iPhone call history is stored in iCloud, says security firm report

Despite being one of the few tech companies to take a stand on privacy this year in the wake of the San Bernadino shooter controversy, a new report indicates that iCloud, Apple cloud storage service, actually records and uploads user call history.

Russian digital forensics firm Elcomsoft has discovered that Apple’s mobile devices automatically send a user’s call history to the company’s servers when iCloud is enabled, according to a report stemming from The Intercept. This data is uploaded even when users have not given iCloud permission to do so — all that is necessary is for iCloud syncing to be turned on.

These logs contain a list of all calls made and received from any iOS device linked to that iCloud account, including phone numbers, dates, times, duration, and skipped phone calls. This information can then be used by law enforcement, especially in cases when authorities are unable to obtain this data from carriers.

Interestingly, FaceTime, which can be used to make both audio and video calls on all iOS devices, syncs with iCloud automatically as well. This feature has been part of Apple’s operating system since at iOS 8.2 and now also includes macOS, according to Elcomsoft.

The security firm says it’s releasing an update to its Phone Breaker software tool that allows users to extract call histories from iCloud accounts. Law enforcement agencies, corporate security departments and even consumers have been known to use this software.

According to 9to5 Mac, Apple has responded to the controversy with the following statement:

“We offer call history syncing as a convenience to our customers so that they can return calls from any of their devices. Apple is deeply committed to safeguarding our customers’ data. That’s why we give our customers the ability to keep their data private. Device data is encrypted with a user’s passcode, and access to iCloud data including backups requires the user’s Apple ID and password. Apple recommends all customers select strong passwords and use two-factor authentication.”

In the past, The Intercept has also reported similar activity related to iMessage logs.

[source]The Intercept[/source]