Apple (NASDAQ:AAPL) said that between Dec. 1, 2012 and May 31, 2013, it received between 4,000 and 5,000 requests from U.S. law enforcement for customer data. However, in statement, Apple reiterated that it does not provide any government agency with direct access to its servers, and any government agency requesting customer content must get a court order.
Apple joined Facebook (NASDAQ:FB) and Microsoft (NASDAQ:MSFT) in revealing in recent days how it has complied with government requests for user data. Apple was one of several major technology and Internet companies that were reported to have cooperated with the National Security Agency's Prism program, which James Clapper, the director of national intelligence, has said is focused on mining data about foreign terrorism suspects. He has said that the program cannot be used to intentionally target any U.S. citizen, any other U.S. person, or anyone located within the United States, and he and other officials and lawmakers have said the program has helped foil terrorist plots.
Apple said in statement that, like Facebook and Microsoft, it asked the U.S. government for permission to report how many requests it has received related to national security and how it handled them. Apple said that between 9,000 and 10,000 accounts or devices were specified in the requests it received, which came from federal, state and local authorities and included both criminal investigations and national security matters.
"The most common form of request comes from police investigating robberies and other crimes, searching for missing children, trying to locate a patient with Alzheimer's disease, or hoping to prevent a suicide," Apple said.
Apple said its legal team evaluates each request "and, only if appropriate, we retrieve and deliver the narrowest possible set of information to the authorities. In fact, from time to time when we see inconsistencies or inaccuracies in a request, we will refuse to fulfill it." The company also disclosed that conversations which take place over its iMessage and FaceTime services are protected by end-to-end encryption so no one but the sender and receiver can see or read them, and that Apple cannot decrypt the data.
Facebook reported last week that from June to December of 2012, the U.S. government made between 9,000 and 10,000 requests for user data, and the requests were connected to between 18,000 and 19,000 accounts. Microsoft said that for the six months ended Dec. 31, 2012, it received between 6,000 and 7,000 criminal and national security warrants, subpoenas and orders affecting between 31,000 and 32,000 consumer accounts. Google (NASDAQ:GOOG) did not group all such requests together, saying that such a move would be a "step back" for users, according to GigaOM.
According to an Associated Press report, which cites unnamed sources, the Prism program was borne out of a 2007 law Congress passed called the "Protect America Act." According to the report, intelligence officials decide annually what kind of data they want to collect on foreigners overseas, and those plans are then approved in secret by a judge. The government can then issue "directives" to companies which typically identify a specific target or groups of targets.
Tech companies have denied giving the government broad access to their servers, insisting they only comply with specific requests for data. The way the companies comply varies by company, the report noted, with some using secure file transfers and others setting up user interfaces to make it easier for government officials to get the data. As the AP noted, the numbers reported by the companies so far appear to confirm that requests for data are narrowly targeted and much smaller than initial reports have indicated. However, the report notes, the communications and Internet data of U.S. citizens can be collected if a target of an investigation has communicated with U.S. citizens by sending them an email, for example.
Report: NSA doesn't directly get access to Verizon Wireless, T-Mobile call data
Reports: NSA gets phone records from Verizon, AT&T, Sprint, as well as data from Apple, Google and others
Report: NSA collecting calling records of millions of Verizon customers
FCC to vote on new rules to protect wireless customers' call data
Report: Verizon Wireless gave AP reporters' cell phone records to DOJ in leak probe