Apple's iMessage system leaves one bit of data open to authorities

OK, so maybe there's one little bit of the iMessage system that's not under lock and key.

Apple iMessages are encrypted end-to-end. That means the messages you send on the platform can only be read by you and their recipient. Apple can't read them and because it does not have the encryption key. It can't decrypt them, even if the authorities request it. 

However, before a text message is delivered on the encrypted iMessage network, in fact, when you enter the contact number, according to a report in The Intercept, there's a check that happens in the Apple Message app. It determines whether the message will be delivered via SMS or through iMessage. Sometimes that check gets logged and, yes, stored with Apple.

Apple did not deny that the contact logs exists, telling The Intercept that it keeps them for a maximum of 30 days.

The logs, or so-called-Pen Registers, are not uncommon on smartphones. They simply record, among other things, phone numbers contacted by a specific phone.

According to the Department of Justice [PDF], the FBI has used these records in law enforcement operations since the late 1990s. 

The existence of these contact logs came to light after The Intercept received a classified document from the Florida Department of Law Enforcement’s Electronic Surveillance Support Team. It outlined the kinds of data the department might receive if it served Apple with what's known as a Pen Register/Trip and Trace request.

The good news is that what's being said between two iMessage communicators is still a black hole for authorities. What might make people a little uncomfortable is that, if the authorities request it, they may be able to learn who you've been in contact with. 

Apple confirmed the story and sent this statement to Mashable:

The language here indicates that the collection of these contact logs may not be entirely consistent. It says the logs are generated when accessing "certain applications." It's also worth noting that the existence of a log entry does not, in Apple's view, mean that communication actually occurred.

While there are other end-to-end encrypted messaging apps on the iPhone, like WhatsApp, these logs are primarily gathered for iMessage contacts. Even so, Mashable has contacted WhatsApp for to find out if any portion of its contact entry is logged.

While the existence of this log is a bit of information Apple did not share with us when Mashable spoke to them about privacy and security last April, what Apple is doing is not uncommon among smartphone manufacturers. 

To be fair, impenetrable privacy is an illusion anyway. Most iPhone users have had the experience of slipping in and out of iMessage threads. Sometimes we see the blue bubble of iMessage and, at other times, we're in the unencrypted, green bubble world of SMS text messaging (that's usually when we're texting our Android-smartphone carrying friends).

The point is, we are all leaving a trail of information across all of our digital devices and on various servers around the world. It will likely be sometime before everything, everywhere is encrypted and beyond the reach of authorities.

If, of course, that's what we really want.