If you store your stuff on iCloud, Apple can provide most of that information to law enforcement if it’s requested.
We’ve known (or suspected) for some time that Apple can provide data from iOS devices to US law enforcement, whether that data is stored on Apple’s iCloud servers or on a password protected phone or tablet. In an effort to be more transparent about this process, Apple yesterday posted an extensive document describing what data the company can provide to law enforcement and the processes for requesting that data.
The document outlines two basic types of data: information stored on Apple’s servers and information stored locally on iOS devices. Information on Apple’s servers includes both data associated with your Apple ID—your basic contact information, customer service records, your transaction history both in Apple’s retail stores and in the online iTunes and App Stores, and iTunes gift card information—and data associated with your iCloud account. All account data stored on Apple’s servers is obtainable “with a subpoena or greater legal process.”
The short version is that essentially anything you’ve backed up to or stored on iCloud is available for Apple to fork over to law enforcement, including connection logs and IP addresses you’ve used. Apple has access to 60 days of iCloud mail logs that “include records of incoming and outgoing communications such as time, date, sender e-mail addresses, and recipient e-mail addresses”; any e-mail messages that the user has not deleted; and any other information that can be backed up to iCloud. As of this writing, this list includes contacts, calendars, browser bookmarks, Photo Stream photos, anything that uses the “documents and data” feature (which can include not just word processors but also photo and video apps, games, and data from other applications), and full device backups. Subscriber information requires a “subpoena or greater legal process,” e-mail logs require a court order or search warrant, and e-mail or other iCloud content requires a search warrant. Any iCloud information that the user deletes cannot be accessed.
Read 5 remaining paragraphs | Comments