3 Ways Other Solutions Violate Apple’s ToS When Capturing iMessages

Introduction:

When looking for an iMessage capture solution, you’ll want one that also complies with Apple’s Terms of Service. But these solutions are hard to come by, which is why Apple has sold nearly $10 million worth of FirmScribe’s iMessage capture solution in the App Store – and that no other capture solution has ever been approved for sale there. Ever.

Nearly all competitors violate Apple’s Terms of Service, so it’s crucial you know what to look for to ensure you’re all-around compliant and making informed business decisions.

Competitors Cut Legal Corners

FirmScribe’s platform uses Macs to capture iMessages connected to Apple IDs, removes the messages from the Macs, and then moves them to your archive. Occasionally, people show up and try to reverse engineer either Apple’s iCloud Backup or Apple’s iMessages API, which are both violations of Apple’s Terms of Service. 

These competitor copycats look at our offering – one that’s been used to monitor over 50,000 iPhones – and think they can do the same. They then proceed to cut legal (and technical) corners to put you in violation of your agreement with Apple. 

Violation #1: Putting AppleIDs on Rented Macs

It’s clear from the iCloud Terms of Service that you can’t take an Apple ID and put it in an Apple device that isn’t owned by you, your work or your school. So, these Macs that this service is being hosted on: Who owns them? If you don’t, then the Apple IDs can’t be in them. 

Every FirmScribe copycat has tried to rent Macs and then put AppleIDs in them. Besides the aforementioned problem, there’s another big one: all Terms of Service covering Mac Operating Systems greatly limit how a rented or leased Mac, in a hosting facility, can be used. 

Violation #2: Rotating Between Macs

Another tactic copycats try is to put multiple end-user accounts into each Mac and then rotate between them to harvest data from each account. This violates two different parts of the Operating Systems Terms of Service. First, when this is done for SMB, they think they can host multiple customers on the same Mac. In addition to the ownership issue and how the Mac can be used, it cannot be rented to multiple firms at the same time or for less than 24 hours. Thus, there is no true switching between.

But even if all the users are from the same company and you own the Mac, this approach still violates the Terms because, as you automatically rotate through the accounts, you’re essentially turning the Mac into an automated “service bureau.” Using a Mac this way, even if you own it, explicitly violates Apple’s Terms of Service for all recent Mac Operating Systems. 

Violation #3: Reverse Engineering Apple’s Tech

As we’ve mentioned, setting up the accounts is just the beginning – and keeping them connected is a whole other battle. How you do that without reverse engineering Apple’s technologies (and thus violating their Terms of Service) requires just the kinds of trade secrets you develop after you pass monitoring the first 10,000 iPhones. That’s one of the reasons we’re the only company who’s made it past that critical number – and now, past 50,000.

The Right Choice is the Easy Choice

If you decide to use an iMessage capture solution that isn’t also compliant with Apple’s Terms of Service, you’ll want to talk to your attorneys about updating your InfoSec Policies so that anyone who does an InfoSec review of your organization understands your approach to risk. This may mean you also need to update investor docs and other contracts where you make representations that you don’t infringe on the IP rights of others.

Or, you can take the easy route to stay all-around-compliant and use a solution like FirmScribe to capture and archive iMessages to be FINRA and SEC-compliant and compliant with Apple’s Terms of Service.