Skip to main content

Apple appears to be storing a log of the numbers you enter into iMessages

apple ios developer academy logo
Image used with permission by copyright holder
Apple has said it doesn’t store the contents of messages sent via its iMessage texting service. Indeed, it contends that such record keeping would be useless since the contents of such messages are encrypted on the devices from which they’re sent — the iPhone maker said it can’t “scan … communications” or “comply with a wiretap order” even if it wanted to.

But those same protections, it turns out, don’t necessarily extend to SMS messages. According to The Intercept, receipts of SMS texts sent via the Messaging app on iOS are routinely copied to Apple’s servers.

This is the result of a worrisome — and perhaps inherent — quirk in the way iMessage differentiates between messages sent via SMS, a cellular carrier standard known as Short Messaging Service, and iMessage, Apple’s internet-based alternative. According to internal documents obtained by The Intercept from the Florida Department of Law Enforcement’s Electronic Surveillance Support Team, an agency that coordinates the state’s electronic policies, every text sent via the iOS Messaging app triggers a query of Apple’s servers.

The servers determine whether to route the text over a carrier’s SMS network or Apple’s platform — practically speaking, whether the message appears in a green bubble (SMS) or a blue bubble (an iMessage) — and record the results of the resulting transaction. A typical log includes the sender and recipient’s phone numbers, the date and time, and the IP address of the sending device, according to The Intercept.

It paints a stark picture. Additional material obtained by The Intercept suggests that Apple maintains a running log of phone numbers users have entered into the Messages app; that numbers entered into other iOS apps, like the Contacts app, may find their way into said logs; and that the company may collect new metadata as frequently as “[every time] you open a new chat window and select a contact or number with whom to communicate.”

Apple said that it stores the information, known as “metadata,” for a period of 30 days, but The Intercept notes that a court order could extend that retention period by an additional 30 days. The limit, then, is essentially an arbitrary one — there’s nothing preventing law enforcement from filing subsequent extensions, potentially prolonging storage for months on end. “A series of … log snapshots from Apple could be strung together by police to create a longer list of whose numbers someone has been entering.

Worse still, under laws governing the use of surveillance devices known as “pen register” and “trap and trace,” Apple is compelled to turn over data “relevant to an ongoing criminal investigation.”

“When law enforcement presents us with a valid subpoena or court order, we provide the requested information if it is in our possession,” an Apple spokesperson told The Intercept. “In some cases, we are able to provide data from server logs that are generated from customers accessing certain apps on their devices. We work closely with law enforcement to help them understand what we can provide and make clear these query logs don’t contain the contents of conversations or prove that any communication actually took place.”

For privacy-conscious  users, there is some light in the gloom. Apple’s records don’t appear to differentiate between iMessage conversations and numbers entered but never contacted — law enforcement would be unable to tell, for example, whether or not you contacted a known drug dealer or just dialed the number by mistake. But as The Intercept notes, a list of assumed associates can be at the very least sensitive, and at the very worst compromising.

And Apple’s iMessage metadata policies appear to conflict with the company’s messaging: that its users’ data remains private, secure, and for the most part tucked away from prying eyes. “Your iMessages and FaceTime calls are your business, not ours,” an FAQ response on the company’s website reads. “Because iMessage is encrypted end-to-end, we do not have access to the contents of those communications.”

It’s a reiteration of a statement made by the Cupertino, California-based company following revelations regarding the U.S. National Security Administration’s domestic surveillance efforts. After it was revealed that Apple was among the tech companies implicated in a program known as PRISM, which provided the agency nearly unfettered access to nine of the country’s leading internet companies, Apple reaffirmed its commitment to “customer privacy,” insisting that it “[could] not decrypt” iMessage … [data]” and that it “did not store data related to customers’ location … in any identifiable form.”

It’s hardly the first controversy over the degree to which messaging services disclose — or don’t disclose — information regarding communications. Just last week, privacy advocates, among them CIA and NSA whistleblower Edward Snowden, criticized search giant Google’s new messaging platform, Allo, for failing to encrypt messages by default and storing chat logs indefinitely. Facebook-owned texting platform WhatsApp has been repeatedly blocked in countries such as Brazil as a result of the service’s end-to-end encryption model. And a report in Motherboard revealed that the Royal Canadian Mounted Police, a branch of Canadian law enforcement, possessed the master encryption key necessary to decrypt over one million messages sent via BlackBerry’s BBM service between 2010 and 2012.

Apple has yet to respond more substantively to The Intercept’s accusations, but time will tell whether the company, which fiercely combated the FBI’s recent efforts to implement a backdoor in iOS, considers it a fight worth waging.

Editors' Recommendations

Kyle Wiggers
Former Digital Trends Contributor
Kyle Wiggers is a writer, Web designer, and podcaster with an acute interest in all things tech. When not reviewing gadgets…
Apple’s new in-store device aimed at improving iPhone setup process
iPhone 15 Pro Max lying on the ground surrounded by leaves.

Apple has tackled a minor annoyance that can sometimes impact iPhone customers.

You might know it. It’s when you take your new iPhone from the box, set it up, and discover that the iOS software already requires an important update.

Read more
Have an iPhone, iPad, or Apple Watch? You need to update it right now
iPhone 14 Pro Max against a red background.

If you own an Apple product — be in the iPhone, iPad, Apple Watch, or a Mac — you should update it immediately. Why? Apple has begun rolling out updates to all of its devices with fixes for a serious security vulnerability.

The security vulnerability is known as CVE-2023-32434, and it has to do with the kernel privileges of Apple devices. Per Apple's website, the vulnerability allows third-party apps to "execute arbitrary code." In other words, if a bad actor knows how to exploit this vulnerability, they could potentially gain access to your Apple device and wreck havoc.

Read more
iOS 17’s coolest new feature is horrible news for Android users
iOS 17 contact posters

At the end of 2022, Google implored Apple to “get the message” and end the green-versus-blue bubble controversy by adopting RCS messaging. Apple’s response eventually came at WWDC 2023, where it introduced a new iOS 17 feature called Contact Posters, which instead of bringing everyone together, only furthers the us-versus-them split between Android and iOS.

If you thought the green/blue iMessage arguments could get fiery, there’s a lot more to come.
Blue good, green bad

Read more