For years, Tim Cook has been telling users that iMessage's encryption makes it impossible to wiretap — and now, the Justice Department seems to have found out the hard way that he's right. According to a New York Times report, Apple received a court order from the Justice Department this summer, demanding real-time access to a suspect's iMessage account. Apple replied that iMessage encryption made the request impossible. The company later handed over iCloud backups of the suspect's messaging history, but the request for real-time access (akin to a traditional wiretap) remained unfulfilled.
There are still a number of unanswered questions around the report. We don't know the nature of the court order or the justification for Apple's refusal, so it's difficult to assess the legality of either one. Still, federal agencies have been trying and failing to wiretap iMessage accounts for years now, so the central facts of the story are very plausible. In its most recent transparency report, Apple reported more than 250 national security requests, and said 6 percent of law enforcement requests pertained to user account data.
But while Apple says iMessage can't be wiretapped, there's reason to think the company could give feds real-time access if it wanted to. As Nicholas Weaver, a researcher at the International Computer Science Institute in Berkeley, has pointed out previously, Apple centrally manages all the keys for iMessage, and there's no cryptographical measure preventing the company from swapping out keys manually. As a result, many researchers describe iMessage as "backdoor-friendly," if not as easily wiretapped as more conventional texting channels.