Apple scored points with privacy advocates early in 2016 by resisting the FBI's attempts to crack into the San Bernardino shooter's iPhone. But the tech giant gave the government one concession: If the phone's data had been backed up to iCloud, Apple would have handed it over to help the investigation. Which gives some cause for concern -- like from a Russian security firm, which discovered that if users sign up for iCloud Drive, their devices secretly sends call records back to the tech giant's servers. But this is exactly how it's supposed to work, says Apple.
The security firm Elcomsoft illustrated the privacy issue in a brief: If users have iCloud Drive active, they can't prevent it from uploading their call history every time the phone is synced up. Conveniently, the security firm is also announcing a new version of its cloud-cracking software that can extract call logs and contacts even if the targeted phone is locked and its passcode is unknown.
In short, Elcomsoft is advertising a new tool for law enforcement to sidestep iCloud's security protections while alleging that Apple keeps those call logs for up to four months. But as The Intercept points out, a hacker used the software back in 2014 to break into over 100 celebrity iCloud accounts and steal compromising photos.
But far from denying it, Apple confirmed that it logs calls to its servers. That's how you have the same call, Facetime and text data synced across all your iCloud-connected devices:
Apple's statement to me on call history sync via iCloud and security thereof. Article/explainer to follow: pic.twitter.com/LhmF9W62n2— Rene Ritchie
That's not to say it's clear-cut what activity iCloud saves and doesn't save automatically. In July 2012, an Apple forums user asked whether iCloud backups contain recent calls. They do, someone replied, pointing to iCloud's backup overview page -- but that changed in the interim, since call logs are no longer listed in the summary bullet list of backed-up data. Even then, most recent call recovery methods for iOS devices instruct users to restore from backups.
The crux of the issue is both disclosure of the logs and whether the government would have easier access to them given how long they're stored on Apple servers. But call histories are as protected as the rest of your iCloud data -- that is, they're locked behind your Apple ID and password, along with two-factor authentication if that's enabled. More alarming, the chief technologist of the ACLU told The Information, was the revelation in September that Apple keeps records of end-to-end encrypted iMessage conversation metadata. The government can get call logs in other ways, the expert said, but keeping those encrypted text message info on Apple servers might be the only way officials could get to them.