Go Back   MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Reply
 
Thread Tools Search this Thread Display Modes
Old May 8, 2014, 01:56 AM   #1
MacRumors
macrumors bot
 
Join Date: Apr 2001
Apple Releases Guidelines for Law Enforcement Data Requests




In a new legal resources page posted on its website Wednesday night (via 9to5Mac), Apple outlined its guidelines regarding requests for customer data from from U.S. law enforcement agencies, specifying what information the company can and can not retrieve from devices upon the receipt of a search warrant or legal notice.

Regarding the extraction of data from passcode locked iOS devices, Apple states that it may only retrieve information from its own first party apps, which includes SMS messages, photos, videos, contacts, audio recording, and call history. However, Apple can not provide access to email, calendar entries or third-party app data. The company says the data extraction process itself can only be performed on devices in "good working order" at its Cupertino, California headquarters.

Apple will also assist law enforcement in returning lost iPhones to their rightful owners, agreeing to contact the customer of record and have them contact law enforcement to get their property back pending available information.

The new page follows a report from The Washington Post last week which stated that the company would begin notifying its users of secret personal data requests from law enforcement. Apple has become increasingly concerned about privacy matters since the discovery of PRISM, a secret intelligence program ran by the NSA.

CEO Tim Cook was noted as saying that the NSA would have to "cart [Apple] out in a box" before it could access the company's servers, as Apple also hired certified privacy professional Sabrina Ross last month to oversee the protection of consumer data.

Article Link: Apple Releases Guidelines for Law Enforcement Data Requests
MacRumors is offline   0 Reply With Quote
Old May 8, 2014, 01:58 AM   #2
XboxMySocks
macrumors 68000
 
Join Date: Oct 2009
This is actually rather impressive. Good for them
__________________
Out of Warranty Replacements:
iPad mini Retina: $249; iPad Air, 3 & 4: $299; iPad mini: $219; iPad 2: $249; iPhone 6+: $369; iPhone 6: $329; iPhone 5: $299; iPhone 4S: $199; iPhone 4: $169
XboxMySocks is offline   5 Reply With Quote
Old May 8, 2014, 02:01 AM   #3
TouchMint.com
macrumors 65816
 
TouchMint.com's Avatar
 
Join Date: May 2012
Location: Phoenix
Quote:
Originally Posted by XboxMySocks View Post
This is actually rather impressive. Good for them
Yea they are really pushing this.
__________________
TouchMint.com iOS App Site
Adventure To Fate iOS RPG Game Site
Indie iOS Game: Adventure To Fate : A Quest To The Core JRPG

TouchMint.com is offline   0 Reply With Quote
Old May 8, 2014, 02:02 AM   #4
chabig
macrumors 65816
 
Join Date: Sep 2002
It's very impressive. Remember the internet uproar of a few years ago when Apple was accused of tracking users' GPS locations? Here's what the guidelines have to say about that:

Quote:
Does Apple store GPS information that can be produced under proper legal process?

No, Apple does not track geolocation of devices.
I suppose the tech blogs will fall over themselves scrambling to apologize to Apple, right?
chabig is offline   3 Reply With Quote
Old May 8, 2014, 02:12 AM   #5
JoEw
macrumors 6502a
 
JoEw's Avatar
 
Join Date: Nov 2009
Quote:
Originally Posted by chabig View Post
It's very impressive. Remember the internet uproar of a few years ago when Apple was accused of tracking users' GPS locations? Here's what the guidelines have to say about that:



I suppose the tech blogs will fall over themselves scrambling to apologize to Apple, right?
I actually dont remember this, article?
JoEw is offline   0 Reply With Quote
Old May 8, 2014, 02:15 AM   #6
Soy Cowboy
macrumors newbie
 
Join Date: Jun 2011
The NSA is not a law enforcement agency. This announcement is nice, but it doesn't address the larger issue of government surveillance.
Soy Cowboy is offline   8 Reply With Quote
Old May 8, 2014, 02:23 AM   #7
snprintf
Banned
 
Join Date: Apr 2014
"The company says the data extraction process itself can only be performed on devices in "good working order" at its Cupertino, California headquarters. "

I'm assuming they have to crack the encryption there. Or at least hoping

----------

Quote:
Originally Posted by JoEw View Post
I actually dont remember this, article?
The user you are quoting didn't summarize it correctly, or at least not completely. Since iOS 4 and until this was discovered, iOS was saving the user locations to an unencrypted (not sure whether it was encrypted if you used a passcode) file stored locally on the device and synced to the computer as part of the backup. You were able to download an application called iPhoneTracker and see your movement history. The accusation was that Apple was sending this data to servers, but no evidence of that was found.

