iMessage is an instant messaging service from Apple.
First introduced in WWDC 2011 keynote on June 6, 2011, it's an exclusive feature for Apple products.
At its core, it does the same thing as other messaging apps, as it's meant to send text messages, images, videos and documents.
On the privacy side, iMessage runs end-to-end encryption, meaning that on one, even Apple itself, can read, intercept or tamper with sent messages.
This is a good thing, considering that people can talk about just anything with others through messaging apps, and end-to-end encryption ensures users that no one in this world can read their messages instead of the sender and the recipient.
However, there is one big privacy hole in iMessage, and there is nothing Apple can do to patch it.
And that hole, is iMessage's integration with its iCloud cloud storage.
Apple’s iMessage for iPhone, iPad, and Mac always uses end-to-end encryption. What this means, only the sender and recipient of the messages can see their contents.
Apple itself, even it it wanted to, cannot read or intercept the data.
However, if users have the iCloud Backups enabled for iMessage, Apple will send user messages to the cloud.
When this happens, Apple receives a copy of the encryption key that is used to encrypt the data.
Apple does this for several reasons.
First, this provides more protection for average people who lose their passwords.
If users lose their Apple ID password and go through Apple’s password recovery process, they can regain access to all of their data, including their iMessage backups. If Apple uses end-to-end encryption to its iCloud backups, Apple can still give users access to their account. But if they lost their password, Apple cannot give them access to those backups again because Apple cannot access it.
To implement an account recovery process that doesn’t lose data, Apple must first have the key that unlocks those backups.
It's obvious because Apple certainly doesn't want to deal with a bunch of angry Apple customers that can never access their data because they forgot their password.
Second, if a user switches phone, or wants to download or access their iMessage files through different platforms, this iCloud integration also comes in handy.
But as a result, Apple that holds the decryption key could access the content of users iMessage backups. And if Apple's servers were compromised, or someone unauthorized gain access to users iCloud account, they too could see the content of the messages.
What this means, if government asks for Apple tp hand over users data, Apple that has no choice but to comply, can also allow the government to read users' messages.
But again, all the above is possible only if the data is stored on iCloud's servers, and not on users' phones.
Apple has made all of this clear in its iMessage and FaceTime & Privacy.
There is also another reason why Apple doesn’t at least offer end-to-end encryption as an option for backups.
According to a report from Reuters back in January 2020, Apple had a plan to offer end-to-end encryption for iCloud backups. However, the company dropped the plan to let its users fully encrypt backups after the FBI complained that this would make it more difficult for law enforcement to get iPhone users’ data.
But then of course, iMessage in more secure than traditional text messages. It's also a powerful alternative to others in the competition that also uses end-to-end encryption, like Facebook's WhatsApp, Telegram and Signal.
For users who are concerned with this iMessage privacy hole, if they don't want to send Apple any of their data without the end-to-end encryption, they can stop Apple from doing this by disabling the iCloud backup for their Messages app.
All they have to do, is go to their iCloud Settings, and Disable the "Messages" option to stop Apple storing uploading iMessage messages and history to iCloud.
In Mac computers, they can open the Messages app tp open Preferences, click on the "iMessage" to uncheck the “Enable Messages in iCloud” checkbox.
It should be noted through, that iMessage is not the only app on users' phone that can store its data to iCloud. Some end-to-end encrypted messaging apps that don't want to give Apple the decryption key to users' messages get around this concern by just not backing any of users' messages to iCloud.
As a a result, switching phone is simply moving messages and not syncing them. And if a phone is wiped or lost, the messages are gone forever.