Elcomsoft, a digital forensics company based in Russia, has claimed that iPhones secretly send call history to Apple’s services. It says that this happens automatically if iCloud is enabled on the device. Data is said to be uploaded in most cases without notifying users or even giving them a choice. The data that’s uploaded to Apple’s services is claimed to contain a list of all calls made and received on the iPhone. The list apparently includes dates, times, call duration, and even entire phone numbers. Missed and bypassed calls are included as well.
Elcomsoft CEO Vladimir Katalov says that users only need to have iCloud enabled for all of this data to be automatically uploaded to Apple’s servers. Apple is said to retain this data on its servers for up to four months. This can be of tremendous benefit to law enforcement agencies who may not be able to get this data from mobile carriers, they can also obtain this data through a user’s device if they have access to it.
The company mentions that it’s not just regular call logs that are being uploaded to Apple’s servers. The company is apparently storing logs for FaceTime voice and video calls as well. It’s of the view that this has been happening for both regular and FaceTime calls since iOS 8.2 which was released back in March last year.
iOS 10 is said to even sync logs of incoming missed calls made through third-party communication apps like WhatsApp, Skype, and Viber which rely on Apple Callkit to make the calls.
Apple has confirmed that call logs are synced with iCloud and says that this is done intentionally. “We offer call history syncing as a convenience to our customers so that they can return calls from any of their devices,” says a spokesperson for Apple, adding that ”Device data is encrypted with a user’s passcode, and access to iCloud data including backups requires the user’s Apple ID and password. Apple recommends all customers select strong passwords and use two-factor authentication.”