In its latest report on government requests for user information, Apple on Monday said the U.S. government lodged at least one national security letter last year seeking information related to a customer account.
According to Apple's biannual Report on Government Information Requests (PDF link), the company was served with one NSL order in the second half of 2016. Though the letter is referred to as "declassified," details surrounding the request were not divulged.
Noted by Apple in previous reports, NSLs are often considered the first step in an investigation. As they do not carry a court order, these requests lack lawful authority to obtain customer content and are somewhat limited in scope. What NSLs can provide is "transactional data" like contact information. Recipients of such letters are obligated to comply if they have access to relevant information, Apple says.
The late-2016 NSL is the first Apple has reported since the company began issuing transparency reports in 2013.
Apple noted a spike in received national security orders for the six-month span from July to December of 2016, which numbered between 5,750 and 5,999, and impacted between 4,750 and 4,999 accounts. Requests were up from 2,750 to 2,999 orders affecting 2,000 to 2,249 accounts for the period ending in June 2016. U.S. government restrictions only allow Apple to report security orders in bands of 250. As in past years, no orders for bulk data were received.
In addition, U.S. government agencies filed 4,254 requests for customer information covering 20,013 individual devices. Apple handed over data relating to 3,335 device requests. Those figures compare to 4,822 requests impacting 10,260 devices in the first half of 2016.
Though the dramatic increase in multi-device requests is left unexplained, Apple notes law enforcement agencies routinely lodge such filings as part of ongoing fraud investigations. Government agencies also file requests on behalf of owners looking to retrieve lost or stolen devices.
Further, Apple received U.S. law enforcement requests for 1,219 individual accounts, of which 71 were challenged in part or rejected in full, the reports says. Apple refused to provide data in 211 requests. The company furnished "non-content data" in 636 cases, while content was disclosed for 372 accounts.
Apple defines account requests as filings that seek to disclose information relating to a user's iTunes or iCloud account, such as a name and address. In other cases, information provided can include iCloud content like photos, email, iOS device backups, documents, contacts, calendars and bookmarks.
Finally, Apple received a total of 178 worldwide government emergency requests. If it so chooses, Apple can act in good faith and furnish customer account communications and records in the event that an emergency involving imminent danger of death or serious physical injury to a person requires its disclosure.
For the second half of 2016, Apple provided data in 153 emergency situations.