Elcomsoft, a Russian digital forensics firm that produces iPhone cracking tools for governments and corporations, has claimed that iPhones send real-time call logs to Apple servers even when the iCloud backup is switched off, according to a report.
"You only need to have iCloud itself enabled" for the data to be sent, says Vladimir Katalov, CEO of Elcomsoft.
The company claims that the logs are stored for up to four months. Moreover, information relating to other features like FaceTime audio and video calls, as well as third-party VoIP apps such as WhatsApp and Viber can also be accessed as they are synced to iCloud in its latest OS, the iOS 10.
Although Apple has not commented on the specific claims, it did issue a statement saying: "We offer call history syncing as a convenience to our customers so that they can return calls from any of their devices. Apple is deeply committed to safeguarding our customers' data. That's why we give our customers the ability to keep their data private. Device data is encrypted with a user's passcode, and access to iCloud data including backups requires the user's Apple ID and password. Apple recommends all customers select strong passwords and use two-factor authentication."
In this regard, Katalov claims Apple may be open about allowing law enforcement agencies to access iCloud backups, but the company still doesn't disclose that it stores call logs when backups are not enabled. He claims the firm was able to extract information including detailed call duration going back more than four months from the iCloud backup.