Apple transparency report sheds some light on government data requests
Reinvigorated interest in privacy, security and surveillance means that the transparency reports published by tech companies are always greeted with some enthusiasm. How much data are governments around the world asking for from companies? How much user data are companies handing over to the authorities?
Apple's latest transparency report reveals that the iPhone manufacturer has complied with an increased number of requests for data -- including 80 percent of requests in North America, and 97 percent in Latin America. But while the report makes for interesting reading, it also highlights a problem that Microsoft recently sued the Department of Justice over: even if companies want to be transparent about data requests, when it comes to National Security Requests it is not even possible to report the precise number of requests that have been received.
The transparency report covers the second half of 2015 (July 1 - December 31), and Apple is able to reveal that it received between 1250 and 1499 National Security Orders, and that this affected 1000-1249 accounts. The company received just three requests for user accounts to be deleted, and it complied with all of them.
Apple breaks its report down into two main sections: Device requests and Account requests. The company says: "Device requests may include requests for customer contact information provided to register a device with Apple or the date(s) the device used Apple services. We count devices based on the individual serial or IMEI numbers related to an investigation. We encourage any customer who suspects their device is stolen to contact their local law enforcement agency".
In North America, Apple received just 4009 Device Requests, affecting 16148 devices, and complied with 80 percent of them. For the whole of Europe, the Middle East, India, and Africa, there were 19322 requests relating to 111807 devices, and Apple complied with just 52 percent.
Account requests are described as:
Responding to an account request usually involves providing information about an account holder's iTunes or iCloud account, such as a name and an address. In certain cases, we are asked to provide customers' iCloud content, which may include stored photos, email, iOS device backups, documents, contacts, calendars, and bookmarks. We consider these requests very carefully and provide account content when the legal request is a search warrant.
The percentages here are very similar to those for Device requests -- 82 percent compliance in North America, and 50 percent in Europe, the Middle East, India, and Africa. In a few instances, Apple provides extra snippets of data, such as the fact that in China account requests predominantly related to phishing investigations.
You can check out the full transparency report over on Apple's privacy pages.