A new report from Elcomsoft, a company that develops iPhone cracking tools, reveals that Apple is storing user’s iPhone call log histories in iCloud, according to Forbes. According to Elcomsoft’s CEO Vladimir Katalov, the call logs are stored separately from iCloud Backups, and cannot be disabled without switching iCloud Drive off entirely. Katalov also explains that the scope of logging has increased with iOS 10’s new CallKit support, logging not only calls made within the Phone app, but also calls made with third-party apps such as Skype that are CallKit-compatible — an understandable scenario considering iOS 10 CallKit apps log their call history in the Phone app’s Recent Call list alongside traditional phone calls. Katalov goes on to note that this data is stored in “almost real-time” and that it could be valuable to law enforcement looking to gain access to a user’s iPhone data, and also claims that Apple hasn’t properly disclosed just what data is being stored in iCloud in this case.
While the call log data being maintained in iCloud may be cause for some concern, Jonathan Zdziarski, an iOS forensics expected that Forbes spoke with, suggested a less sinister reason may be at work, noting that it’s likely a design oversight on Apple’s part. Zdziarski suggests that the call logs may simply sync via iCloud to support Apple’s Handoff feature, which allows users to answer incoming calls from multiple devices that share the same iCloud account. “They need to be able to sync a lot of that call data,” Zdziarski explained, going on to state that a software engineer may have simply “decided to just go and stick that data in your iCloud Drive” and that it “wasn’t very well thought out.” Zdziarski goes on to state that this should be another incentive for Apple to go “all-in” on setting up proper end-to-end encryption of data stored in iCloud, in such a way that private user data could only be accessed by the end users and not Apple.