Apple privacy report details government queries

The "vast majority" of the requests for information that Apple gets from law enforcement pertain to lost or stolen devices, while a "small fraction" relate to iTunes, iCloud, or other accounts.

Jon Skillings Editorial director
A born browser of dictionaries and a lifelong New Englander, Jon Skillings is an editorial director at CNET. He honed his language skills as a US Army linguist (Polish and German) before diving into editing for tech publications -- including at PC Week and the IDG News Service -- back when the web was just getting under way, and even a little before. For CNET, he's written on topics from GPS to 5G, James Bond, lasers, brass instruments and music streaming services.
Expertise language, grammar, writing, editing Credentials
  • 30 years experience at tech and consumer publications, print and online. Five years in the US Army as a translator (German and Polish).
Jon Skillings
4 min read
James Martin/CNET

Apple says that the "vast majority" of the requests for information that it gets from law enforcement are queries related to lost or stolen devices.

On Tuesday, Apple released a "Report on Government Information Request" (PDF) to inform its customers about how their personal information is handled and to provide assurances that it does as much as it can to protect their privacy. The report covers the period between January 1 and June 30, 2013.

"These types of requests frequently arise when our customers ask the police to assist them with a lost or stolen iPhone, or when law enforcement has recovered a shipment of stolen devices," Apple said in the report.

By contrast, Apple said, only a "small fraction" of the requests are in pursuit of personal information related to an iTunes, iCloud, or Game Center account. But it is those sorts of account information requests that have stirred up the greatest anxiety and the fiercest opposition within the tech sector and in the body politic at large.

Apple's report comes after nearly half a year of dramatic revelations about widespread online surveillance conducted by the US National Security Agency and other government bodies, initiated by leaked documents made public by former NSA contractor Edward Snowden.

Given that backdrop, Apple sought to offer reassurances about how it attempts to safeguard the personal information of its iPad, iPhone, Mac, and other customers.

"Our business does not depend on collecting personal data," Apple said in its report. "We have no interest in amassing personal information about our customers. We protect personal conversations by providing end-to-end encryption over iMessage and FaceTime. We do not store location data, Maps searches, or Siri requests in any identifiable form."

Device information requests, Apple said, never include requests related to national security matters.

Apple -- and other tech companies -- face limits on coming clean about government information requests. The US government imposes restrictions on what those companies can say about national security letters they've received. Apple and other companies including Google and Microsoft have been pushing to have such gag orders eased and arguing for greater transparency on the NSA's surveillance operations.

Apple said that it has never received an order under Section 215 of the USA Patriot Act, which expanded the ability of the NSA and the FBI to collect information on individuals, and that if it did, it would likely challenge such an order.

Transparency reports on government information requests have become a regular thing for the giants of the Internet realm, with annual or semiannual updates now coming from the likes of Twitter, Yahoo, Google, and Facebook.

Details from Apple's report
Apple said in its report Tuesday that, in disclosing data related to account information requests, it was compelled by the US government to combine national security orders with more run-of-the-mill law enforcement requests. The information sought ranged from an individual's name or address, to -- less frequently -- photos or e-mail. Said Apple:

The most common account requests involve robberies and other crimes or requests from law enforcement officers searching for missing persons or children, finding a kidnapping victim, or hoping to prevent a suicide. Responding to an account request usually involves providing information about an account holder's iTunes or iCloud account, such as a name and an address. In very rare cases, we are asked to provide stored photos or email. We consider these requests very carefully and only provide account content in extremely limited circumstances.

As for device information requests, Apple said that these may be seeking the customer contact information provided to register a device with Apple or the date that the device first used Apple services.

The US was far and away the country that hit Apple with the greatest number of account information requests, somewhere in a range between 1,000 and 2,000 requests. (Apple said that the US government would allow it to report "only a consolidated range in increments of 1000.") Apple was not able to effectively disclose the percentage of account requests in which some data or content was disclosed.

The next highest number of account information requests was from the United Kingdom (127), with "some data" disclosed in 37 percent of those cases and content disclosed in 1 case.

The US also accounted for the greatest number of requests for device information, at 3,542, and Apple provided some data in 88 percent of those cases. The second highest was Germany, at 2,156, with some data provided 86 percent of the time.

Last update 2:36 p.m. PT: Provided additional background and more details from Apple's report.