Unclassified FBI Document: Ability to legally access Secure Messaging App Content and Metadata (January 2021)

bbbhltz@beehaw.org to Technology@beehaw.org – 459 points –

An official FBI document dated January 2021, obtained by the American association "Property of People" through the Freedom of Information Act.

This document summarizes the possibilities for legal access to data from nine instant messaging services: iMessage, Line, Signal, Telegram, Threema, Viber, WeChat, WhatsApp and Wickr. For each software, different judicial methods are explored, such as subpoena, search warrant, active collection of communications metadata ("Pen Register") or connection data retention law ("18 USC§2703"). Here, in essence, is the information the FBI says it can retrieve:

  • Apple iMessage: basic subscriber data; in the case of an iPhone user, investigators may be able to get their hands on message content if the user uses iCloud to synchronize iMessage messages or to back up data on their phone.

  • Line: account data (image, username, e-mail address, phone number, Line ID, creation date, usage data, etc.); if the user has not activated end-to-end encryption, investigators can retrieve the texts of exchanges over a seven-day period, but not other data (audio, video, images, location).

  • Signal: date and time of account creation and date of last connection.

  • Telegram: IP address and phone number for investigations into confirmed terrorists, otherwise nothing.

  • Threema: cryptographic fingerprint of phone number and e-mail address, push service tokens if used, public key, account creation date, last connection date.

  • Viber: account data and IP address used to create the account; investigators can also access message history (date, time, source, destination).

  • WeChat: basic data such as name, phone number, e-mail and IP address, but only for non-Chinese users.

  • WhatsApp: the targeted person's basic data, address book and contacts who have the targeted person in their address book; it is possible to collect message metadata in real time ("Pen Register"); message content can be retrieved via iCloud backups.

  • Wickr: Date and time of account creation, types of terminal on which the application is installed, date of last connection, number of messages exchanged, external identifiers associated with the account (e-mail addresses, telephone numbers), avatar image, data linked to adding or deleting.

TL;DR Signal is the messaging system that provides the least information to investigators.

176

You are viewing a single comment
View all comments

iMessage is now fully secure like Signal and Telegram, if you’ve enabled advanced data protection in your Apple ID. This also protects your photos and other personal information from snooping and data breaches. Apple users should turn on this great feature in Settings -> iCloud.

Even if you turn that on, they're still scanning your content for, supposedly, child porn.

I very seriously doubt the their scanning is actually limited to child porn. And even if it is, if you take nude selfies and some AI thinks you look like a child, then some Apple employee will have to look at them to confirm…

They cancelled CSAM scanning as of last year. It never actually rolled out, due to backlash.

https://www.wired.com/story/apple-photo-scanning-csam-communication-safety-messages/

I thought they just recently started doing it on your personal device?

No, they recieved such massive backlash for it, that they changed what they were doing.

https://www.wired.com/story/apple-communication-safety-nude-detection/

They are no longer referencing a CSAM database to scan your images against, in the Cloud, or on your phone. They do however scan for nudity, if you have enabled the feature, and it only gives a warning that there might be nudity.

If you and your correspondant has — it takes two to secure a messaging session

Thank you very much for that, I had heard about that setting before but forgot to do it. Enabled now.

Thanks for posting this. I thought I had it on, but guess it never was. Glad I checked.