
now defunct
National Security Agency program that allowed the government to collect bulk
metadata about Americans' phone calls, including the numbers they dialed
and duration of calls.
The Intercept also raised another issue about the logs: They appear to contain
IP addresses, which can be used to determine a user's general location.
Revealing that information, the Intercept argues, seems to run counter to a
statement
Apple made in the wake of Edward Snowden’s revelations about the extent of the
NSA’s spying powers. “[W]e do not store data related to customers’ location,
Map searches or Siri requests in any identifiable form,” Apple said in the June
2013 statement.
But it’s worth noting that the geolocation information that can be determined
by
IP addresses is typically less specific than what you’d get from GPS data
or from looking up a specific address. And Apple’s
legal process guide
also notes that IP addresses are among the information that police can request
with a court order or subpoena.