We believe security shouldn’t come at the expense of individual privacy.
We regularly receive requests for information about our customers and their Apple devices from law enforcement. We want to explain how we handle these requests.
When we receive information requests, we require them to be accompanied by the appropriate legal documents such as a subpoena or search warrant. We believe in being as transparent as the law allows about what information is requested from us. We carefully review any request to ensure that there’s a valid legal basis for it. And we limit our response to only the data law enforcement is legally entitled to for the specific investigation.
Apple has never worked with any government agency from any country to create a ‘back door’ in any of our products or services. We have also never allowed any government access to our servers. And we never will.
What we’re most commonly asked for and how we respond.
The most common requests we receive for information from law enforcement are in relation to devices and/or accounts. Device Requests generally seek information in relation to Apple devices, such as an iPhone, iPad or Mac. Account Requests generally seek information in regard to an Apple ID account and/or related Apple services or transactions. We also respond to emergency requests worldwide where Apple believes in good faith that an emergency involving imminent danger of death or serious physical injury to any person requires immediate disclosure.
All content requests require a search warrant. Only a small fraction of requests from law enforcement seek content such as email, photos and other content stored on users’ iCloud accounts. National security–related requests are not considered Device Requests or Account Requests, and are reported in a separate category.
On devices running iOS 8 and later versions, your personal data is placed under the protection of your passcode. For all devices running iOS 8 and later versions, Apple will not perform iOS data extractions in response to government search warrants because the files to be extracted are protected by an encryption key that is tied to the user’s passcode, which Apple does not possess.
The vast majority of the requests Apple receives from law enforcement come from an agency working on behalf of a customer who has requested assistance locating a stolen device. We encourage any customer who suspects their device is stolen to contact their respective law enforcement agency.
Responding to an Account Request most often involves providing information about a customer’s iCloud account. If we are legally compelled to divulge any information for an Account Request, we provide notice to the customer when allowed, and deliver the narrowest set of information possible in response. Only a minuscule total number of accounts are actually affected by information requests. During the 2015 calendar year, Apple received 1,986 US Account Requests and provided some data in 82 per cent of these requests.
National Security Orders from the US Government.
A tiny percentage of our millions of accounts is affected by national security–related requests. In the first six months of 2015, we received between 750 and 999 of these requests. Though we would like to be more specific, by law this is the most precise information we are currently allowed to disclose.
from the Electronic Frontier Foundation
In its latest “Who Has Your Back?” report, once again the EFF awarded Apple 5 out of 5 stars “commend[ing] Apple for its strong stance regarding user rights, transparency, and privacy”.
We’re always working for greater transparency and protections on behalf of our customers.
We believe transparency and dialogue are the best ways to find solutions to the overarching impact from surveillance laws and practices. We are continuing to engage with the White House and government regulators, legislators and courts around the world regarding the importance of protecting customer data and security.