Russian digital forensics Elcomsoft says iPhones send near real-time logs to Apple servers even when iCloud backup is switched off
. The firm adds that these logs are stored for up to four months. From a report on the Intercept:"You only need to have iCloud itself enabled" for the data to be sent, said Vladimir Katalov, CEO of Elcomsoft. The logs surreptitiously uploaded to Apple contain a list of all calls made and received on an iOS device, complete with phone numbers, dates and times, and duration. They also include missed and bypassed calls. Elcomsoft said Apple retains the data in a user's iCloud account for up to four months, providing a boon to law enforcement who may not be able to obtain the data either from the user's carrier, who may retain the data for only a short period, or from the user's device, if it's encrypted with an unbreakable passcode. "Absolutely this is an advantage [for law enforcement]," Robert Osgood, a former FBI supervisory agent who now directs a graduate program in computer forensics at George Mason University, said of Apple's call-history uploads. "Four months is a long time [to retain call logs]. It's generally 30 or 60 days for telecom providers, because they don't want to keep more [records] than they absolutely have to. So if Apple is holding data for four months, that could be a very interesting data repository and they may have data that the telecom provider might not."