Apple has published a new guideline online for law enforcement agencies looking to gain access to a locked Apple device, or subpoena user records, emails, and other information on Apple’s customers. The document, titled Legal Process Guidelines: U.S. Law Enforcement, clearly articulates exactly what the company can, and cannot, do for law enforcement agents who have the appropriate warrants and subpoenas.
Want the “too long, not going to read it all on Apple’s site” edition?
Apple can provide a lot of information on you to law enforcement, so long as they have the proper legal documents to request the data. Basic customer information (think name, age, address) is available. IP addresses are also available, as well as credit card information. Apple can also dig up your iCloud email information, including sent email messages, and recipients. If you delete something, Apple cannot retrieve it. The company can also get access to you photos, contacts, calendars, bookmarks, and iCloud backups should law enforcement have the right legal documents.
There’s not a lot on the list that’s all that surprising. The main takeaway is that anything deleted is usually gone for good. Apple doesn’t have access to FaceTime records (audio of video). Anything you store with iCloud is easily retrievable so long as you don’t delete it.
Here’s some other things Apple can provide law enforcement, taken from their document:
- Basic registration or customer information, including, name, address, email address, and telephone number
- Contacts that customers have had with Apple customer service regarding a device or service (device, warranty, repair info)
- purchase/download transactions and connections
- iTunes subscriber information and connection logs with IP addresses can be obtained
- obtain information regarding the type of card associated with a particular purchase, name of the purchaser, email address, date/time of the transaction, amount of the transaction, and store location
- duplicate copies of receipts
- From iCloud: subscriber information such as name, physical address, email address, and telephone number, Mail logs include records of incoming and outgoing communications such as time, date, sender email addresses, and recipient email addresses. Apple is unable to produce deleted content. Apple will produce customer content, as it exists in the customer’s mailbox in response to a search warrant.PhotoStream, Docs, Contacts, Calendars, Bookmarks, iOS Device Backups
- Find My iPhone connection logs may be available and can be obtained, but can’t be activated remotely.
- Apple can extract certain categories of active data from passcode locked iOS devices, but they cannot crack your passcode. The don’t have access to it
It’s basic common sense. Anything stored on Apple’s servers are easily accessed. Anything in law enforcements possession is easily accessed. Those assumptions are easily applied to any cloud service or person who has your Mac, iPhone, iPod, or iPad. Dropbox, Google Drive, Box, Hotmail, you name it. If you’re storing something on someone else’s servers there’s a good chance it will be given up to law enforcement if they come looking for it with warrants.