Apple discloses government requests for user information
Apple disclosed content from users’ accounts to U.S. government officials fewer than 1000 times during the first six months of 2013, according to a Report on Government Information Requests that the company issued on Tuesday.
“Apple’s main business is not about collecting information,” the company said in the report. In detailing its interactions with governments, both in the United States and around the world, Apple hoped to provide more transparency about the processes. Moreover, the company says that it has repeatedly made the case for more openness in its meetings with government officials; along with the report, Apple is also filing an amicus brief with the Foreign Intelligence Surveillance Court (FISA), supporting other cases requesting more transparency.
“We feel strongly that the government should lift the gag order and permit companies to disclose complete and accurate numbers regarding FISA requests and National Security Letters,” the company said in its report. “We will continue to aggressively pursue our ability to be more transparent.”
With this move, Apple joins the likes of Facebook, Microsoft, and Google; earlier this year, all three of the companies voiced their desire to be more open with the public about government requests.
Account information requests
In the report, Apple explained that the U.S. government prohibits the company from disclosing “except in broad ranges” the precise number of requests it receives or the number of accounts affected, making it difficult to get a full picture of the government’s actions.
But the report suggested that the U.S. government’s requests for information dwarf that of any other country in which Apple does business.
During the time period surveyed, Apple said it received between 1000 and 2000 requests for information involving between 2000 and 3000 user accounts. Fewer than 1000 requests resulted in any content from accounts disclosed—such as information from iCloud email, contacts, calendar, or Photo Stream content—and fewer than 1000 requests resulted in any data about those accounts being shared.
By comparison, the United Kingdom generated just 127 requests for account information—the next-most active government on the list—resulting in just one case where actual content from an account was disclosed.
“The most common account requests involve robberies and other crimes or requests from law enforcement officers searching for missing persons or children, finding a kidnapping victim, or hoping to prevent a suicide,” Apple said in the report. “In very rare cases, we are asked to provide stored photos or email. We consider these requests very carefully and only provide account content in extremely limited circumstances.”
In the U.S., Apple also received 3,542 requests to provide device information—usually lost or stolen phones. The company provided data in 88 percent of those cases. (Apple was able to provide more precise data regarding devices, it said, because “device requests never include national security–related requests.”)
Throughout the seven-page report, Apple stressed that it attempts to disclose as little information as possible about its customers to government.
“As we have explained, any government agency demanding customer content from Apple must get a court order,” the company said in the report. “When we receive such a demand, our legal team carefully reviews the order. If there is any question about the legitimacy or scope of the court order, we challenge it. Only when we are satisfied that the court order is valid and appropriate do we deliver the narrowest possible set of information responsive to the request.”
Apple added that it has not received—and would challenge—any order generated under Section 215 of the Patriot Act. That’s the section commonly understood to allow the FBI to obtain a person’s “library records” without their knowledge.
The full report is available from Apple’s website.