Apple Releases Guidelines for Law Enforcement Data Requests

Discussion in 'MacRumors.com News Discussion' started by MacRumors, May 7, 2014.

  1. macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    [​IMG]
    In a new legal resources page posted on its website Wednesday night (via 9to5Mac), Apple outlined its guidelines regarding requests for customer data from from U.S. law enforcement agencies, specifying what information the company can and can not retrieve from devices upon the receipt of a search warrant or legal notice.

    Regarding the extraction of data from passcode locked iOS devices, Apple states that it may only retrieve information from its own first party apps, which includes SMS messages, photos, videos, contacts, audio recording, and call history. However, Apple can not provide access to email, calendar entries or third-party app data. The company says the data extraction process itself can only be performed on devices in "good working order" at its Cupertino, California headquarters.

    Apple will also assist law enforcement in returning lost iPhones to their rightful owners, agreeing to contact the customer of record and have them contact law enforcement to get their property back pending available information.

    The new page follows a report from The Washington Post last week which stated that the company would begin notifying its users of secret personal data requests from law enforcement. Apple has become increasingly concerned about privacy matters since the discovery of PRISM, a secret intelligence program ran by the NSA.

    CEO Tim Cook was noted as saying that the NSA would have to "cart [Apple] out in a box" before it could access the company's servers, as Apple also hired certified privacy professional Sabrina Ross last month to oversee the protection of consumer data.

    Article Link: Apple Releases Guidelines for Law Enforcement Data Requests
     
  2. macrumors 68020

    XboxMySocks

    Joined:
    Oct 25, 2009
    #2
    This is actually rather impressive. Good for them
     
  3. macrumors 65816

    TouchMint.com

    Joined:
    May 25, 2012
    Location:
    Phoenix
    #3
    Yea they are really pushing this.
     
  4. macrumors 68020

    Joined:
    Sep 6, 2002
    #4
    It's very impressive. Remember the internet uproar of a few years ago when Apple was accused of tracking users' GPS locations? Here's what the guidelines have to say about that:

    I suppose the tech blogs will fall over themselves scrambling to apologize to Apple, right?
     
  5. macrumors 65816

    JoEw

    Joined:
    Nov 29, 2009
    #5
    I actually dont remember this, article?
     
  6. macrumors newbie

    Joined:
    Jun 17, 2011
    #6
    The NSA is not a law enforcement agency. This announcement is nice, but it doesn't address the larger issue of government surveillance.
     
  7. snprintf, May 7, 2014
    Last edited: May 7, 2014

    macrumors member

    Joined:
    Apr 20, 2014
    #7
    "The company says the data extraction process itself can only be performed on devices in "good working order" at its Cupertino, California headquarters. "

    I'm assuming they have to crack the encryption there. Or at least hoping :eek:

    ----------

    The user you are quoting didn't summarize it correctly, or at least not completely. Since iOS 4 and until this was discovered, iOS was saving the user locations to an unencrypted (not sure whether it was encrypted if you used a passcode) file stored locally on the device and synced to the computer as part of the backup. You were able to download an application called iPhoneTracker and see your movement history. The accusation was that Apple was sending this data to servers, but no evidence of that was found.

    MacRumors reported on it at some point, but I can't find it. Here's a different article: http://readwrite.com/2011/04/20/your_iphone_is_tracking_your_every_move#awesm=~oDEifIqXRLH5hV
     
  8. macrumors 68000

    FreeState

    Joined:
    Jun 24, 2004
    Location:
    San Diego, CA
    #8
    Yep, per the document they have to hand deliver or ship the phone to CA to have it extracted (after a search warrant has been issued that is).
     
  9. H2SO4, May 7, 2014
    Last edited: May 8, 2014

    macrumors 68000

    Joined:
    Nov 4, 2008
    #9
    Ok but just be careful;
    No, Apple does not track geolocation of devices. is not the same as
    No, Apple has not and does not secretly track geolocation of devices.

    I very much suspect that the article will be worded very carefully, (as with any company legal statement), that allows them to do more than first appears.
    The article links to another there separate documents and I don't mind betting that there will be some contradictions amongst them.
    Lastly these are for US enforcement agencies, what's to stop them moving the data overseas and then allowing access, (Extraordinary Data Rendition anybody)?
     
  10. macrumors 68020

    Joined:
    Sep 6, 2002
  11. macrumors member

    Joined:
    Apr 20, 2014
    #11
    Careful, some of those (like the second one) are for iOS 7's "frequent locations" feature that you can easily opt out of in the settings. That's different from the other, pre iOS 7 news where it was revealed that locations were secretly saved to a plain text file and synced to the computer.
     
  12. macrumors 68030

    Joined:
    Nov 13, 2011
    Location:
    UK
    #12
    So you use 3rd party apps then. ?

    wow security is easy these days.

    and disable touch ID else they'll just put your finger on....acidently :D

    Apple still needs a oh crap security lock. Like pressing the lock button 3 times or home button 5. Something that pass codes locks the device instantly.
     
  13. macrumors 6502

    bigandtasty

    Joined:
    Dec 26, 2006
    #13
    who cares
     
  14. macrumors regular

    Joined:
    Sep 12, 2012
    #14
    In the Oscar Pistorius murder trial Apple provided the Whatsapp message data to the South African police after taking the phones to Cupertino, so I don't buy that they cannot provide third-party app data. (These phones had pass codes enabled.)
     
