Apple's Latest Transparency Report Includes Geofence Requests From U.S. Government

[MacRumors]

Apple today shared a new Transparency Report providing information on customer data requests that the company received from the U.S. government in the first half of 2022.

For the first time ever, Apple has reported the total number of "geofence requests" that it received from the U.S. government. These requests are meant to include specific latitude and longitudes coordinates for a specified time period, but Apple does not collect this information as part of its commitment to customer privacy, and therefore does not provide it to law enforcement, while fully respecting the legal process.

From the Transparency Report:

Apple may also receive requests from government agencies seeking customer data related to specific latitude and longitudes coordinates (geofence) for a specified time period. Apple does not have any data to provide in response to geofence requests.

For additional information, the Transparency Report is available on Apple's website as a PDF.

Article Link: Apple's Latest Transparency Report Includes Geofence Requests From U.S. Government

 

[F23]

this is why I am an Apple sheep

 

[cocky jeremy]

Haha. Sorry, screw you, FBI.

 

[JamesHolden]

It’s great to have confirmation that Apple does not collect this data. However, I’m sure the cell service providers are more than happy to turn it over, so I’m not sure it matters whether Apple collects it or not.

 

[MrTemple]

It’s great to have confirmation that Apple does not collect this data. However, I’m sure the cell service providers are more than happy to turn it over, so I’m not sure it matters whether Apple collects it or not.

Oh yeah, and more. Data that's illegal for law enforcement to collect is legal for corporations to collect and sell to LEOs. 🙃

 

[JPack]

Not to worry. The U.S. will just contract the Israelis to make custom software. Then they'll collect the data from a third country to make it legal.

 

[sw1tcher]

Apple today shared a new Transparency Report providing information on customer data requests that the company received from the U.S. government in the first half of 2022.

For the first time ever, Apple has reported the total number of "geofence requests" that it received from the U.S. government. These requests are meant to include specific latitude and longitudes coordinates for a specified time period, but Apple does not collect this information as part of its commitment to customer privacy, and therefore does not provide it to law enforcement, while fully respecting the legal process.

Apple does not collect this information at all, or Apple does not collect this information in the U.S.?

 

[contacos]

I find these things always so fascinating like I sometimes wonder if I have ever been near to someone that had unknowingly Pegasus installed on their phone and then my head spins deeper like „by what country and why“

 

[JamesHolden]

I find these things always so fascinating like I sometimes wonder if I have ever been near to someone that had unknowingly Pegasus installed on their phone and then my head spins deeper like „by what country and why“

Does it matter? I mean, worrying about all this stuff is pretty much like pushing water uphill.

 

[rp100]

What about “significant locations”?

Settings > Privacy > Location Services > System Services > Significant Locations

The note says it’s ”end-to-end encrypted and cannot be read by apple”. So… if this is enabled, Apple could be storing location data on your behalf that they allegedly cannot read.

Unreadable data is not the same thing as “Apple does not have any data to provide in response to geofence requests.”

 

[crawfish963]

It’s great to have confirmation that Apple does not collect this data. However, I’m sure the cell service providers are more than happy to turn it over, so I’m not sure it matters whether Apple collects it or not.

Not so much that they are happy to. They have to as geofence requests require a search warrant. But sometimes cell providers object to large geofence areas with tens of thousands of devices within the zone.


Source: am retired detective who wrote/served these warrants

 

[JamesHolden]

Not so much that they are happy to. They have to as geofence requests require a search warrant. But sometimes cell providers object to large geofence areas with tens of thousands of devices within the zone.


Source: am retired detective who wrote/served these warrants

Ok, I’m sure none of these companies are “happy” to turn over anything! That said, and you no doubt can tell me if I’m wrong, the cell providers have all the geofence info, so whether Apple collects it or not, someone does…

 

[crawfish963]

Ok, I’m sure none of these companies are “happy” to turn over anything! That said, and you no doubt can tell me if I’m wrong, the cell providers have all the geofence info, so whether Apple collects it or not, someone does…

I doubt Apple does. I’ve looked at a lot of data from warrants to Apple. Before E2E encryption it was a lot of data. Since E2E it’s almost nothing. Almost not even worth writing a warrant anymore. Apple definitely locks down stuff. Google on the other hand…

Really cell tower data is the go-to for geolocation. Google will also have a lot of GPS data.

Also most LE agencies now just go to seize the phone and use a tool like Graykey or Cellebrite Premium to get into the phone and pull geo data from that. I was previously on a task force for an alphabet agency and used those tools. Once into the phone almost everything is available to police.

