Phone users’ call history may be automatically synced to their iCloud account without their knowledge or their consent. The call history data is stored within a user’s iCloud account and can be extracted by Apple, law enforcement, or a third-party using forensic tools, along with the user’s Apple ID and password. Tim Erlin, Senior Director of IT Security and Risk Strategy commented below.
Tim Erlin, Senior Director of IT Security and Risk Strategy at Tripwire:
“If you don’t know where your data is being stored, you can’t make choices about how to protect it. The users affected by this issue have no way to tell that the call data has been synced to iCloud. There will be, no doubt, many users who continue syncing their call data unknowingly. With so many devices and applications that sync data behind the scenes, this issue isn’t limited to Apple. The problem of collecting personal data without consent, or with consent, but without knowledge, is pervasive.”