Apple lays down guidelines for government data requests in new documentApple on Wednesday released a set of guidelines by which U.S. law enforcement, as well as other government agencies, may request information from the company regarding data from its users.
Broken down into three main parts, Apple's "Legal Process Guidelines —U.S. Law Enforcement" webpage provides general information about the newly established guidelines, how agencies can request data and what information they can hope to receive. In typical Apple style, a frequently asked questions section is also appended to the document for quick referencing.
A brief explanation of the webpage reads:
These Guidelines are provided for use by law enforcement or other government entities in the U.S. when seeking information from Apple Inc. ("Apple") about users of Apple's products and services, or from Apple devices. Apple will update these Guidelines as necessary.
Apple notes that the guidelines do not apply to U.S. agencies seeking information outside of the country from international subsidiaries.
Along with a number of email and physical addresses, phone numbers and other relevant contact information, Apple outlines how it intends to handle any future user data requests.
The company lists what type of information will be provided and what it takes to garner such data. For example, subpoenas or higher legal process are required for device registration information and iTunes information, while search warrants or court orders are needed for more personal data from iCloud and Find My iPhone.
Apple notes that information extraction can be performed on devices running iOS 4 or later with a proper search warrant, but the process is limited to certain categories of unencrypted user generated data. Extraction, which takes place at Apple's Cupertino, Calif. headquarters, can wrangle SMS, photos, videos, contacts, audio recordings, and call history that are not locked down by a passcode. Apple cannot provide email, calendar entries or data from third-party apps.
Finally, Apple provides an "Emergency Disclosure Form" for situations deemed to involve "imminent danger of death or serious physical injury to any person requires such disclosure without delay."
Aside from being a good source of information for law enforcement agencies, the guidelines offer insight into how closely Apple can monitor its users. For example, Apple can intercept email communications, but cannot do the same for encrypted peer-to-peer protocols like iMessage and FaceTime.
The creation of the webpage is in line with Apple's newfound zeal for customer privacy in the wake of public disclosures concerning government surveillance. Apple has released surveillance request statistics in the past —most recently in January —but has promised to provide its users with more regular reports.