Apple Inc. (NASDAQ:AAPL) released the guidelines this Wednesday that have clearly laid out what all information the law enforcement agencies can or cannot take from the Apple devices in case the search warrants, court orders or disclosure requests have been issued. This set of guidelines issued is divided into three parts. The Law Enforcement and other U.S. Government agencies seeking data, concerning Apple device users, are the target audience of this set of guidelines.
Part 1 provides general guidelines
Part 1: This part contains general information about the guidelines. It states the steps to be taken by an agency that reaches out to Apple for the provision of data and what can reasonably be provided by Apple. The law enforcement agencies are required to submit subpoenas, search warrants and court orders to Apple either through mail or by fax if they need any documents. Apple will hold information for a maximum of 90 days, on receiving a request for data preservation, and will be deleted from the server if no renewal request is received.
There is a service used to track a device that goes missing called Find my iPhone service that also allows the user to lock and wipe data and only the connection logs can be provided by Apple Inc. (NASDAQ:AAPL) in such case. Apple will not uphold the law enforcement agencies that send requests for enabling this feature and the company servers will not store any GPS data for specific devices.
If provided with a valid search warrant, the company’s headquarters will be able to lift up the information from even those devices which are passcode-locked but this consumer data is limited to ‘certain categories’ only. Data such as SMS, photos, contacts, call history, audio recording, videos etc. from the devices running on iOS 4 or later versions can be lifted however it is not possible for Apple to provide the third-party apps information, calendar entries and email content.
Apple covering all aspects
Part 2: Apple Inc. (NASDAQ:AAPL) has provided a section, in the guidelines, for answering the frequently asked questions both by the users and data seeking agencies. The tech giant has said in this Q&A part of its guidelines, that, “any files and records produced for law enforcement that contain personally identifiable information must be destroyed after the related investigation, criminal case, and all appeals have been fully exhausted.” In the absence of a non-disclosure order, whenever a law enforcement agency will seek data, the user will be notified of this.
Part 3: This section includes a form in PDF format that the law enforcement agency will be required to fill, whenever it will approach the company for seeking data. For the situations that involve “imminent danger of death or serious physical injury to any person [requiring disclosure] without delay” an additional “Emergency Disclosure Form” has been provided.