U.S. government can't intercept iMessage, but it can still serve Apple a search warrant

U.S. government can't intercept iMessage, but it can still serve Apple a search warrant

Summary: One U.S. law enforcement agency is struggling to snoop on messages sent by Apple devices, claiming they "cannot be intercepted." But lack of transparency on Apple's part may mean the technology giant is facing an influx of search warrants — and yet we don't know about it.

SHARE:

The U.S. government is struggling to crack into Apple's encrypted messaging system for domestic lawful wiretapping, according to an internal U.S. Drug Enforcement Agency (DEA) document.

Because Apple stores data sent over iMessage and runs the service and encryption in-house, the iPhone and iPad maker is still open to being served a subpoena or a court-ordered search warrant.

As a result, Apple is also lagging behind other companies on transparency by not disclosing how many government requests have been made.

deaintelligencenote 2
An internal unclassified intelligence note by the U.S. Drug Enforcement Administration (Credit: CNET)

CNET first reported that the DEA was unable to eavesdrop on suspects' text-based communiques because the use of Apple's encryption makes it "impossible to intercept iMessages between two Apple devices" — even with a federal judge signed court order approving the intercept.

According to our sister site, the case centers around a recent criminal investigation in February, in which the FBI director Robery Mueller described it as the "Going Dark" problem — the difficulties law enforcement and intelligence agencies face when attempting to lawfully intercept and acquire citizen data.

While Title III of the Federal Wiretap Act allows real-time surveillance of a device or computer, the DEA discovered in the February case that some of the records obtained from Verizon — the carrier of the suspect's device — were incomplete because they were sent through iMessage.

But if the U.S. government cannot legally intercept messages sent by Apple's smartphones and tablets — the only other route is to serve a subpoena to the Cupertino, Calif.-based technology giant or through a court-ordered search warrant forcing the handover of data to authorities.

Does Apple store your communications?

Unlike the EU, which has mandatory data retention laws to assist in law enforcement investigations, the U.S. does not. Most data protection laws compel companies to hold onto customer and user data for a set amount of time before anonymizing it or destroying it.

The U.S. has no such comparable laws to the EU's strong data and privacy rules.

The Electronic Frontier Foundation (EFF) opposes mandatory data retention rules, saying that such a law in the U.S. would "compel ISPs and telcos to create large databases of information about who communicates with whom via Internet or phone, the duration of the exchange, and the users' location."

Some companies do store customer data for a number of weeks or months, or even longer, in order to make their services run more effectively, or indeed at all. 

Looking through Apple's service level agreement — the terms that you agree to abide by when using the service — Apple states clearly [PDF]:

To facilitate delivery of your iMessages and to enable you to maintain conversations across your devices, Apple may hold your iMessages in encrypted form for a limited period of time.

This may not be news to some, as when you sign in to iMessage on your Mac or any other device, your messages suddenly arrive after a period of inactivity or device downtime. Apple may store your communications in an encrypted form, but the company does not disclose how long for.

This means Apple might be forced to hand over your messages to law enforcement if required to do so by law, but they would be in an encrypted format.

Apple's encryption? Nobody knows 

Apple said when it launched iMessage in 2011 that it used "secure end-to-end" encryption, but some were skeptical at the thought, considering BlackBerry had the monopoly over secure end-to-end device encryption at the time and was favorited by governments and enterprises alike.

Read this

Apple's domino effect: How iOS 7 should kickstart launch season

Apple's domino effect: How iOS 7 should kickstart launch season

The company is closing in on its typical (and some promised) launch deadlines but remains quiet on announcing anything, giving developers and enterprises little time to prepare.

Since then, Apple chief executive Tim Cook said that 300 billion messages have been sent through iMessage since it first launched. That's 300 billion that U.S. authorities likely cannot access due to the level of encryption used by Apple's back-end service.

According to CNET, in speaking to Christopher Soghoian, a senior policy analyst at the American Civil Liberties Union (ACLU): "Apple's service is not designed to be government-proof." 

Little is known about Apple's iMessage service, such as if it uses the same encryption key on all devices like BlackBerry, or if it uses a system similar to that of BlackBerry's enterprise email.

