iPhone Life magazine

Apple News: Laying Down the Law on Customer Information

Whatever your feelings on government wiretapping, it is no surprise, now, that technology firms are cooperating with the government. But Apple has just shed some light on the process thanks to a web page that details their terms for cooperating with U.S. Law Enforcement. While lengthy, the document itself is, ironically, far shorter than the iTunes Terms of Service agreement that most users gloss over on their way to downloading apps and music.

Touch ID

Another irony, at least to me as a developer, is that Apple describes how to track a user by their UDID, a unique identifier to each phone. This is ironic because, as a developer, we are not allowed to use the UDID for tracking as of iOS 7. There are alternative methods that Apple allows that still offer some privacy to the app user, but this document serves as a reminder that the UDID is still around and an important way to track individual users, or at least their devices. Here is the text from that section:

MAC Address: A Media Access Control address (MAC address), is a unique identifier assigned to network interfaces for communications on the physical network segment. Any Apple product with network interfaces will have one or more MAC addresses, such as Bluetooth, Ethernet, WiFi, or FireWire. By providing Apple with a serial number (or in the case of an iOS device, IMEI, MEID, or UDID), this information may be obtained with a subpoena or greater legal process.
 
UDID: The unique device identifier (UDID) is a sequence of 40 letters and numbers that is specific to a particular iOS device. It will look like similar to following: 2j6f0ec908d137be2e1730235f5664094b831186.
 
If law enforcement is in possession of the device, the device may be connected to iTunes in order to obtain the UDID. Under the iTunes summary tab, the UDID can be revealed by clicking on the serial number.
 

There are some good parts for law-abiding, security conscious users. Apple explicitly states that they can't provide passcodes or crack encryption. And unless there is a non-disclosure  order or risk to children, etc., they plan to tell users if legal proceedings are initiated. And even though they can't break a passcode, they can access some information, specifically SMS, photos, videos, contacts, audio recording, and call history. Apple cannot provide: email, calendar entries, or any third-party App data. Additionally, while email wiretaps are possible, iMessage and FaceTime are encrypted end-to-end and cannot be accessed. 

Topics:
Email icon
Want more? Get our weekly newsletter:
Todd Bernhard's picture

Todd Bernhard is founder of No Tie Software, an app developer specializing in Ringtones and Sound FX including AutoRingtone.

An iPhone is almost always attached to his hip, but over the years, Bernhard has owned an Apple Newton, a Motorola Marco, an HP 95LX, a Compaq iPaq, a Palm Treo, and a Nokia e62.

In addition to writing for iPhone Life, Mr. Bernhard has written for its sister publications, PocketPC Magazine and The HP Palmtop Paper.