MacRumors reported on it at some point, but I can't find it. Here's a different article: http://readwrite.com/2011/04/20/your...oDEifIqXRLH5hV

Last edited by snprintf; May 8, 2014 at 02:34 AM.
snprintf is offline   2 Reply With Quote
Old May 8, 2014, 02:25 AM   #8
FreeState
macrumors 68000
 
FreeState's Avatar
 
Join Date: Jun 2004
Location: San Diego, CA
Quote:
Originally Posted by snprintf View Post
"The company says the data extraction process itself can only be performed on devices in "good working order" at its Cupertino, California headquarters. "

I'm assuming they have to crack the encryption there. Or at least hoping
Yep, per the document they have to hand deliver or ship the phone to CA to have it extracted (after a search warrant has been issued that is).
FreeState is offline   0 Reply With Quote
Old May 8, 2014, 02:29 AM   #9
H2SO4
macrumors 65816
 
Join Date: Nov 2008
Quote:
Originally Posted by chabig View Post
It's very impressive. Remember the internet uproar of a few years ago when Apple was accused of tracking users' GPS locations? Here's what the guidelines have to say about that:



I suppose the tech blogs will fall over themselves scrambling to apologize to Apple, right?
Ok but just be careful;
No, Apple does not track geolocation of devices. is not the same as
No, Apple has not and does not secretly track geolocation of devices.

I very much suspect that the article will be worded very carefully, (as with any company legal statement), that allows them to do more than first appears.
The article links to another there separate documents and I don't mind betting that there will be some contradictions amongst them.
Lastly these are for US enforcement agencies, what's to stop them moving the data overseas and then allowing access, (Extraordinary Data Rendition anybody)?
__________________
MP1,1 - 11GB - 5770.
30”ACD.
OSX 10.10.1

Last edited by H2SO4; May 8, 2014 at 03:01 AM.
H2SO4 is offline   4 Reply With Quote
Old May 8, 2014, 02:36 AM   #11
snprintf
Banned
 
Join Date: Apr 2014
Careful, some of those (like the second one) are for iOS 7's "frequent locations" feature that you can easily opt out of in the settings. That's different from the other, pre iOS 7 news where it was revealed that locations were secretly saved to a plain text file and synced to the computer.
snprintf is offline   1 Reply With Quote
Old May 8, 2014, 02:39 AM   #12
Zxxv
macrumors 68000
 
Join Date: Nov 2011
Location: UK
Quote:
Originally Posted by MacRumors View Post

Regarding the extraction of data from passcode locked iOS devices, Apple states that it may only retrieve information from its own first party apps, which includes SMS messages, photos, videos, contacts, audio recording, and call history. However, Apple can not provide access to email, calendar entries or third-party app data. The company says the data extraction process itself can only be performed on devices in "good working order" at its Cupertino, California headquarters.
So you use 3rd party apps then. ?

wow security is easy these days.

and disable touch ID else they'll just put your finger on....acidently

Apple still needs a oh crap security lock. Like pressing the lock button 3 times or home button 5. Something that pass codes locks the device instantly.
Zxxv is offline   0 Reply With Quote
Old May 8, 2014, 02:54 AM   #13
bigandtasty
macrumors 6502
 
Join Date: Dec 2006
Quote:
Originally Posted by JoEw View Post
I actually dont remember this, article?
who cares
bigandtasty is offline   5 Reply With Quote
Old May 8, 2014, 03:05 AM   #14
Jacquesvw
macrumors regular
 
Join Date: Sep 2012
In the Oscar Pistorius murder trial Apple provided the Whatsapp message data to the South African police after taking the phones to Cupertino, so I don't buy that they cannot provide third-party app data. (These phones had pass codes enabled.)
Jacquesvw is offline   1 Reply With Quote
Old May 8, 2014, 03:13 AM   #15
thaifood
macrumors 6502
 
Join Date: Jun 2011
This is good that there are some transparent guidelines to this issue.

However, at the end of the day, there is no real point in being paranoid if the government looks into you. If you honestly have nothing to hide then there shouldn't be an issue.

I personally would not care if some NSA analyst read my text messages. I've got nothing to be guilty of. They might think I'm a bit weird though.
thaifood is offline   2 Reply With Quote
Old May 8, 2014, 03:18 AM   #16
zipa
macrumors 65816
 
Join Date: Feb 2010
Quote:
Originally Posted by Jacquesvw View Post
In the Oscar Pistorius murder trial Apple provided the Whatsapp message data to the South African police after taking the phones to Cupertino, so I don't buy that they cannot provide third-party app data. (These phones had pass codes enabled.)
They can't guarantee access to such data, since it might be encrypted or stored off the phone. Obviously they can retrieve whatever is stored in plain text on the device itself.
__________________
The iPhones! They bend and twist with my berserker strength!
zipa is offline   2 Reply With Quote
Old May 8, 2014, 04:05 AM   #17
Jacquesvw
macrumors regular
 
Join Date: Sep 2012
Quote:
Originally Posted by zipa View Post
They can't guarantee access to such data, since it might be encrypted or stored off the phone. Obviously they can retrieve whatever is stored in plain text on the device itself.

