What customer information will Apple provide to the cops?
At the beginning of May, Apple updated its Legal Process Guidelines for U.S. Law Enforcement. These are the guidelines that law enforcement and government entities within the U.S. must follow when seeking information from Apple Inc about the people who use their products, services, and devices. So what exactly do these guidelines say and, more importantly, what information will the company give to the police?
The good news is that Apple takes the privacy of its customers seriously, so if personal information is being sought by law enforcement the company will notify you. Of course, there are always exceptions to every rule. Here are situations where Apple won't inform you:
...where providing notice is prohibited by the legal process itself, by a court order Apple receives (e.g., an order under 18 U.S.C. §2705(b)), or by applicable law or where Apple, in its sole discretion, believes that providing notice could create a risk of injury or death to an identifiable individual or group of individuals or in situations where the case relates to child endangerment.
We know that Apple will notify you if your information is being requested in most situations, so how much information is Apple willing to give up? The answer is a lot, as long as there is a proper subpoena or warrant in place.
Currently, law enforcement can gain access to your basic registration, customer information, and customer service records with a proper legal subpoena. This includes the name, address, email, and telephone number you provide when registering a device, your purchase date and device type, and records of support interactions with customer service. In addition, information about your device, warranty or repair history may also be available depending on the scope of the subpoena.
Your iTunes information is slightly more complicated. Like your customer data, your iTunes subscriber information (name/physical address/email address/telephone number) and your IP addresses can be provided with a subpoena or warrant. Your iTunes purchases and download history can obtained with an order under 18 U.S.C. §2703(d) or a court order meeting the equivalent legal standard. A search warrant is required for Apple to provide the specific content purchased or downloaded.
Apple will provide information for purchases made at its online and physical retail locations if subpoenaed, including your IP address, products purchased, debt card number, and the serial number of the item purchases if available.
Your iCloud information is, surprisingly, very safe. In the interest of clarity, we've copied all of the information that is available from iCloud.
i. Subscriber Information When a customer sets up an iCloud account, basic subscriber information such as name, physical address, email address, and telephone number may be provided to Apple. Additionally, information regarding iCloud feature connections may also be available. iCloud subscriber information and connection logs with IP addresses can be obtained with a subpoena or greater legal process.
ii. Mail Logs iCloud mail logs are retained for approximately a period of 60 days. Mail logs include records of incoming and outgoing communications such as time, date, sender email addresses, and recipient email addresses. This information is available only through a court order under 18 U.S.C. § 2703(d) (or a court order with an equivalent legal standard) or a search warrant.
iii. Email Content iCloud only stores the email a user has elected to maintain in the account while the customer's account remains active. Apple is unable to produce deleted content. Apple will produce customer content, as it exists in the customer's mailbox in response to a search warrant.
iv. Other iCloud Content. PhotoStream, Docs, Contacts, Calendars, Bookmarks, iOS Device Backups iCloud only stores the content for these services that the customer has elected to maintain in the account while the customer's account remains active. Apple does not retain deleted content once it is cleared from Apple's servers. Apple will produce customer content in these categories only in response to a valid search warrant.
What about the Find My Phone feature? No need to worry, as the feature is customer-facing and Apple doesn't have records of maps or email alerts provided through the service. In addition, the company cannot activate the feature on your device at the request of law enforcement if you have the feature turned off. However, Apple will turn over activity logs for when the feature is activated or if a request has been made to remotely lock or erase a device with a court order or search warrant.
Finally, if provided with a valid search warrant Apple can remove certain types of active data from a password-locked iOS device. Apple can only remove unencrypted user-generated files that are contained in Apple's native apps. With a valid warrant, Apple can provide the following: SMS, photos, videos, contacts, audio recording, and call history. Apple cannot provide: email, calendar entries, or any third-party App data.
This sounds more troubling that it actually is, however, because to get this information the cops have to already physically have your phone. The phone also has to be in good working order and using iOS 4 or higher. Then the police need to submit a valid warrant that specifically includes the device's serial number and IMEI. Once they have the warrant the device has to be sent to Apple's Cupertino headquarters.
In keeping with the Fourth Amendment, Apple's guidelines for turning over user data requires specific information from law enforcement along with legal paperwork. If you're still worried about Apple's law enforcement guidelines, try to keep controversial information off your phone's native Apple apps.
