Apple published a rare public comment discussing "Appleâs Commitment to Customer Privacy" in the wake of reports on the United States' "Prism" surveillance program.
On June 6th, just days before Apple's weeklong Worldwide Developer Conference opened, the Washington Post published a report outlining a formerly secret government project â codename Prism â that it said monitored the central servers of nine major U.S. Internet companies, naming Apple as the most recent to join the surveillance program.
The report, based on leaked PowerPoint slides, described the government as being able to "extract[s] audio, video, photographs, e-mails, documents and connection logs that enable analysts to track a personâs movements and contacts over time."Apple: "We have never heard of Prism. We do not provide any government agency with direct access to our servers."
Apple denied the claims, saying in a statement to The Wall Street Journal, "We have never heard of Prism. We do not provide any government agency with direct access to our servers."
Today's followup comment, published early this morning and linked to from the company's main website, follows in its entirety:
Two weeks ago, when technology companies were accused of indiscriminately sharing customer data with government agencies, Apple issued a clear response: We first heard of the governmentâs âPrismâ program when news organizations asked us about it on June 6. We do not provide any government agency with direct access to our servers, and any government agency requesting customer content must get a court order.Like several other companies, we have asked the U.S. government for permission to report how many requests we receive related to national security and how we handle them. We have been authorized to share some of that data, and we are providing it here in the interest of transparency.
From December 1, 2012 to May 31, 2013, Apple received between 4,000 and 5,000 requests from U.S. law enforcement for customer data. Between 9,000 and 10,000 accounts or devices were specified in those requests, which came from federal, state and local authorities and included both criminal investigations and national security matters. The most common form of request comes from police investigating robberies and other crimes, searching for missing children, trying to locate a patient with Alzheimerâs disease, or hoping to prevent a suicide.
Regardless of the circumstances, our Legal team conducts an evaluation of each request and, only if appropriate, we retrieve and deliver the narrowest possible set of information to the authorities. In fact, from time to time when we see inconsistencies or inaccuracies in a request, we will refuse to fulfill it.
Apple has always placed a priority on protecting our customersâ personal data, and we donât collect or maintain a mountain of personal details about our customers in the first place. There are certain categories of information which we do not provide to law enforcement or any other group because we choose not to retain it.
For example, conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data. Similarly, we do not store data related to customersâ location, Map searches or Siri requests in any identifiable form.
We will continue to work hard to strike the right balance between fulfilling our legal responsibilities and protecting our customersâ privacy as they expect and deserve.
86 Comments
Good on Apple. I still think Apple needs to be a hardware company not a spy agency acting on behalf of the government. The government should do their own dirty work.
Why do you "still think that"? Apple is quite obviously not "a spy agency acting on behalf of the government." Also, the "dirty work" the government is doing is mostly routine law enforcement along with some efforts to stop terrorist plots. There is not even a suggestion that the "government" is plotting to use clandestine technology to persecute some group of citizens. That's what the banks do, with immunity.
Good Guy Apple.
If Apple really wanted to protect it's customers privacy, it would move it's servers out of the US. Or at least move the servers for non-US customers out of the US.
If Apple really wanted to protect it's customers privacy, it would move it's servers out of the US. Or at least move the servers for non-US customers out of the US.
If the US government a) collects taxes on foreign income and b) operates a global surveillance program, how would your fantasy of a draconian government NOT be able to syphon data from servers owned by a US corporation just because they were, say, installed in France?
And do you know that electricity for data centers costs twice as much in Europe as in the US? I'm glad you're not running Apple. You sound as superstitious and capricious in your strategies as the junta running Burma.