Apple's Latest Transparency Report Shows Gov't Still Not All That Interested In Seeking Warrants
from the an-NSL-a-day-keeps-the-oversight-away dept
Apple has released its latest transparency report. It shows the United States, by far, has the most interest in obtaining user content and data from the company.
New figures in the company’s second biannual transparency report for 2017 show that Apple received 29,718 demands to access 309,362 devices in the second-half of the year.
Data was turned over in 79 percent of cases.
The number of demands are down slightly on the first half of the year, but the number devices that the government wanted access to rocketed.
What it doesn’t show, however, is how much is being obtained using only subpoenas. Warrants are needed for content. That Apple’s latest report [PDF] makes clear.
Any government agency seeking customer content from Apple must obtain a search warrant issued upon a showing of probable cause.
But in 90% of cases listed in the report, only a subpoena was delivered to Apple. What isn’t made explicitly clear is whether or not content was sought using something other than a warrant. Apple says the government requested content 608 times using 270 warrants, which isn’t necessarily a problem, considering more than one device/account may have been targeted. That still leaves more than 4,000 subpoenas Apple classifies as “Device Requests.” Unfortunately, sussing this out more granularly is pretty much impossible because Apple’s definition of “device requests” leaves a lot to be desired.
[D]evice-based requests received from a government agency [seek] customer data related to specific device identifiers, such as serial number or IMEI number. Device-based requests can be in various formats such as subpoenas, court orders or warrants.
Given Apple’s public battle with the DOJ over encryption, it’s very likely the company is demanding warrants when customer content is sought. But it could do better breaking down these requests into content and non-content demands.
That being said, there’s a lot of detail in the report that isn’t found in transparency reports by other tech companies. The whole thing is worth reading, if only to marvel at the massive amount of data demands being made by US law enforcement. And it appears the FBI (and other federal agencies) still prefer writing their own paperwork, rather than subject themselves to the minimal judicial scrutiny subpoenas require. National Security Letters are, by far, the most popular way for the government to seek subscriber/customer data. Apple received more than 16,000 NSLs targeting ~8,000 accounts in the last six months of 2017 alone.
While Apple has refused to publish the NSL behind a successfully challenged gag order, it appears ready to add yet another layer of transparency to future reports.
The company said beginning in the next transparency report — expected later this year — Apple will disclose the number of apps removed from its app stores.
This should make the next report an even more interesting read. It would be nice if Apple would set up a clearinghouse for government demands — a la Lumen’s database of takedown/removal requests — but for now, any transparency is better than the opacity we dealt with prior to Ed Snowden outing multiple pervasive surveillance programs.