Your iPhone is sending a history of all your calls to Apple's iCloud service, Oleg Afonin, Elcomsoft researcher has revealed today.
For some iPhone users, this wasn't a secret. Many have figured it out on their own. This is especially true for family members that share an iCloud account on different iPhones.
iPhone users say they've searched for a setting that would disable syncing call logs across different iPhones, or disable call syncing in the first place. All their efforts were in vein as Apple doesn't provide such any on/off toggle.
The only way to avoid this behavior is for users to stop sharing the same iCloud account, or not use one in the first place.
Besides call history, Apple also syncs to a user's iCloud account data such as photos, phone backups, contacts, notes, maps, calendars, browser history and more. The Elcomsoft researcher says that Apple is putting the privacy of their users in danger.
"[W]e’ve seen Apple moving more and more data into the cloud. iCloud data (backups, call logs, contacts and so on) is very loosely protected," he explains.
Afonin is probably the most authorized person to be speaking on this matter. His company makes Phone Breaker, a specialized software suite that can recover data from iCloud accounts. Many law enforcement agencies use Elcomsoft's software.
While users can opt to include call data inside phone backups, they can't disable automatic call syncing to their iCloud account, data which Apple encrypts on their servers.
The problem is that if a third-party or law enforcement has access to the user's iCloud password, Elcomsoft's Phone Breaker can recover this data, despite Apple's protection measures. An iCloud authentication token extracted from the suspect’s/victim's PC is also more than enough.
It's most likely that Apple isn't collecting this data in order to make it easier for governments to spy on users, but for QoS (Quality of Service).
Nevertheless, if Apple wants to actually provide the Q in QoS, they should provide opt-out options for each of the backed up data types. This way, users won't have to remove iCloud accounts from their phones and sync only the data they need.
Previously, Elcomsoft also discovered that Apple added a secondary password verification mechanism to iTunes backups that was 2,500 times weaker than the default one. Apple removed it in a later update this fall.