CALIFORNIA: Even as Apple continues its high-profile campaign of resistance to the FBI’s attempts to hack into one of its iPhones, the release Tuesday of the company’s biannual transparency report shows law enforcement agencies in the second half of 2015 quietly made 4,000 requests for user data from more than 16,000 devices and that Apple in most cases obliged them
Apple said it gave up “some data” in 80 percent of the requests made in the second half of 2015, just a tad shy of the 81 percent in the first half of the year. Apple says these requests typically seek information about a user’s iTunes or iCloud account, and each requires a search warrant. “Only a small fraction of requests from law enforcement,” the company said on its website, “seek content such as email, photos, and other content stored on users’ iCloud accounts.” Apple said it provided data for 82 percent of those requests.
Without going into detail, the company says law enforcement agencies seek “information in regard to an Apple ID account and/or related Apple services or transactions,” presumably referring to personal information, such as addresses and phone numbers and, in a small number of cases, emails and photos stored on a user’s iCloud account. That information could then be used to help investigators prevent planned crimes from taking place or, after the fact, assembling a criminal case against someone.
Privacy advocates are alarmed by the growing number of these personal-data requests. Alan Butler, senior counsel for the Electronic Privacy Information Center, said “the growth over time in these requests is a real concern for us.
“It highlights once again the transition we’re seeing from an old system, where law enforcement had to do a lot more work getting physical records or wiretaps, to now with these digital requests,” he said. “The barrier and cost for getting this data is much lower because law enforcement can send out these requests routinely, so the amount of data being accessed by government is growing and growing.”
The company insists it respects its customers’ privacy.
“Apple takes our commitment to protecting your data very seriously and we work incredibly hard to deliver the most secure hardware, software and services available,” according to its website. “We also believe every customer has a right to understand how their personal information is handled. For government information requests, we report as much detail as we are legally allowed.”
Apple says that when the company gets a request from law enforcement about a customer’s personal information, it will “notify the customer (that) a request concerning their personal data was made unless we are explicitly prohibited from doing so.”
While not saying specifically when or if it denies government requests, Apple says that it reserves the “right to make exceptions, such as for extreme situations when we believe disclosing information could put a child or other person in serious danger, or where notice is not applicable to the underlying facts of the case.”
While the most recent number of requests was a bit lower than for the same period a year earlier, the number of so-called “National Security Requests” made for details on specific accounts rose fourfold, from as little as 250 to as many as 1,499, over the first half of 2015 to the second. Again, Apple does not describe these requests in detail, saying only that “a tiny percentage of our millions of accounts is affected by national security””related requests. In the first six months of 2015, we received between 750 and 999 of these requests. Though we would like to be more specific, by law this is the most precise information we are currently allowed to disclose.”
The report, which breaks down the number of requests by country, says that in the last six months of last year, law enforcement agencies in the United States made 4,000 inquiries, which covered 16,112 devices.
Apple says the most common requests it gets are for information “in relation to Apple devices, such as an iPhone, iPad, or Mac. Account Requests generally seek information in regard to an Apple ID account and/or related Apple services or transactions.”
Apple is not alone in issuing such reports. Google first launched a transparency update in 2010, with Twitter following suit in 2012. For Apple’s first report in 2013, the company said that in the first half of that year, it received 3,542 of these “device information” requests in the U.S. for 8,605 devices and added that it turned over some or all of the desired information 88 percent of the time.