BlackBerry Messenger, the closest rival to iMessage at the time, used one encryption key for all devices, making it easy for law enforcement and intelligence agencies to tap into such instant messages when necessary. BlackBerry enterprise email, however, pushes a unique secure encryption key on each device, meaning if one key is cracked, others remain secure.

To appease Indian authorities, BlackBerry opened a Mumbai data center that would allow the government to instantly tap into communications sent across the BlackBerry Messenger system. 

Apple doesn't have a BlackBerry-like enterprise email setup — in which it would be able to wash its hands of law enforcement requests for enterprise email requests because it simply doesn't have a universal, skeleton encryption key. According to Quora, packet tracing suggests iMessages are in fact sent through Apple's servers rather than peer-to-peer system (or rather, device-to-device).

Because of Apple's centralized infrastructure, and its tight control of the ecosystem, it's more than likely that Apple directly owns the encryption keys to its iMessage service and can therefore not only decrypt customer and user data if asked or forced to, but also hand it over to authorities if ordered to by a judge. 

The bottom line

Even if each Apple device, from Mac to iPhone, iPad and iPod touch, all contain unique encryption keys, Apple still holds the servers under its control, unlike BlackBerry which only controls its consumer-facing BlackBerry Messenger system.

With this, Apple can be served a federal prosecutor signed subpoena requesting limited amounts of data, or a court ordered search warrant forcing Apple to disclose contents of data — and there's little it can do about it, except challenge it in court.

Because Apple is highly secretive, and despite the kudos that it would receive from privacy circles in "doing a Twitter" and challenging the order, it would still be a negative public relations hit from the public. In cases like this, it's more likely that Apple would keep quiet and be submissive than fight something openly in court and reveal the truth that federal authorities are requesting data from the company.

And because Apple doesn't have a transparency report — like Google, or Microsoft, which recently announced its first report — we have no idea how many requests U.S. and foreign law enforcement and intelligence agencies are making requests to the technology giant.

Just because the police and the government can't intercept your communications, it doesn't mean they can't just go right to the very source.

We asked Apple to comment, but didn't receive a reply at the time of writing. CNET received a denial for comment by Apple when it asked.

Topics: Security, Apple, Government US, iOS, iPhone, iPad, Networking, Privacy

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

23 comments
Log in or register to join the discussion
  • That would likely be Unconstitutional ...

    If the government wanted to pass a law requiring data retention, people could counter that the government was circumventing the 4th Amendment right to be free from testifying against ourselves via the requirement for service providers to seize information on their behalf. If there is not warrant, you cannot compel the information be made available for the prospect of a future warrant. Any legislation to that effect is a violation, even if their logic implies that a law requiring data retention against their will is not unlawful seizure, with the service provider acting as an agent on their behalf.
    Vapur9
    • Well there's your answer then

      Even I learned something today. 4th/5th Amendment rules out data retention laws in the U.S. -- at least until proven that it's not unconstitutional. Still, my overall point stands. Thanks for the comment!
      zwhittaker
    • I beg to differ.

      Data retention can be legal, but only as long as the retained data is handed over to law enforcement with the proper procedure and warrants. Nothing in the Constitution prevents a private corporation from holding onto your data, but the 4th and 5th prevent the Government from just taking the data whenever they feel like it.

      Unfortunately for us, wiretapping is Constitutional, provided that the "authorities" follow procedure. While Apple devices are immune for device-to-device communication at this time, it's only a matter of time before a bill blows through the House and Senate before meeting Mr. Obama's AutoPen to require Apple (and for that matter, any other company doing business in the United States that has an encrypted messaging system for public or private use) in the name of counter-terrorism.
      Champ_Kind
      • You miss the point..

        if the company retains data for it's, or your, purposes, that is fine. if a law is attempted to force retention solely for it to be available IN CASE the gov't should ever want it, that would be acting as an agent before the fact, and that would fly in the face of the aforementioned amendments to the constitution.
        Putertechn
    • flawed reasoning

