Following months of revelations that the government has likely collected information from and about you (yes, you), Apple has issued its first formal transparency report.
Google, Yahoo, Facebook and others have circulated these for some time now, but Apple, perhaps struck by a pang of duty, is out with its own data on government information requests for both accounts and devices. The data covers the period between January 1, 2013 and June 30, 2013.
Apple pointedly noted that "[u]nlike many other companies dealing with requests for customer data from government agencies, Apple's main business is not about collecting information," a clear jibe at the likes of Google.
Earlier part in the report, the company stated: "[O]ur business does not depend on collecting personal data. We have no interest in amassing personal information about our customers. We protect personal conversations by providing end-to-end encryption over iMessage and FaceTime. We do not store location data, Maps searches, or Siri requests in any identifiable form."
Types of data
Because of this, Apple said the "vast majority" of requests it receives are for information about lost or stolen devices. Apple logs these as device requests.
"Only a small fraction of the requests" governments send Apple's way are for personal information related to an iTunes, iCloud or Game Center accounts.
These requests typically involve the account holder's personal data and "their use of an online service in which they have an expectation of privacy." Apple categorizes orders for identifying information, email, stored photographs and other user content stored online as account requests.
Account requests most commonly involve robberies and other crime or requests involving law enforcement searching for a missing person or child, finding a kidnap victim or hoping to prevent a suicide, Apple explained.
These requests typically see Apple turning over information in someone's iTunes or iCloud account, like a name or address.
"In very rare cases, we are asked to provide stored photos or email. We consider these requests very carefully and only provide account content in extremely limited circumstances," Apple assured.
The company noted that in order to get user info, government agencies need a court order. The Apple legal team pours over these, and only after determining them "valid and appropriate" does it hand over "the narrowest possible set of information responsive to the request."
Request revelations
While the account request orders for most regions are down to the number, there's one glaring exception.
The United States has imposed a set of stipulations that limit the amount and type of information Apple can reveal. The company, for example, is required to combine national security orders with account-based law enforcement requests, and only a range in increments of 1,000 are allowed to enumerate the orders.
For account requests, the US leads the pack in all categories, though again, no specifics are allowed. All we know is that total requests numbered between 1,000 - 2,000, and in an unspecified number of cases, some data was disclosed.
Australia sent 74 requests, and data was disclosed for 41 of those. Thirty-four requests ended with no data disclosed.
The UK issued 127 requests, and in one instance some unspecified content was disclosed. Apple didn't give out any information for 80 of those requests.
Apple also recorded the number of times it objected to a request and when the end result was no information handed over. The company noted that in some cases where data wasn't disclosed, it may have objected to the request or found no relevant information after a search.
As Apple stated, device information requests far exceed account requests in most regions. Apple received 1,178 device requests from Australia, and for 59% of those Apple provided some data. The UK issued 1,028 requests and received some info for 67% of them.