Thanks for the clearing that up. I misunderstood and thought they cannot retrieve such data at all.
Jacquesvw is offline   0 Reply With Quote
Old May 8, 2014, 04:36 AM   #18
zipa
macrumors 65816
 
Join Date: Feb 2010
Quote:
Originally Posted by Jacquesvw View Post
Thanks for the clearing that up. I misunderstood and thought they cannot retrieve such data at all.
Don't take that as any official statement, but that is why I imagine that such a clause exists.
__________________
The iPhones! They bend and twist with my berserker strength!
zipa is offline   0 Reply With Quote
Old May 8, 2014, 04:50 AM   #19
callea
macrumors member
 
Join Date: Jul 2011
Location: Italy
How is it possible?
File system is crypted AES 256 on code locked iPhones, isn't it??

If the iPhone is 4 digit locked there is no problem for a brute force attack.
But when is it locked by a strong password?
How Apple can decrypt AES 256 data??
Is there any kind of backdoor?
callea is offline   1 Reply With Quote
Old May 8, 2014, 05:16 AM   #20
tobian
macrumors member
 
Join Date: Jun 2007
Location: CZE
sadly, Apple joined NSA surveyllance just after Jobs death. ask yourself why
tobian is offline   0 Reply With Quote
Old May 8, 2014, 05:22 AM   #21
satcomer
macrumors 601
 
satcomer's Avatar
 
Join Date: Feb 2008
Location: Upstate NYS
Quote:
Originally Posted by tobian View Post
sadly, Apple joined NSA surveyllance just after Jobs death. ask yourself why
Because Steve was known for pushing his people to do better. I bet he would have had Apple's Lawyers crawling all over these request and that would scared No Such Agency to think twice act their typical intimidation racket. So in other words Steve would say something like "Mine are bigger than yours."

__________________
Mac Pro Dual 2.8 Quad(Rev B.), 16 G RAM, OS X 10.9, 23'' LCD
Mac Book Pro Core 2 Duo 2.16Ghz, SuperDrive, 2G RAM, OS X 10.7.5
iPad 3, 32 black
satcomer is offline   2 Reply With Quote
Old May 8, 2014, 05:25 AM   #22
zipa
macrumors 65816
 
Join Date: Feb 2010
Quote:
Originally Posted by callea View Post
How is it possible?
File system is crypted AES 256 on code locked iPhones, isn't it??

If the iPhone is 4 digit locked there is no problem for a brute force attack.
But when is it locked by a strong password?
How Apple can decrypt AES 256 data??
Is there any kind of backdoor?
This should clear things up a bit: http://www.zdziarski.com/blog/?p=2149
__________________
The iPhones! They bend and twist with my berserker strength!
zipa is offline   1 Reply With Quote
Old May 8, 2014, 05:42 AM   #23
callea
macrumors member
 
Join Date: Jul 2011
Location: Italy
Quote:
Originally Posted by zipa View Post
This should clear things up a bit: http://www.zdziarski.com/blog/?p=2149
Thanks a lot, it's very interesting.
But I read that IOS 7 has Data Protection enabled by default for all applications even for those not natively supporting it by developer.

So I thought Data Protection in IOS 7 was the equivalent of File Vault 2 in OSX.

Now I'm very confused...
callea is offline   0 Reply With Quote
Old May 8, 2014, 06:48 AM   #24
gnasher729
In Time-Out
 
Join Date: Nov 2005
Quote:
Originally Posted by snprintf View Post
"The company says the data extraction process itself can only be performed on devices in "good working order" at its Cupertino, California headquarters. "

I'm assuming they have to crack the encryption there. Or at least hoping
The encryption cannot be _cracked_. The only chances to get into a newish iOS device is to guess the passkey. Only software that is signed by Apple can access the hardware bits that would try a passkey. For example, if you enter your passcode 1234 then the code that runs is software signed by Apple which sends it to the hardware to try out (and can lock you out if you try to often). Apple can create a different version of that software that tries keys as quickly as possible _and sign it_. If you or the NSA wrote that kind of software, you couldn't sign it with Apple's keys and therefore it wouldn't work. Checking keys takes about 100ms per key and requires the iOS device to work, so the NSA cannot do that using a dozen supercomputers.

