Apple, Under Gag Order, Shares Limited Info on Gov't Data Requests

Apple has released a report lightly detailing the number of government requests for data it receives, how often data is shared and more.


Apple is under a U.S. government-mandated gag order that prevents it from being transparent with customers about whether their personal information is being shared, the iPhone maker said in a Nov. 5 report posted to its Website.

"We believe that our customers have a right to understand how their personal information is handled, and we consider it our responsibility to provide them with the best privacy protections available," the report states. It goes on to explain that the report was created as a gesture to make clear that requests are made by the government, and Apple complies when it must—and also to put a spotlight on all it's not saying.

"The U.S. government does not allow Apple to disclose, except in broad ranges, the number of national security orders, the number of accounts affected by the orders, or whether content, such as emails, was disclosed," says the report.

Apple strongly opposes this, it says, and has met with the U.S. Attorney General, people at the White House, U.S. Congressional leaders and the courts to instigate change—to no avail, as yet.

"Despite our extensive efforts in this area, we do not yet have an agreement that we feel adequately addresses our customers' right to know how often and under what circumstances we provide data to law-enforcement agencies," said Apple.

Apple device owners, and other Americans, began to understand that the U.S. government, through the National Security Agency (NSA), has been reading the emails and listening to the phone calls of Americans—and even global leaders—when former NSA contractor Edward Snowden leaked classified documents to a number of news agencies roughly six months ago.

President Obama, speaking to the need for reforms to some NSA programs, said he believes "there should be increased transparency and reforms in our intelligence programs in order to give the public confidence that these programs have strong oversight and clear protections against abuse," the White House said in an August statement.

Apple, in its report, shares account information request figures for the period between Jan. 1 and June 30. But first it explains that the U.S. government makes it "combine national security orders with account-based law-enforcement requests and report only a consolidated range in increments of 1,000."

It also explains the difference between device-based requests—which "never include national security-related requests" and are usually customers asking the police to help them recover lost or stolen devices—and account-based requests, which usually include users' personal data and "their use of an online service in which they have an expectation of privacy," said Apple. The latter can include emails, photos and other content stored online.

And finally Apple also points out that "unlike many other companies" dealing with national security requests, its main business "is not about collecting information."

In the United States, Apple says it received between 1,000 and 2,000 account requests during the stated six-month period. The number of accounts specified in the requests was "2,000-3,000." Apple objected between zero and 1,000 times, and the number of accounts for which data was disclosed was between 0 and 1,000.

Equally unspecific were how many times data wasn't disclosed following an account request, the number of times content was disclosed following a request and the number of times non-content data was disclosed; in each instance, it may have happened once or 1,000 times.

The information for Apple users in other countries is more telling. The total number of account requests received was highest for users in the United Kingdom (127), followed by Spain (102) and Germany (93). The "percentage of account requests where some data was disclosed," however, was 37 percent in the United Kingdom, 22 percent in Spain and 6 percent in Germany. Only 32 requests were made for users in Hong Kong, but in 75 percent of those instances, user data was disclosed.

"We feel strongly that the government should lift the gag order and permit companies to disclose complete and accurate numbers regarding [Foreign Intelligence Surveillance Court (FISA Court)] requests and National Security Letters," Apple said in its report.

"We will continue to aggressively pursue our ability to be more transparent."

Follow Michelle Maisto on Twitter.