      This reasoning does not fly......... The court system does not support it. As a user you know this information is retained and available. You put it out there, and that makes it "evidence". It's no longer the contents of your mind. You can be forced to turn over the password to an encrypted hard drive of be imprisoned for contempt of court. The same argument was made (self incrimination) against this and failed. You can even be charged with "obstruction of justice" for wiping your finger prints off of the murder weapon, or intentionally erasing beyond recovery a hard drive with "evidence" on it. If you want encrypted communications, you'd better encrypt them yourself and pretend to have forgotten the key!!
      **owly**
      • And if they get to the drive after I have reformatted it after wiping it

        How would you know it contained evidence? Your belief that it ever contained your evidence is not in and of itself evidence, and anything you may have been told that says it contained evidence is hearsay without physical evidence to support it.. so how can you charge someone for obstructing justice when you only believe a device had evidence? Even if you had violated my rights and seen the evidence, that is inadmissable as fruit of the poisonous tree since you did not at the time have a warrant.
        It could give you a headache just thinking of the permuations.. so leave it to the lawyers.. they get paid to have the headaches, and rightfully deserved.
        Putertechn
  • Or 5th

    ...
    Vapur9
  • Big deal

    "Tim Cook said that 300 billion messages have been sent through iMessage" -- LOL 99% of these are about cat videos and where's the party and lulz and can haz.
    Brad Bloch
    • I admit it...

      ... all I ever use iPhone to iPad/iPod Touch/Mac messaging for is to get the cat pics off of my phone and onto the devices and computers friends of mine own. You caught me.
      Champ_Kind
    • You're mind is mixed up.

      You, me and everyone know that Android is for clueless teenagers that parents wanted to get precious a smartphone but didn't want to spend much money, so one of the many free Android phones is what precious got to send her cat or Justin Bieber videos on.
      Not sure what world you live in, but on earth, other than a few people playing with electronics in their basement, NObody takes Android serious anymore, that's just common sense these days.
      mikeserena
  • Messages

    Of course zed missed the fact bad/good guys can setup their OWN messages OS X server or rent one. Bad guys will leave "Archive messages on server".
    tony Loro
  • iMessage very secure...

    Now how can this be spinned negatively...
    rfoto
    • Now how can this be spinned negatively...

      iMessage very secure...
      Now how can this be spinned negatively...

      Zack Whittaker did a masterful job of turning an Apple positive into a negative. There's hardly a positive word in the whole article. By the time I got to the end of the article, I was sure a FBI swat team would be busting through my door any minute. The bosses at Microsoft ZDNet/CNet should give him a raise.
      zato_3@...
      • If the Feds find something...

        in your easily decrypted messages, they have a a warrant to bust your door down after the fact. Not that I have anything to hide I still appreciate extra effort to keep needless wiretapping of conversations between friends, family and myself. It's a shame too many people feel the government or anyone should have access to anyones information outside of their own interests.
        partman1969@...
  • Uh... Government can't read my iMessages...

    sounds great to me! :BigThumbsUp:
    RollTide1017
  • CISPA

    Anyone find this a convenient leak? CISPA being revisited, part of the legislation was to require software vendors to backdoor their platforms? iOS being a high profile platform that DEA can use? Anyone smell something odd? For more serious operations, iPhones are too expensive -> dealers use burner phones.
    n0mad3
    • OR...

      ... dealers pick up stolen iPhones from "clients", activate them and run with them for a month or two, then sell the phone for a couple hundred dollars and move on, leaving some poor sucker with a traced phone by it's serial number.
      Champ_Kind
  • Wickr

    Wickr is much better than iMessage or Blackberry. Currently it's only available for iOS but Android is being worked on. mywickr(dot)com.
    MajorlyCool
  • And this is a BAD thing?

    Did you seriously just point out Apple's high-quality, encrypted messaging system as "lacking transparency"??

    As soon as the federal government is 100% transparent, since they ARE funded through the theft of our wealth, you can talk about Apple, which is funded through voluntary, mutually-beneficial trade.
    MC1171611
  • @Zack Whitakker...

    I love how you named the FBI director "Robery Mueller'. Is that a mistake or a pun on his position. Some people think about the FBI in even lower tones.
    Jackie-Smith