according To documents obtained by The Intercept, the Messages (formerly iMessage, the instant messaging application from Apple) is less sensitive than the company admits. According to the site, Apple keeps records of all the people with whom you try to get in contact by means of the application.
The information came via a document of the agency of virtual monitoring of the police of Florida. The document was intended to be used by other agents of the state, and described the police officers they could expect from Apple when they required his cooperation in an investigation. The excerpt most relevant to him can be seen below:
The above data reveal that, each time a user Messages you try to make contact with the other number, the application invokes the servers of the Apple and see if communication will be by means of SMS or the messaging app. This contact, however, is registered on the server of the company, along with the number of the user, the date and time of the attempt and your IP address – which reveals his location.
Even though a conversation is never started, the simple fact that the user typed the number is sufficient for this activity to be recorded. These data are erased after 30 days; however, according to The Verge, other contacts between the app and the servers of the Apple happen regularly, renewing continuously in this period.
This means that the police have access to records of this type. Although the content of the messages is protected by encryption end-to-end, the data mentioned do not cease to be personal. If you want to, the police can, by a relatively simple process, have access to the list of all the people and companies with which a user tried to enter in contact using the application.
In response to the Intercept, Apple admitted that “in some cases, we are able to provide data from server logs that are generated when clients access certain applications on their devices.” The company reinforces, on the other hand, that “these records do not include the content of the communication, nor prove that there was indeed no communication.
nevertheless, the discovery is a negative surprise to the customers of the company that sells the maximum privacy as one of their key differentiators. During the WWDC 2016, the company talked about the “privacy differential”, the technology it uses to train neural networks without compromising the privacy of the users. Earlier rumors also suggested that it would be investing in to create their own servers by means of espionage.