Apple is saving iMessage conversation metadata, report claims

Tech giant accused of collecting data that it could share with law enforcement agencies

Apple is saving metadata from its iMessage app that it could share with law enforcement agencies, a new report has claimed.

Apple's servers allegedly log iMessage conversation metadata, according to documents obtained by The Intercept,  including the time and date on which messages are sent, frequency of contact and IP address, and could be used to establish limited location information.

The obtained documents originate from a state police agency that facilitates data collection using controversial tools, and also suggested that Apple maintains a log of phone numbers entered into Messages and potentially elsewhere on an Apple device, such as the Contacts app.

The collection of this metadata is down to the way Apple logs users and non-users of its Messages system, from contacts who chat via iMessage and those that do via SMS. To understand the difference between the two and route the message, Apple automatically checks numbers entered into an iOS device with its servers to see whether it has been associated with an iTunes account, hence the metadata.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Apple has responded to the report, stating that there are times when it can hand over server logs but that the content of conversations is inaccessible.

"When law enforcement presents us with a valid subpoena or court order, we provide the requested information if it is in our possession. Because iMessage is encrypted end-to-end, we do not have access to the contents of those communications," an Apple spokesperson said in a statement.

"In some cases, we are able to provide data from server logs that are generated from customers accessing certain apps on their devices.

"We work closely with law enforcement to help them understand what we can provide and make clear that these query logs don't contain the contents of conversations or prove that any communication actually took place."

The newly obtained documents contradict a statement released by Apple in 2013, which, commenting on the NSA's PRISM surveillance programme, said the company affirmed its commitment to "customer privacy" and insisted that it does not store information related to a user's location.

"Conversations which take place over iMessage and FaceTime are protected by end-to-end encryption, so no-one but the sender and receiver can see or read them. Apple cannot decrypt that data," Apple said at the time.

Advertisement - Article continues below

"Similarly, we do not store data related to customers' location, Map searches or Siri requests in any identifiable form."

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/business-strategy/33311/apple-launches-new-tv-gaming-and-finance-services
Business strategy

Apple launches new TV, gaming and finance services

25 Mar 2019
Visit/hardware/laptops/354509/apple-macbook-pro-16in-review-a-little-bigger-a-lot-better
Laptops

Apple MacBook Pro 16in review: A little bigger, a lot better

10 Jan 2020
Visit/mobile/23617/the-best-smartphones-to-buy
Mobile

Best smartphone 2019: Apple, Samsung and OnePlus duke it out

24 Dec 2019
Visit/hardware/354336/the-it-pro-products-of-the-year-2019-all-the-years-best-hardware
Hardware

The IT Pro Products of the Year 2019: All the year’s best hardware

24 Dec 2019

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/security/cyber-security/354468/if-not-passwords-then-what
cyber security

If not passwords then what?

8 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Visit/policy-legislation/31772/gdpr-and-brexit-how-will-one-affect-the-other
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020