Apple is the latest major technology company to acknowledge that U.S. government agencies have been asking it for customer data. However, it only learned about the U.S. National Security Agency's PRISM surveillance program on June 6, when news organizations asked about it, Apple said in a June 16 statement on its Website.
"We do not provide any government agency with direct access to our servers, and any government agency requesting customer content must get a court order," said the statement.
Apple went on to say:
"From December 1, 2012 to May 31, 2013, Apple received between 4,000 and 5,000 requests from U.S. law enforcement for customer data. Between 9,000 and 10,000 accounts or devices were specified in those requests, which came from federal state and local authorities and included both criminal investigations and national security matters. The most common form of request comes from police investigating robberies and other crimes, searching for missing children, trying to locate a patient with Alzheimer's disease or hoping to prevent a suicide."
Apple added that its legal team evaluates each request and, when deemed appropriate, retrieves and delivers the least possible information it can—or else refuses to fulfill the request.
It also said there are types of information it can't provide, because it doesn't have it.
"For example, conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data."
Facebook, Microsoft Also Contacted for Data
On June 7, Facebook CEO Mark Zuckerberg posted to Facebook a response to what he called "outrageous" reports that his company was part of PRISM.
"Facebook is not and has never been part of any program to give the U.S. or any other government direct access to our servers," Zuckerberg wrote. "We have never received a blanket request or court order from any government agency asking for information or metadata in bulk, like the one Verizon reportedly received. And if we did, we would fight it aggressively."
Like Apple, Facebook hadn't heard of PRISM before June 6, said Zuckerberg.
On June 5, The Guardian reported that it had received a copy of a "top secret court order issued in April" requiring Verizon to give the National Security Agency telephone records for millions of U.S. customers on an "ongoing, daily basis."
According to the report, Verizon declined to comment.
On June 14, Facebook General Counsel Ted Ullyot posted a statement reiterating that Facebook scrutinizes every government data request and responds "only as required by law."
The same day, Microsoft Deputy General Counsel and Vice President John Frank also posted a statement, saying that Microsoft, too, has been contacted for customer data, and it only that day received permission from the FBI and Department of Justice to share some information about the requests.
"For the six months ended December 31, 2012, Microsoft received between 6,000 and 7,000 criminal and national security warrants, subpoenas and orders affecting between 31,000 and 32,000 consumer accounts from U.S. government entities," wrote Frank.
He added that Microsoft hasn't received NSA orders of the type Verizon was said to have received, but isn't permitted to confirm "whether we have received any FISA [Foreign Intelligence Surveillance Act] orders, but if we were to have received any they would now be included in our aggregate volumes."
The Guardian, in its June 5 report breaking the story, said that for roughly two years, two Democrats, U.S. senators Ron Wyden and Mark Udall, while prevented from offering specifics, "have been stridently advising the public that the U.S. government is relying on 'secret legal interpretations' to claim surveillance powers so broad that the American public would be 'stunned' to learn of the kind of domestic spying being conducted."
During a June 8 press briefing, Deputy National Security Advisor Benjamin J. Rhodes said, regarding PRISM, that the purpose is to collect information for foreign intelligence purposes and so U.S. citizens aren't a target.
"Even for foreign persons there has to be an additional step to identify a nexus to foreign intelligence collection to pursue additional information. For U.S. citizens and U.S. persons and people in the United States, they cannot be intentionally targeted by this program, so they are not a part of what the goal of this collection is," said Rhodes.