Apple releases report on geofence warrants and data requests

AppleInsider

Apple released a report on Friday detailing government requests for customer data, specifically geofence warrants and how frequently the company has been asked to reveal data on its customer base.

Credit: Apple

In a move toward greater transparency, Apple has published a report detailing government requests for customer data related to geofence warrants. This disclosure aims to highlight Apple's approach to handling such requests, highlighting the company's commitment to user privacy.

Overall, and on the whole, there is not a huge difference between the measured period between January 1 2022, and June 30, 2022 and the previous period. Most of the requests are from law enforcement agencies working to assist customers who have requested assistance on lost or stolen devices, or police getting requests for data needed for fraud investigations.

• Asia Pacific: 3321 requests, encompassing 170,901 devices


• Europe, Middle East, India, and Africa: 15,961 requests, encompassing 29,177 devices


• Latin America: 4080 requests, encompassing 15,953 devices


• United States: 5660 requests, encompassing 235,362 devices

Asia Pacific had 83% of requests have data provided, with EMEA at 70%, Latin America at 89%, and the US seeing 82% of the requests granted.

The large number of devices per requests reflects that one request may contain multiple device identifiers in the case related to the theft of a shipment of devices, and the like.

Worldwide, Apple received 5980 requests from law enforcement for financial identifier information, covering suspected fraudulent credit card activity used to purchase Apple products or services, covering 25,340 devices. About 57% of the requests for financial information resulted in Apple providing data.

Furthermore, Apple received 14,005 requests for account-based requests where an account may have been used unlawfully. A bit more than 83% of these requests were provided data.

US National security requests were less than 499 for all categories, including Foreign Intelligence Surveillance Act requests, National Security Letters. The company has still not received any requests for bulk data falling under either category.

Geofence warrants are a type of investigative tool that has recently gained attention due to their extensive data collection approach. Apple's response is clear: it does not possess the data necessary to fulfill geofence requests, making compliance impossible.

Regardless, Apple still got 13 requests.

Unlike regular warrants, they don't target a specific person or account, but rather involve all devices present within a defined geographic area during a specific time period. This method has sparked concerns about the possibility of data overreach, as people with no ties to an ongoing investigation could have their information captured unintentionally.

Unlike some of its tech industry counterparts, Apple refrains from collecting the data required to respond to geofence requests, thus preventing compliance, even when proper legal procedures are followed.

All-in-all, the report provides a bit more information on requests by law enforcement worldwide, with the data further broken down than previously.

Read on AppleInsider

appleinsideruser

Mobile networks know the location of all active phones all the time. Just ask them who was within an area, easy. No need to involve Apple.

22july2013

appleinsideruser said:

Mobile networks know the location of all active phones all the time. Just ask them who was within an area, easy. No need to involve Apple.

Did you even watch the Murdaugh trial a few weeks ago? Neither the phone company nor the government had access to the location of Murdaugh's cell phone because cell phone location data is not recorded at the cell company, but they did get the location data from off of Murdaugh's phone. If the phone company or the government had the GPS location, they certainly would have used it, because this was a murder trial. but they didn't have it. This type of data is not recorded. It can be recorded if they know in advance that they need to record your location. 

So if you think someone is secretly recording all this data, but they're not willing to reveal that data even for your murder trial, then you really don't have anything to worry about, do you?

I'm somewhat familiar with how the SS7 network works. The data that you're talking about is not recorded because there's too much of it. Have you ever tried to calculate how much storage it would take to record the GPS location data of every user for every minute of every day of every year?

By the way, the cell company has a much harder time of tracking you if your phone doesn't have GPS, or if you turn off the GPS on your smart phone. If you are a criminal, you should probably turn off your GPS, or maybe use a phone without GPS.

appleinsideruser

22july2013 said:

appleinsideruser said:

Mobile networks know the location of all active phones all the time. Just ask them who was within an area, easy. No need to involve Apple.

Did you even watch the Murdaugh trial a few weeks ago? Neither the phone company nor the government had access to the location of Murdaugh's cell phone because cell phone location data is not recorded at the cell company, but they did get the location data from off of Murdaugh's phone. If the phone company or the government had the GPS location, they certainly would have used it, because this was a murder trial. but they didn't have it. This type of data is not recorded. It can be recorded if they know in advance that they need to record your location. 

So if you think someone is secretly recording all this data, but they're not willing to reveal that data even for your murder trial, then you really don't have anything to worry about, do you?

I'm somewhat familiar with how the SS7 network works. The data that you're talking about is not recorded because there's too much of it. Have you ever tried to calculate how much storage it would take to record the GPS location data of every user for every minute of every day of every year?

By the way, the cell company has a much harder time of tracking you if your phone doesn't have GPS, or if you turn off the GPS on your smart phone. If you are a criminal, you should probably turn off your GPS, or maybe use a phone without GPS.

Good point about them not habitually logging the data. They could or someone else could record it. SS7 is a bag of security holes. 

By the way: I know there’s a setting on your iPhone to allow location services to be used for searching for mobile networks. However, do you have any more info on them using it once they have associated you to a particular network? I have that setting off and my phone works fine including when roaming. 

okypinoky

IMO, this is an interesting article - but I believe the data is so skewed that it is unreliable to be used for any significant purpose ... except to note that some agency(s) request data from Apple.  I would like to know how many of those requests are from what specific agency.

The article suggests that the "United States: 5660 requests, encompassing 235,362 devices".  How do 5660 request, encompass more devices that the actual request.  I would assume that any request garners access to ALL apple devices on that account - which would be sneaky and troubling if you have a Family account and shred access across multiple family members.  Just an odd observation.  

Regardless, I wonder how many of those access "request"  are from actual customers trying to find a lost device vs. police actually taking secret warrant action against a consumer.  Just curious - I have a "Murder She Wrote" fix, that's all! 🤣