Forensics Firm Claims iPhones Send Call History Logs Back To Apple iCloud Servers Risking User Privacy

It seems that Apple may have a complicated relationship with device user privacy. Russian digital forensics firm Elcomsoft has recently discovered that iPhone users’ call histories are being sent to Apple’s servers.

A user’s call history can be sent to Apple’s servers if iCloud is enabled. The data will include phone numbers, dates, times, and duration of phones calls as well as missed and bypassed calls. Facetime and third-party apps such as Skype, WhatsApp, and Viber, and that use Apple CallKit to make the calls, are also saved in iCloud. Apple retains this information for no longer than four months in the United States.


User are not notified when the download happens. The menu does not list them among the items users can choose to sync. Users would need to completely turn off iCloud in order to prevent their logs from syncing. This solution could prove problematic, however, because users would be unable to sync documents and data.

The United States law enforcement can now also access the iCloud accounts with a court order. Law enforcement still needs a tool to unlock and parse the account, however, Elcomsoct sells the necessary software tools. They are able to extract call histories by using the account holder’s credentials. Their customers include Cellebrite, the Israeli firm the FBI often uses to help crack into phones.

iphone 5c

Apple’s keys to iCloud and Elcomsoft’s extraction software, however, could easily fall into the wrong hands. Many are concerned about user privacy. In 2014 a hacker gained access to more than one hundred celebrities’ iCloud account information. The hacker reportedly used Elcomsoft’s technology to complete their phishing attack.

An Apple spokesperson responded with the following, which is likely little solace, “We offer call history syncing as a convenience to our customers so that they can return calls from any of their devices. Device data is encrypted with a user’s passcode, and access to iCloud data including backups requires the user’s Apple ID and password. Apple recommends all customers select strong passwords and use two-factor authentication.”