Apple clarifies what it takes to hand over your data to the authorities

May 10, 2014

In an effort to become more transparent, Apple is outlining what data the company is able to provide to law enforcement when requested. In a detailed document, the iPhone-maker had revealed that it could provide data both on iCloud as well as on a password protected iPhone or iPad to law enforcement officials.

According to the document, Apple says that it could provide information on its servers when required to do so "with a subpoena or greater legal process." This information includes a user's Apple ID and information associated with that ID, including transactions made on iTunes and the App Store as well as customer service records and history at Apple's retail and online stores. Additionally, the Apple ID information could include a customer's name, contact records, and iTunes gift cards.

When it comes to iCloud, there is even more data that could be surrendered to the authorities, which includes backups, connection logs, and IP addresses. iCloud mail logs within 60 days are also accessible, as well as any messages that have not been deleted.

Because iCloud spans a number of services, this would extend to beyond just email, and would include pictures on PhotoStream, calendars, contacts, iOS device backups, Safari bookmarks, and documents used with iWork's online services. However, unlike Apple ID information, in order for law enforcement to gain access to this, Apple's standards are higher. Email logs, which includes the addresses of the sender and recipient as well as timestamp, require either a search warrant or court order whereas emails and iCloud content requires a search warrant. When it comes to the physical email themselves, Apple says that it only has access to emails that are stored on the iCloud service and that deleted messages are not accessible.

Additionally, information stored on the device can be retrieved by Apple when it is presented with a valid search warrant. In this case, if law enforcement provides a storage drive twice the capacity of the iPhone's storage, it could extract SMS messages, photos, videos, audio recordings, contacts, and call history log. Apple isn't able to extract information in third-party apps, emails, or calendar appointments. In order to retrieve this information, the phone must be running iOS 4 or later and must be sent to Apple's headquarters in good working order.

Still, despite the transparency, Ars Technica presented some lingering questions on if Apple is able to retrieve and extract data from its other services. Though Apple has maintained that stored iCloud Keychain passwords, iMessages, and FaceTime conversations cannot be intercepted because of encrypted delivery, security experts have made claims to the contrary in the past. It's also unclear if Apple could intercept an iMessage when it's in transit or if it could extract iMessage backups.

Apple maintains that it is not able to remotely activate the Find My iPhone service remotely if a user has not activated the service themselves. When a customer activates the Find My iPhone service and uses it, connection logs can be made available to authority with a subpoena or greater legal process.

If any information is sought by law enforcement, Apple says that it will notify its customers about the request, except if it is prohibited from doing so. Apple would also not notify customers of information requests when it believes that doing so "could create a risk of injury or death to an identifiable individual or group of individuals or in situations where the case relates to child endangerment."

Source: Apple