A surprise turns of events, a British man blew the whistle on something from Apple’s messaging system—they have not worked to an adequate degree to make users aware that deleting messages does not erase them from their servers, and such data may well stay around for years after a user thinks that it is gone. At the very least, this revelation has exposed a hotbed of controversy related to privacy, transparency, and the responsibilities of technology companies toward their consumers.
Claim
The claimant bases the evidence of his claim on the fact that Apple does not clearly explain to users the fact that once users delete iMessages and SMS texts, someone can still recover them. Whereas most users would expect a message to be fully wiped off in the case where they click the delete button from the sender’s account, the plaintiff insists that this is not the case and that traces of such conversations may be left behind on the servers of Apple. That means, in theory, messages could be accessed not only by Apple but also by any legal entity with due authority far after they’re deleted from your device.
Technical Reality
Knowing how Apple’s messaging system works is key to understanding the validity of such claims. iMessages are proprietary to Apple, and they are reserving end-to-end encryption for the purpose of keeping conversations private. While the messages are encrypted during their transmission, they also get backed up in the iCloud if the user has turned on iCloud Backup. These backups, by default, are not end-to-end encrypted, hence giving Apple the capability to access them.
While deletion removes the message from the iPhone, it does not mean that upon such deletion, the messages are deleted in iCloud backups or Apple’s servers. Depending on each user’s synchronization settings and how often a respective user makes backups, the text messages may remain in backups for some time greater than zero. Since this opens up a window in which such text messages might still be recovered, legal and ethical implications arise.
That’s quite an extraordinary claim. Among other things, it raises questions about the extent of privacy users can actually expect over the Apple platform. Users expect some level of confidentiality with their private communications; it contradicts such an expectation if, in fact, a deleted message could be recovered.
Further, it also leads to the broader concern of transparency. Technology companies should do much more to explain how things work to us, especially their systems, particularly those that deal with user data. Users cannot really make any decisions about digital privacy if they do not know that messages they delete might still hang around.
Apple Response
To these claims, Apple has commented that it is committed to the privacy of users, stating that it uses state-of-the-art encryption to protect users’ communications, has stringent policies in place to protect user data, and gives the option to turn off iCloud Backup or use more advanced features like Messages in iCloud.
Yet, as critics indicate, all these options and their implications are not so clearly explained to the average user. Thus, the complexity of digital privacy settings may be too high for users to realize the risks and ways of protecting against those risks.
Moving Forward
It should act as an eye-opener for consumers and tech giants in the industry. To consumers, this has to work as a reminder of the importance of knowing how their data is handled and being cautious of their privacy. For the tech companies, levels of transparency and education on their data retention policies seriously need to increase.
The convenience vs. privacy debate on e-communications is something that is going to continue to rise, and the case of this British man against Apple is a lesson in the digital age: sometimes, things one deletes may not be really deleted. It therefore calls for action on both users to be informed and on firms to ensure that their handling of privacy practices is robust and clearly articulated to users.