If you have an iPhone, and your friends mostly have iPhones, you probably use Apple’s Messages app to communicate with them. That’s the nature of things. And aside from the platform’s convenience and ubiquity, one of the iMessage platform’s selling points is that its end-to-end encryption should theoretically ensure that only you and those you text can read your conversations. However, that might not be the case: Apple can likely access the messages for many, many iMessage users, even with end-to-end encryption in place.
By default, iMessage is protected from Apple’s eyes
As designed by Apple, iMessage’s encryption works in such a way that messages sent from your Apple device to another Apple device are only viewable by the parties involved. The iMessage files themselves are scrambled in transit, so that if someone were to theoretically access them without opening them on your trusted device, they’d see a jumble of data in lieu of the content of the message. Your Apple device acts as the “key” to unscramble that data; without that key, the data remains locked in an encrypted state.
In its basic form, this end-to-end encryption works as expected. Only your connected devices and the Apple devices that receive your messages have the keys to unlock and read said messages. Apple cannot read your messages without access to your unlocked device, nor can law enforcement or any other third party. Note that only iMessages are encrypted; SMS texts (which show up as green bubbles in Messages instead of the standard blue) are not encrypted.
How you back up your messages matters
So yes, your texts are encrypted as sent and received. But few of us delete every text as it comes in; we keep them around in case we want to revisit them later, which means we need to back them up somehow. And as it turns out, how you back up your messages might mean the difference between having an truly secure iMessage history, and giving Apple the key to unlock all your conversations.
First, let’s talk about Messages in iCloud. This service backs up your messages to your iCloud account, and keeps them synced across all your connected Apple devices. It’s a convenient way to start a conversation on your iPhone and continue it on your Mac or iPad, and doubles as a reliable backup method.
Next, there’s iCloud Backup, Apple’s service for backing up the contents of your iPhone. An iCloud Backup can store many different things, from app data, to device settings, to Home screen settings, to photos and videos, and, yes, messages. The two features aren’t mutually exclusive; you can have Messages in iCloud enabled alongside an iCloud Backup. When you do, however, Apple stores your Messages history separately from your device’s iCloud Backup.
iCloud Backup is not a secure method for saving your messages
Here’s the tricky thing; Messages in iCloud is end-to-end encrypted, just as you’d expect—that’s why there’s no way to access your messages on the web, such as by logging in to icloud.com. There’s one big problem, though: your iCloud Backup isn’t end-to-end encrypted—and Apple stores the key to unlock your encrypted messages within that backup.
Apple does this to provide a backup to your backup—if you forget your Apple ID password or your device’s unlock passcode, Apple doesn’t want you to lose your data forever, and that’s what would happen if iCloud backups, and the data inside, were end-to-end encrypted. Apple’s iCloud Data Recovery Service is able to retrieve any data backed up to iCloud that is not encrypted, which is most of your data. Many people are likely relieved when Apple “saves” their messages in this situation. Those of us who are privacy-conscious, however, are more likely unsettled.
It’s not just your messages; besides Keychain, Screen Time, and Health data, Apple has the key to decrypt all of your iCloud data. Now, there’s no evidence that Apple is or has ever decrypted users’ messages and data using the keys they have stored in iCloud, but that’s not the point. The point is the company could do so if it wanted to, or, more likely, if it were forced share that key and the associated data with law enforcement. If there were ever a significant iCloud data breach, hackers could also gain access to your data in this way. It’s not a truly secure solution to the backup problem, but it’s easy to confuse people into thinking it is (before researching this piece, I certainly thought it was).
How to prevent Apple from reading your messages
Luckily, there’s a relatively easy fix for this issue: Don’t use iCloud Backup to store old texts. Apple’s backup service is where it stores the key to unlock your messages, as well as the rest of your unencrypted data, so if you don’t have any data locked up, it can’t be accessed. That doesn’t mean you can’t back up your messages. Remember, Messages in iCloud is end-to-end encrypted, which means that even though you’re keeping those messages in the cloud, Apple doesn’t have the key to decrypt them.
You can turn off iCloud Backup in Settings > Apple ID > iCloud > iCloud Backup. Make sure the toggle next to iCloud Backup is gray. When you disable iCloud Backup, your last backup will remain in the cloud for 180 days. That means you need to wait half a year until you can be assured Apple no longer has the key to your messages on its servers. The good news, however, is that once iCloud Backup is disabled, a new key is generated for future messages; from here on out, your new messages are protected.
If you want to use the secure Messages in iCloud feature to backup and sync your conversations, you can check its status from the iCloud settings page; the toggle next to Messages should be green. If you want an alternative backup solution, try backing up your iPhone to your computer via Finder (macOS Catalina or later) or iTunes (Windows or macOS Mojave or earlier). Apple has an easy-to-follow walkthrough if you’ve never done it before. You can even encrypt these backups, ensuring that the entire contents of your iPhone are protected by anyone who might have access to your laptop.
You’re never fully protected using iMessage
You can take the steps above to ensure that the messages on your end are end-to-end encrypted, but you can’t control the actions of everyone you text. There’s no way to know for sure whether someone else has iCloud Backups enabled; if they do, that would give Apple the key to all the messages you sent that person. Of course, even if you know the messages themselves never leave the devices of the people involved in the conversation (such as with an app like Signal), nothing stops other people from taking photos of your conversations or handing their device over to another party.
All you can do is your best with the data that you can control, and encourage those around you to employ good cybersecurity and privacy practices.