Revealing iMessage Metadata Reignites Apple Privacy Debate

The privacy promised by Apple's Messages system is again under the microscope, after leaked documents detailing records of potentially attempted messages emerged from law enforcement. The Cupertino company has previously insisted that, even if it was pressed by investigators, it would not and could not reveal the contents of conversations held via Messages (also known as iMessage); however, other metadata could still reveal more than users expected.

Questions about encryption and privacy in iMessage arose in mid-2013, when US government surveillance program PRISM made headlines for alleged backdoors into a variety of online services. Apple responded to claims that investigators could track iMessage chats by pointing out that such conversations used end-to-end encryption, and that the company itself would be unable to decode them.

"There are certain categories of information which we do not provide to law enforcement or any other group because we choose not to retain it," Apple said in a statement at the time.

"For example, conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data. Similarly, we do not store data related to customers' location, Map searches or Siri requests in any identifiable form" Apple

As a result, the firm became something of a poster-child for internet privacy.

However, documentation obtained by The Intercept, and originating from the Florida Department of Law Enforcement's Electronic Surveillance Support Team, emphasizes that privacy is not the same as anonymity.

That's because of how Apple handles conversations between users and non-users of its Messages system, and the logs of that process that it keeps – and which could be requested via a court order.

As anyone who has used iOS and Messages knows, text from contacts who chat via Messages comes in as a blue bubble. SMS is used for non-Apple devices, such as Android smartphones, and shows up as a green bubble.

To figure out how to route a message, Apple automatically checks numbers entered in an iOS device – whether that be in the Messages app, or saved to a contact – with its servers, to see if its been associated with an iTunes account.

Each of those checks are recorded, complete with the date and time that it took place, the number searched, and the IP address you're using at the time. The latter could theoretically be used to ascertain location, it's pointed out.

In a statement to The Intercept, Apple confirms that there are indeed times when it can hand over server logs, but underscores the fact that the content of conversations are inaccessible:

"When law enforcement presents us with a valid subpoena or court order, we provide the requested information if it is in our possession. Because iMessage is encrypted end-to-end, we do not have access to the contents of those communications. In some cases, we are able to provide data from server logs that are generated from customers accessing certain apps on their devices. We work closely with law enforcement to help them understand what we can provide and make clear these query logs don't contain the contents of conversations or prove that any communication actually took place."

Apple also confirmed that its logs of these checks are stored for 30 day periods. The Intercept points out that law enforcement officials could theoretically string multiple court orders together to build up a longer period, were they able to convince a court that there was realistic cause to believe it would contribute to an investigation.

Exactly how that contribution might pan out depends on what investigators might be looking for. If the content of chats is required, then this is clearly a non-starter; however, if it's merely the fact that two contacts were connected in some way, then a server log that shows one user's iOS device checked on the status of the other might be enough to confirm a link.

That sort of investigation through metadata – which can individually be scant, but more illustrative in aggregate – is a key part of current surveillance. Back in 2013, the NSA's Marina system was alleged to be tracking the social networking use of millions of people. Facing pressure to revamp the system, President Obama announced an overhaul in early 2014.

It's worth remembering that, even if you decide to eschew Messages because of this, any SMS communication via a carrier leaves an even greater footprint. Carriers are routinely called upon to disclose such chats to law enforcement, without the guarantee that Apple gives of the content itself being private.

SOURCE The Intercept