Apple's iMessage is often cited as a strong privacy choice, and for good reason. The encryption is real: messages are encrypted end-to-end using keys that Apple's servers don't hold. Intercepting iMessages in transit gets you ciphertext. Apple cannot, in the ordinary course of business, read what you send.
But "encrypted in transit" and "encrypted at rest" are different guarantees — and for years, iCloud backups provided neither. Understanding this gap is important for anyone relying on iMessage for genuinely sensitive communication.
What iCloud Backup Actually Contains
When your iPhone backs up to iCloud using standard iCloud Backup, the backup includes your messages — your entire Messages.app database, including iMessages. That backup is encrypted, but until December 2022, the encryption key was held by Apple. This meant:
- Apple could decrypt your backup and read your messages
- A government with a valid legal process could compel Apple to do so
- A data breach at Apple could expose your message history
This wasn't a secret. Apple disclosed it in their law enforcement guidelines. The FBI specifically lobbied Apple to not implement end-to-end encrypted backups precisely because law enforcement relied on iCloud backup access to investigate cases where they couldn't break iMessage encryption directly.
The gap between "end-to-end encrypted messages" and "end-to-end encrypted backups of those messages" is exactly where law enforcement and intelligence agencies have historically operated.
The result was a peculiar situation: your messages were protected against interception in transit by strong encryption, but that protection was voided the moment your phone backed up to iCloud. Investigators didn't need to break iMessage. They just needed an iCloud backup warrant — which are routine.
Advanced Data Protection Changes This — But Isn't Default
In December 2022, Apple introduced Advanced Data Protection (ADP) for iCloud. When enabled, iCloud backups — including Messages — are end-to-end encrypted using keys held only on your trusted devices. Apple cannot decrypt them. A backup warrant returns unusable ciphertext.
This is a meaningful improvement and deserves credit. The implementation is technically sound.
The problem: ADP is not on by default. You have to find it in Settings, understand what it is, and opt in. The path on current iOS is: Settings → [Your Name] → iCloud → Advanced Data Protection → Turn On Advanced Data Protection.
Advanced Data Protection also means Apple cannot help you recover your data if you lose access to all your trusted devices and your recovery contact or key. The protection is real; so is the recovery risk. Keep a recovery key stored somewhere offline.
Adoption of ADP is low. Apple doesn't publish the numbers, but security researchers estimate the vast majority of iCloud users — even privacy-conscious ones — are not using it. The default behavior, which most people never change, still routes backup data through Apple in a form Apple holds the keys to.
Messages in iCloud vs iCloud Backup
There's a related feature worth understanding: Messages in iCloud. This is separate from iCloud Backup and is intended to sync your messages across your Apple devices. When enabled, your full message history lives on iCloud, accessible from any signed-in device.
With ADP enabled, Messages in iCloud is also end-to-end encrypted — Apple cannot read it. Without ADP, Apple holds the encryption key. The same logic applies as with backups.
If you have both iCloud Backup and Messages in iCloud enabled but not ADP, your entire message history is accessible to Apple in two different ways simultaneously.
The Green Bubble Problem
iMessage encryption applies only to messages between Apple devices, identified by the blue bubble in the Messages app. When you send a text to an Android user — a green bubble — the message goes over SMS or MMS. These protocols have no end-to-end encryption. The message travels in plaintext through your carrier's infrastructure, through the recipient's carrier, and can be intercepted at multiple points.
This is a larger attack surface than most iPhone users realize. In any group conversation that includes Android users, all messages in that thread are SMS-routed and unencrypted. The iMessage security model collapses the moment the group is mixed.
Apple's implementation of RCS in recent iOS versions supports encryption between Apple and Google Messages — but only in specific conditions and with inconsistent carrier support. It is not yet reliable for cross-platform encrypted messaging.
What You Should Actually Do
If you're an iPhone user who cares about message privacy, here's a pragmatic response:
- Enable Advanced Data Protection. Settings → [Your Name] → iCloud → Advanced Data Protection. Set a recovery key and store it offline. This is the highest-impact single change you can make.
- Audit who's in your group chats. Any group thread with Android users is unencrypted. If the conversation is sensitive, move it to Signal or Haven — both work cross-platform without SMS fallback.
- Consider what "sensitive" means for your situation. For most people, most of the time, iMessage with ADP enabled is fine. The threat model matters. If your concern is a carrier, advertiser, or curious employer — iMessage is adequate. If your concern is government legal process — ADP helps, but cross-platform app communication removes the Apple-specific risk entirely.
- For email, iMessage's protections don't apply at all. Apple Mail connected to a Gmail or non-encrypted account has no message-level encryption. Switching to an encrypted email provider is a separate but adjacent problem.
The Broader Pattern
The iCloud backup gap is a specific instance of a general problem: end-to-end encryption protects messages in transit, but backup systems and sync features often undo that protection unless explicitly designed otherwise. The same issue exists with WhatsApp's Google Drive backups (though WhatsApp now supports E2EE backups by default), and with any messaging app that syncs to a cloud service without per-user encryption keys.
The principle to carry forward: for any app that claims E2EE, ask what happens to your messages at rest, specifically in backups and sync. "Encrypted in transit" is necessary but not sufficient. The full protection requires that the keys reside only with you — and that backup systems respect that constraint.
Apple's ADP gets this right. The problem is that it requires a deliberate opt-in that most users never make.