----------

Quote:
Originally Posted by callea View Post
Thanks a lot, it's very interesting.
But I read that IOS 7 has Data Protection enabled by default for all applications even for those not natively supporting it by developer.

So I thought Data Protection in IOS 7 was the equivalent of File Vault 2 in OSX.

Now I'm very confused...
Don't jailbreak your phone

----------

Quote:
Originally Posted by callea View Post
How is it possible?
File system is crypted AES 256 on code locked iPhones, isn't it??

If the iPhone is 4 digit locked there is no problem for a brute force attack.
But when is it locked by a strong password?
How Apple can decrypt AES 256 data??
Is there any kind of backdoor?
Apple (and nobody but Apple) can try out passcodes at a rate of about 10 per second. Without you typing them in. 8 digits + letters is about uncrackable. For four digits, the police has to give Apple your phone and a search warrant. It should be obvious that it is possible to read the data without cracking AES, because that happens every time _you_ enter your passcode.

----------

Quote:
Originally Posted by snprintf View Post
Careful, some of those (like the second one) are for iOS 7's "frequent locations" feature that you can easily opt out of in the settings. That's different from the other, pre iOS 7 news where it was revealed that locations were secretly saved to a plain text file and synced to the computer.
Not "secretly saved". Apple has a database of cell tower and WiFi hotspot locations that is used to determine your location, and part of that got stored on your phone so you can reuse it without downloading it again. And backup backed up your phone. There was nothing "secret" about it. You should use encrypted backups anyway, which is just a switch in the iTunes user interface. So this feature is turned off now, and your 3G data bill will go up a bit.

----------

Quote:
Originally Posted by snprintf View Post
The accusation was that Apple was sending this data to servers, but no evidence of that was found.
That accusation was obviously made, but it was stupid beyond ridiculous. The data that was found _came from Apple's servers_. There was no need to send it to Apple's servers, because Apple always had that data. Here's what happens:

You are in some unknown place. You want to know where you are. You ask your iPad or iPod Touch without GPS, or phone with no GPS reception. The device spots a WiFi hotspot or cell tower. It sends a message to Apple's servers: "I see this WiFi hotspot. Where am I? " Apple's server returns the location and a list of nearby hotspots and cell towers so that the device doesn't need to contact Apple again. That list was stored. Can you see how if Apple wanted to spy on you they wouldn't use that list on your device? Because it was Apple who sent it to you in the first place?

It's like accusing the locksmith who just changed your locks that he stole the keys from your pocket to duplicate them and put them back. It's stupid. If he wanted a copy of your keys, he wouldn't need to do that, because he's the man who made the keys in the first place.
gnasher729 is offline   0 Reply With Quote
Old May 8, 2014, 07:47 AM   #25
crackbookpro
macrumors 65816
 
crackbookpro's Avatar
 
Join Date: Feb 2009
Location: Om nom nom nom
Quote:
Originally Posted by XboxMySocks View Post
This is actually rather impressive. Good for them
Ethics... Apple has them(always did, except for the design & manu days of the glass on the back of the iPhone 4/4s) and SJ always knew Tim would uphold them. Tim is/was probably more ethical than Steve in many avenues - just my opinion though.

You/we buy Apple because the products are bad@ss, but we/I/you remain loyal because the Apple co is ethically & ultimately working to give you the "best" and they will never stop.

Because of... Ethics.

This is impressive, and most co's would not do what Apple does for it's customers and ownself.
__________________
iMac 21.5" l 3.06GHz l 4GB RAM ~ iMac 24" l 3.06GHz l 4GB RAM
MBA 11" l 1.6GHz l 4GB RAM ~ Alu MB l 2.4GHz l 4GB RAM
iPhone 5 ~ iPad 2 & Air 2 ~ TV ~ BlackBook [RIP]
crackbookpro is offline   0 Reply With Quote

Reply
MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Apple Will Begin Notifying Users of Information Requests from Law Enforcement MacRumors Politics, Religion, Social Issues 124 May 13, 2014 10:28 AM
FBI's primary mission is no longer law enforcement Michael Goff Politics, Religion, Social Issues 5 Jan 15, 2014 06:33 AM
New App Bypasses Snapchat Screenshot Notifications; Snapchat Details Law Enforcement Requests MacRumors iOS Blog Discussion 29 Oct 29, 2013 03:24 PM
Apple Releases Statement on Customer Privacy and Law Enforcement Requests for Customer Data MacRumors Politics, Religion, Social Issues 154 Jul 22, 2013 12:47 PM

Forum Jump

All times are GMT -5. The time now is 12:14 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC