Apple’s latest Transparency Report shows that access to user devices and data are more often being requested by government and non-government entities around the world — and so is the rate at which Apple complies with those requests.
Government data requests have been on the rise for years, according to previous transparency reports by Apple and Google, and that trend did not change in the first half of 2018 covered in Apple’s latest report.
Throughout the report, Apple explained why government data requests occur, how Apple determines if a request is legally valid and if a request presents an emergency situation in which Apple will “voluntarily provide information to law enforcement.”
“Government request circumstances can vary from instances where law enforcement agencies are working on behalf of customers who have requested assistance regarding lost or stolen devices, to instances where law enforcement are working on behalf of customers who suspect their credit card has been used fraudulently to purchase Apple products or services, to instances where an account is suspected to have been used unlawfully,” Apple wrote. “Our legal team reviews requests received to ensure that the requests have a valid legal basis. If they do, we comply with the requests and provide data responsive to the request. If we determine a request does not have a valid legal basis, or if we consider it to be unclear, inappropriate and/or over-broad, we challenge or reject.”
Apple sorts government data requests into six major categories: users associated with a device, fraudulent transactions, account information, account preservation, account deletion and emergency requests. In account information requests, Apple said law enforcement may “seek customers’ content data, such as photos, email, iOS device backups, contacts or calendars.”
According to the report, Apple received 4,177 account requests in the first half of 2018 and complied with 81% of those (2,391 where non-content data was provided and 1,006 where content data was provided). U.S. government data requests in this category far outpaced any other country with 2,397 requests. Apple attributed the high number of U.S. requests to “extortion, fraud, and suspected unauthorized account access/phishing investigations.”
Account information requests have been on the rise, according to Apple, going from around 3,000 requests in each of 2013 and 2014 to nearly 6,500 in 2017. Apple’s compliance with these requests has also been on the rise with data provided in 54% of cases in 2013 and 81% in 2017.
Apple complied with other government data requests at a similar rate. Of the 32,342 device information requests, Apple provided data in 25,829 cases (80%) and Apple also provided data in 80% of financial data requests as well (3,185 of 3,973 cases.)
The latest Transparency Report came with a newly redesigned website to more easily sort through the data provided, but some aspects of the requests are unclear. Apple admitted to providing iCloud backup data, but this data has been a point of contention in the data encryption debate. Apple has consistently claimed it cannot access data on iOS devices even if law enforcement has a valid legal request, but it has also willingly provided that same data if it has been backed up to iCloud.
Apple did not respond to requests for comment at the time of this post.