 

[antiprotest]

Doesn't the government know that Apple does not collect this data, especially after being told so? Or does the government keep asking for it anyway just to have the requests on record?

 

[JamesHolden]

I doubt Apple does. I’ve looked at a lot of data from warrants to Apple. Before E2E encryption it was a lot of data. Since E2E it’s almost nothing. Almost not even worth writing a warrant anymore. Apple definitely locks down stuff. Google on the other hand…

Really cell tower data is the go-to for geolocation. Google will also have a lot of GPS data.

That’s what I’m getting at. Apple doesn’t have this data, but your cell provider does and can provide it if required. It seems to me that whether Apple collects the data or not, the government can still get the data from cell companies. Am I right?

 

[t0rqx]

You think this transparency report is real transparant and complete? Think about that if you say yes. They got you right where they want you. Just like their marketing.

 

[Trusteft]

So...are there people who in 2023 use their mobile phone as a device that might be secure and safe?

 

[smithrh]

You don't know what carrier or what cell model is ahead of time (unless you already know who the suspect is and have gotten this data previously).

I'd have to look at what location data cell providers have these days, in the recent past the accuracy was not all that high.

 

[crawfish963]

That’s what I’m getting at. Apple doesn’t have this data, but your cell provider does and can provide it if required. It seems to me that whether Apple collects the data or not, the government can still get the data from cell companies. Am I right?

Correct. Different carriers retain data for different lengths of time. Worst part is that if you happened to be in the area of a geofence even if you’re not a suspect the police are looking at your data. I was kind of an outcast in my previous life because I advocated for privacy while most cops were totally ok with the federal government opening the gates up wide.

 

[Ahheck01]

Also most LE agencies now just go to seize the phone and use a tool like Graykey or Cellebrite Premium to get into the phone and pull geo data from that. I was previously on a task force for an alphabet agency and used those tools. Once into the phone almost everything is available to police.

They can do this even with an iPhone? Even without the passcode?

 

[JamesHolden]

Correct. Different carriers retain data for different lengths of time. Worst part is that if you happened to be in the area of a geofence even if you’re not a suspect the police are looking at your data.

Thanks for confirming. I believe Apple’s beliefs and values around privacy are real….but any cell phone is basically Swiss cheese when it comes to privacy. How many apps on iPhones today are tracking and reporting location? Does it matter if Apple collects any of this info when plenty of other apps are already doing it? Cell providers have all your location data. And, despite Apple’s privacy stance, they won’t allow apps like Little Snitch on iOS, so how committed to privacy are they really?

I was kind of an outcast in my previous life because I advocated for privacy while most cops were totally ok with the federal government opening the gates up wide.

The old cliche is true. Power corrupts. Glad there are people like you who try to hold the line.

 

[crawfish963]

They can do this even with an iPhone? Even without the passcode?

Yes

Edit: it’s more nuanced that that but in many cases yes they can. You can do things to make it more difficult.

 

[crawfish963]

Thanks for confirming. I believe Apple’s beliefs and values around privacy are real….but any cell phone is basically Swiss cheese when it comes to privacy. How many apps on iPhones today are tracking and reporting location? Does it matter if Apple collects any of this info when plenty of other apps are already doing it? Cell providers have all your location data. And, despite Apple’s privacy stance, they won’t allow apps like Little Snitch on iOS, so how committed to privacy are they really?


The old cliche is true. Power corrupts. Glad there are people like you who try to hold the line.

Most apps pull some kind of location data. Google is the worst offender.

 

[Ahheck01]

Yes

For full phone access, as if they had the passcode? I'd heard that as long as you have a passcode, and have touch/face ID disabled, they can't force you to share your passcode and thus they can't get in.

 

[crawfish963]

For full phone access, as if they had the passcode? I'd heard that as long as you have a passcode, and have touch/face ID disabled, they can't force you to share your passcode and thus they can't get in.

Incorrect. There are tools that can instantly access the device as long as the device is in what is called "before first unlock" or BFU mode. There are tools that can brute force the device to obtain the passcode. Some phones can be accessed in seconds. Some take months. Using an alpha-numeric passcode pretty much guarantees your phone will take millions of years to unlock unless the passcode is common. Give a search to AFU and BFU mode.

As far as access, once the device is accessed, the entire phone is fair game. Even things like Snapchat's "My Eyes Only" can be obtained easily without the passcode for that part of the Snapchat application.