Apple's Latest Transparency Report Shows Gov't Still Not All That Interested In Seeking Warrants

[steven36]

from the an-NSL-a-day-keeps-the-oversight-away dept

 

Apple has released its latest transparency report. It shows the United States, by far, has the most interest in obtaining user content and data from the company.

 

 

New figures in the company's second biannual transparency report for 2017 show that Apple received 29,718 demands to access 309,362 devices in the second-half of the year.

Data was turned over in 79 percent of cases.

 

The number of demands are down slightly on the first half of the year, but the number devices that the government wanted access to rocketed.

What it doesn't show, however, is how much is being obtained using only subpoenas. Warrants are needed for content. That Apple's latest report [PDF] makes clear.

Any government agency seeking customer content from Apple must obtain a search warrant issued upon a showing of probable cause.

But in 90% of cases listed in the report, only a subpoena was delivered to Apple. What isn't made explicitly clear is whether or not content was sought using something other than a warrant. Apple says the government requested content 608 times using 270 warrants, which isn't necessarily a problem, considering more than one device/account may have been targeted. That still leaves more than 4,000 subpoenas Apple classifies as "Device Requests." Unfortunately, sussing this out more granularly is pretty much impossible because Apple's definition of "device requests" leaves a lot to be desired.

 

[D]evice-based requests received from a government agency [seek] customer data related to specific device identifiers, such as serial number or IMEI number. Device-based requests can be in various formats such as subpoenas, court orders or warrants.

Given Apple's public battle with the DOJ over encryption, it's very likely the company is demanding warrants when customer content is sought. But it could do better breaking down these requests into content and non-content demands.

 

That being said, there's a lot of detail in the report that isn't found in transparency reports by other tech companies. The whole thing is worth reading, if only to marvel at the massive amount of data demands being made by US law enforcement. And it appears the FBI (and other federal agencies) still prefer writing their own paperwork, rather than subject themselves to the minimal judicial scrutiny subpoenas require.

 

National Security Letters are, by far, the most popular way for the government to seek subscriber/customer data. Apple received more than 16,000 NSLs targeting ~8,000 accounts in the last six months of 2017 alone.

 

While Apple has refused to publish the NSL behind a successfully challenged gag order, it appears ready to add yet another layer of transparency to future reports.

The company said beginning in the next transparency report -- expected later this year -- Apple will disclose the number of apps removed from its app stores.

This should make the next report an even more interesting read. It would be nice if Apple would set up a clearinghouse for government demands -- a la Lumen's database of takedown/removal requests -- but for now, any transparency is better than the opacity we dealt with prior to Ed Snowden outing multiple pervasive surveillance programs.

 

Apple Transparency 2nd Half 17 (PDF)

Apple Transparency 2nd Half 17 (Text)

 

Source

 

 

[straycat19]

If you have access to all the data you need then there is no need to submit a warrant.  iOS isn't as secure as Apple would lead you to believe, especially the latest version.

[steven36]

5 hours ago, straycat19 said:

If you have access to all the data you need then there is no need to submit a warrant.  iOS isn't as secure as Apple would lead you to believe, especially the latest version.

Yes IOS is not that good  they cracked most of them now MAC OS  is a different story they had that pedo cop in jail forever and he want unlock  the drives and the FBI try to make like IOS was more secure than it really was to make up a exuse to put back doors in software and Apple didn't fall for there bluff  because  no one wants to use software with a hole in it. As far  as data most of the time just  to pin them at such and such place  is enough,  just like Apple gave them helpful info, to track down the guy who ran KAT  . They just don't get data from one place,  they go to everywhere and get data and even to there jobs  if they have one . Most of the time they catch people because of poor cybersec  and something like apple would just be a piece of the puzzle . They have to have real evidence to get a conviction.