I recently bought my first Apple Airtag which I attached to my keys. Tonight my phone told me that I had left my airtag/keys in my car a few minites ago! I rushed out and grabbed my keys and all is well but it got my me wondering: if some bad person (with an iPhone) had noticed my keys in my car first and decided to steal the car, would Apple (if subpoenaed) be able to tell me whose phone appears to have driven away with my car/airtag?
Context for anyone unfamiliar: AirTags (similar to ‘tile’ lost item trackers) are a new gadget that allow you to locate lost items usi mg your phone and a variety of radio technologies. What’s special about Apple’s version is that they don’t just rely on the device communicating with your phone, but rather, have a system whereby anyone’s iPhone that gets near the airtag will send a signal back to apple to tell you where your missing thing is located.
The question is however whether the iPhone that conveys the data can be identified. That is an interesting question. The payload may be encrypted, but depending upon the protocol there might be enough residual information in the transport to allow identification of the originating iPhone. One would assume the notifications come down a simple IP based channel, so the originating IP address would still be there. That is not a permanent associating with the phone, and would need cooperation of the carrier where the phone was to recover the binding. That is even if Apple was to record the originating address. I doubt that they would carry the IEMI number or other unique information in the message. That would be stripped out long before it got to Apple.
But there is a difference between “probably not” and “can’t”. One would need to be more familiar with the entire protocol than I am. But I do doubt it.
Well, the question was whether the iPhone that conveys the data can be identified by Apple. Apple says the whole Find My network is both encrypted and anonymous and that they don’t even know the identity of the device that helps find the AirTag, which in this case would be the thief’s iPhone. If Apple is being truthful, that answers the question. Anything to do with the carrier (IP addresses and whatnot) is another question.