Apple on Monday released more details about requests by various law enforcement agencies for information on Apple account holders in the U.S. The update was made possible by new, more relaxed federal rules on reporting such requests.
The update, as the original report issued last November, covers only the period from Jan. 1 through June 30, 2013. The orders fall into two groups: from law enforcement agencies seeking information related to criminal investigations; and from federal national security agencies.
The report is available as a PDF file, titled “Update on National Security and Law Enforcement Orders” or if that link isn’t working, can be found on Apple’s website here and downloaded.
During those six months, Apple received 927 law enforcement requests, and somewhere between “0-249” national security orders for information. The new federal rules let Apple report the federal orders only in blocks of 250.
The law enforcement requests affected 2,330 accounts. Apple objected to 102 of those requests, but the report doesn’t show whether the objections were successful. In all, no data was disclosed in 254 of the accounts in question; Apple released data on 747 of them. In most cases, the data disclosed was limited to what the report calls “non-content data,” though the report doesn’t define that term. Elsewhere, with regard to the national security orders, it refers to “transactional data” which includes information such as the “customer’s contact information.”
For 71 accounts, “some content was disclosed.” Again, the report is not specific. The report notes that Apple encrypts end to end “personal conversations” and that Apple doesn’t store “location data, Maps searches, or Siri requests in any identifiable form.” It’s not clear what the last clause – “in any identifiable form” – actually means.
There is very little revealed about the national security orders: Apple only says that the 0-249 requests affected 0-249 accounts.
Apple says it received no national security orders for “bulk data.”
The report notes that National Security Letters, often the first step in an investigation, “do not require a court order but by law they may not be used to obtain customer content. NSLs are limited to transactional data such as customer contact information. Apple is required by law to comply with these NSLs if we have the information requested.”
According to the report, Apple reviews each order, in both categories, “to ensure that it is legally issued and is as narrowly tailored as possible. If there is any question about the legitimacy or scope of the order, we challenge it. Only when we are satisfied that the order is valid and appropriate, do we deliver the narrowest possible set of information in response to that order.”