Apple has joined Facebook and Microsoft in revealing it has received thousands of requests for sensitive user data from US investigators in less than a year.
And like the two other giants, the fruity computer company is vague about the details.
A statement from Cupertino marks another attempt to diffuse the ongoing row over PRISM - the NSA's controversial project that taps up Apple and other internet goliaths for personal information on foreigners. The reveal tries to put a positive spin the iPhone-maker's close cooperation with cops and spies.
The cloud-powered iPad-slinger said it had dealt with between 4,000 and 5,000 surveillance requests from the US government since December 2012. These requests covered between 9,000 and 10,000 accounts or devices and came from federal, state and local authorities - the cases concerned had to do with both criminal investigations and national security matters.
"The most common form of request comes from police investigating robberies and other crimes, searching for missing children, trying to locate a patient with Alzheimer’s disease, or hoping to prevent a suicide," Apple said in a public statement. "Regardless of the circumstances, our Legal team conducts an evaluation of each request and, only if appropriate, we retrieve and deliver the narrowest possible set of information to the authorities."
Apple claimed that iMessage, FaceTime, map search, location and Siri data remains private. In the case of Facetime and iMessage, this is thanks to end-to-end encryption, we're told. Map searches, location data and Siri queries are not retained by the company in a way that can identify a person, Cupertino insists. Files held in Apple's iCloud is another matter, it seems.
'We have never heard of PRISM'
Apple, Facebook and Google were among nine tech firms named as having participated (wittingly or unwittingly) in the controversial NSA PRISM we surveillance programme. The 41-page presentation was given in April this year and made public by the Washington Post.
The Apple statement, although it reveals the number of requests Cupertino complied with, it continues to deny allowing gov bods to access its servers, stating: "We first heard of the government’s 'Prism' program when news organizations asked us about it on June 6."
Since the exposure of the programme through the actions of former CIA contractor Edward Snowden, US tech firms have been lobbying the government to allow them to provide more details to their customers on the extent to which they have helped the authorities with their inquiries. Spy chiefs were against this disclosure but politicians appear to have overruled them and allowed tech giants to provide more details on wiretap requests than had been permitted with previous transparency reports from the likes of Google and Microsoft.
This move is clearly designed, at least in part, to reassure businesses and consumers that data held by US technology firms is not subject to dragnet surveillance, a concern that might prompt enterprises and international consumers to look for alternatives to US-based services.
Facebook released a similar set of data to Apple on Friday, saying it received 9,000 to 10,000 requests for user data from US authorities (local, state and federal) in the second half of 2012. These requests covered 18,000 to 19,000 of its users' accounts. "These requests run the gamut – from things like a local sheriff trying to find a missing child, to a federal marshal tracking a fugitive, to a police department investigating an assault, to a national security official investigating a terrorist threat," Facebook said in a statement.
The social network claimed that its lawyers guarded users' privacy jealously against these requests. "We’ve reiterated in recent days that we scrutinize every government data request that we receive – whether from state, local, federal, or foreign governments. We’ve also made clear that we aggressively protect our users’ data when confronted with such requests: we frequently reject such requests outright, or require the government to substantially scale down its requests, or simply give the government much less data than it has requested. And we respond only as required by law," it said.
Microsoft, meanwhile, said it had handled 6,000 to 7,000 criminal and national security requests from US authorities affecting 31,000 to 32,000 accounts over the last six months of 2012. Redmond said the figures were an amalgamation of statistics from requests from US local, state and federal authorities. It said the figures included more on national security requests than previously provided while stating that the government has still not allowed it to be completely candid.
"For the first time, we are permitted to include the total volume of national security orders, which may include FISA orders, in this reporting. We are still not permitted to confirm whether we have received any FISA orders, but if we were to have received any they would now be included in our aggregate volumes," Microsoft said in a statement.
"We are permitted to publish data on national security orders received (including, if any, FISA Orders and FISA Directives), but only if aggregated with law enforcement requests from all other US local, state and federal law enforcement agencies; only for the six-month period of July 1, 2012 thru December 31, 2012; only if the totals are presented in bands of 1,000; and [only if] all Microsoft consumer services had to be reported together." ®