According to a document obtained by the Intercept, Apple logs information about whom you’re contacting in iMessage while the app figures out if the person you are texting is also using an iOS device. If they are using iOS, the message gets encrypted and routed through iMessage, which is signaled by blue chat bubbles. If the recipient is not using an Apple device, the message gets routed as a standard text without that extra layer of encryption, and messages appear in green bubbles in the iMessage app. According to the document, which the Intercept says originated “from within the Florida Department of Law Enforcement’s Electronic Surveillance Support Team,” these logs don’t necessarily show that you messaged someone. Instead, they show when you opened up a chat window and selected the contact or entered a phone number. Apple says those logs are wiped every 30 days. But because that data exists at all, police can use court orders to force the company to hand it over. And, as the Intercept notes, in ongoing investigations it’s possible to extend court orders to get new data, which would allow law enforcement to build a record that goes beyond just 30 days. “When law enforcement presents us with a valid subpoena or court order, we provide the requested information if it is in our possession,” Apple told The Washington Post in a statement. “In some cases, we are able to provide data from server logs that are generated from customers accessing certain apps on their devices.”
Apple emphasized that because iMessages are encrypted, the company is not able to give police access to the content of conversations. Nor do the message logs “prove that any communication actually took place.” All of this seems consistent with Apple’s legal process guide, which notes that information about your contacts is among the data it may turn over to investigators when served with a court order or subpoena. Of course, metadata can still be incredibly revealing, especially when analyzed over time: Knowing whom you’re messaging (or even thinking about messaging) can reveal who’s in your social network or expose personal data. For instance, if you’re regularly sending text messages to a suicide crisis line someone reviewing your log could assume that you’re having a serious mental health crisis. That type of privacy concern is among the reasons why civil liberties advocates pushed back so hard on the now defunct National Security Agency program that allowed the government to collect bulk metadata about Americans’ phone calls, including the numbers they dialed and duration of calls.
The Intercept also raised another issue about the logs: They appear to contain IP addresses, which can be used to determine a user’s general location. Revealing that information, the Intercept argues, seems to run counter to a statement Apple made in the wake of Edward Snowden’s revelations about the extent of the NSA’s spying powers. “[W]e do not store data related to customers’ location, Map searches or Siri requests in any identifiable form,” Apple said in the June 2013 statement. But it’s worth noting that the geolocation information that can be determined by IP addresses is typically less specific than what you’d get from GPS data or from looking up a specific address. And Apple’s legal process guide also notes that IP addresses are among the information that police can request with a court order or subpoena.