  15. macrumors 6502

    Joined:
    Jun 8, 2011
    #15
    This is good that there are some transparent guidelines to this issue.

    However, at the end of the day, there is no real point in being paranoid if the government looks into you. If you honestly have nothing to hide then there shouldn't be an issue.

    I personally would not care if some NSA analyst read my text messages. I've got nothing to be guilty of. They might think I'm a bit weird though.
     
  16. macrumors 65816

    Joined:
    Feb 19, 2010
    #16
    They can't guarantee access to such data, since it might be encrypted or stored off the phone. Obviously they can retrieve whatever is stored in plain text on the device itself.
     
  17. macrumors regular

    Joined:
    Sep 12, 2012
    #17

    Thanks for the clearing that up. I misunderstood and thought they cannot retrieve such data at all.
     
  18. macrumors 65816

    Joined:
    Feb 19, 2010
    #18
    Don't take that as any official statement, but that is why I imagine that such a clause exists.
     
  19. macrumors member

    callea

    Joined:
    Jul 26, 2011
    Location:
    Italy
    #19
    How is it possible?
    File system is crypted AES 256 on code locked iPhones, isn't it??

    If the iPhone is 4 digit locked there is no problem for a brute force attack.
    But when is it locked by a strong password?
    How Apple can decrypt AES 256 data??
    Is there any kind of backdoor?
     
  20. macrumors member

    tobian

    Joined:
    Jun 23, 2007
    Location:
    CZE
    #20
    sadly, Apple joined NSA surveyllance just after Jobs death. ask yourself why
     
  21. macrumors 601

    satcomer

    Joined:
    Feb 19, 2008
    Location:
    The Finger Lakes Region
    #21
    Because Steve was known for pushing his people to do better. I bet he would have had Apple's Lawyers crawling all over these request and that would scared No Such Agency to think twice act their typical intimidation racket. So in other words Steve would say something like "Mine are bigger than yours."

     
  22. macrumors 65816

    Joined:
    Feb 19, 2010
    #22
    This should clear things up a bit: http://www.zdziarski.com/blog/?p=2149
     
  23. macrumors member

    callea

    Joined:
    Jul 26, 2011
    Location:
    Italy
    #23
    Thanks a lot, it's very interesting.
    But I read that IOS 7 has Data Protection enabled by default for all applications even for those not natively supporting it by developer.

    So I thought Data Protection in IOS 7 was the equivalent of File Vault 2 in OSX.

    Now I'm very confused...:confused:
     
  24. macrumors G5

    gnasher729

    Joined:
    Nov 25, 2005
    #24
    The encryption cannot be _cracked_. The only chances to get into a newish iOS device is to guess the passkey. Only software that is signed by Apple can access the hardware bits that would try a passkey. For example, if you enter your passcode 1234 then the code that runs is software signed by Apple which sends it to the hardware to try out (and can lock you out if you try to often). Apple can create a different version of that software that tries keys as quickly as possible _and sign it_. If you or the NSA wrote that kind of software, you couldn't sign it with Apple's keys and therefore it wouldn't work. Checking keys takes about 100ms per key and requires the iOS device to work, so the NSA cannot do that using a dozen supercomputers.

    ----------

    Don't jailbreak your phone :D

    ----------

    Apple (and nobody but Apple) can try out passcodes at a rate of about 10 per second. Without you typing them in. 8 digits + letters is about uncrackable. For four digits, the police has to give Apple your phone and a search warrant. It should be obvious that it is possible to read the data without cracking AES, because that happens every time _you_ enter your passcode.

    ----------

    Not "secretly saved". Apple has a database of cell tower and WiFi hotspot locations that is used to determine your location, and part of that got stored on your phone so you can reuse it without downloading it again. And backup backed up your phone. There was nothing "secret" about it. You should use encrypted backups anyway, which is just a switch in the iTunes user interface. So this feature is turned off now, and your 3G data bill will go up a bit.

    ----------

    That accusation was obviously made, but it was stupid beyond ridiculous. The data that was found _came from Apple's servers_. There was no need to send it to Apple's servers, because Apple always had that data. Here's what happens:

    You are in some unknown place. You want to know where you are. You ask your iPad or iPod Touch without GPS, or phone with no GPS reception. The device spots a WiFi hotspot or cell tower. It sends a message to Apple's servers: "I see this WiFi hotspot. Where am I? " Apple's server returns the location and a list of nearby hotspots and cell towers so that the device doesn't need to contact Apple again. That list was stored. Can you see how if Apple wanted to spy on you they wouldn't use that list on your device? Because it was Apple who sent it to you in the first place?

    It's like accusing the locksmith who just changed your locks that he stole the keys from your pocket to duplicate them and put them back. It's stupid. If he wanted a copy of your keys, he wouldn't need to do that, because he's the man who made the keys in the first place.
     
  25. macrumors 65816

    crackbookpro

    Joined:
    Feb 25, 2009
    Location:
    Om nom nom nom
    #25
    Ethics... Apple has them(always did, except for the design & manu days of the glass on the back of the iPhone 4/4s) and SJ always knew Tim would uphold them. Tim is/was probably more ethical than Steve in many avenues - just my opinion though.

    You/we buy Apple because the products are bad@ss, but we/I/you remain loyal because the Apple co is ethically & ultimately working to give you the "best" and they will never stop.

    Because of... Ethics.

    This is impressive, and most co's would not do what Apple does for it's customers and ownself.
     

Share This Page