Legal Guidelines Say Apple Can Extract Data From Locked iOS Devices

If law enforcement gets hold of your locked iPhone and has some interest in its contents, Apple can pull all kinds of content from the device, including texts, contacts, photos and videos, call history and audio recordings.

If law enforcement gets hold of your locked iPhone and has some interest in its contents, Apple can pull all kinds of content from the device, including texts, contacts, photos and videos, call history and audio recordings.

The company said in a new document that provides guidance for law enforcement agencies on the kinds of information Apple can provide and what methods can be used to obtain it that if served with a search warrant, officials will help law enforcement agents extract specific application-specific data from a locked iOS device. However, that data appears to be limited to information related to Apple apps, such as iMessage, the contacts and the camera.

Email contents and calendar data can’t be extracted, the company said in the guidelines.

Email contents and calendar data can’t be extracted, the company said in the guidelines.

“Upon receipt of a valid search warrant, Apple can extract certain categories of active data from passcode locked iOS devices. Specifically, the user generated active files on an iOS device that are contained in Apple’s native apps and for which the data is not encrypted using the passcode (“user generated active files”), can be extracted and provided to law enforcement on external media.   Apple can perform this data extraction process on iOS devices running iOS 4 or more recent versions of iOS. Please note the only categories of user generated active files that can be provided to law enforcement, pursuant to a valid search warrant, are: SMS, photos, videos, contacts, audio recording, and call history. Apple cannot provide: email, calendar entries, or any third-party App data,” the Apple guidance says.

Interestingly, Apple said that its technicians can only extract the data from a locked iOS device at the company’s headquarters in Cupertino, Calif. And law enforcement officials need to provide their own removable media in order to store the extracted data.

The new Apple guidelines provide a clearer picture of the kinds of information the company is capable and willing to provide to law enforcement in response to search warrants, subpoenas and other legal demands. In addition to data from a locked iOS device, the company also will provide, under specific circumstances, email logs and contents, subscriber information and other data that customers have backed up to iCloud.

However, Apple said that because of the way that its Find My iPhone feature works, the company can’t provide historical location data for a given device or turn on that feature remotely. It also says that Apple doesn’t have GPS data for iOS devices.

“Location information for a device located through the Find My iPhone feature is customer facing and Apple does not have records of maps or email alerts provided through the service. Find My iPhone connection logs may be available and can be obtained with a subpoena or greater legal process. Find My iPhone transactional activity for requests to remotely lock or erase a device may be available if utilized by the customer,” the guidelines say.

Suggested articles