Policy —

No, Apple probably didn’t get new secret gov’t orders to hand over data

Rare warrant canary vanished, likely due to new 2014 Justice Dept. guidelines.

No, Apple probably didn’t get new secret gov’t orders to hand over data

While Apple won't confirm it, the company has removed its warrant canary from its latest transparency report, issued this week. While this could mean that the company has received a new secret government order to provide user data, there is still another more likely possibility: it's not publishing warrant canaries at all.

Warrant canaries work like this: a company publishes a notice saying that a warrant has not been served as of a particular date. Should that notice be taken down, users are to surmise that the company has indeed been served with one. The theory is that while a court can compel someone to not speak (a gag order), it cannot compel someone to lie. The only problem is that warrant canaries have yet to be fully tested in court.

In November 2013, the second time (the first was in June 2013) Apple issued its transparency report (for a period covering the first half of 2013), the company wrote as its warrant canary:

“Apple has never received an order under Section 215 of the USA Patriot Act. We would expect to challenge an order if served on us," referring to the provision of federal law that compels businesses to hand over business records to American authorities, often under gag order.

The absence of that language in Apple’s latest transparency report has led many in the media to the conclusion that Apple has, in fact, been served with a Section 215 order.

The warrant canary language was also missing from the company's December 31, 2013 transparency report, which covered the second half of the year. However, since then, as part of ongoing lawsuits at the Foreign Intelligence Surveillance Court, the government has imposed new guidelines that essentially make warrant canaries much more difficult to issue.

The newest transparency report states in a table that Apple received "0-249" National Security Orders from January 1, 2014 through June 30, 2014. That precise band of numbers matches precisely the government's suggested guidelines.

"I'm not sure that this closes the door on using a warrant canary, but if a company was inclined to follow this, I don't see how you could do that and have a canary because all of these start at zero," Mark Rumold, an attorney at the Electronic Frontier Foundation, told Ars.

"Reporting that band does not mean that they received a Section 215 order, it just means that they changed their practice to conform with the [Department of Justice]'s guidance."

Orders from DC

A January 27, 2014 letter from Deputy Attorney General James Cole to the general counsels of major tech companies provides two options for disclosing government surveillance orders.

One option allows firms to provide more detail, but they must impose a longer time delay. A second option allows companies to be less specific by lumping those orders together, but the companies can more promptly announce that they received such orders. Apple appears to have taken the second option.

As Cole wrote at the time, corporations can report aggregate data as "the total number of all national security process received, including all [National Security Letters] and FISA orders."

Because Apple has almost certainly received an order to turn over content under Section 702—as seen in a now-infamous slide provided by National Security Agency whistleblower Edward Snowden—that could explain why the Section 215 language warrant canary has been removed from Apple's transparency reports.

On the same day as the Cole letter, Apple published an "Update on National Security and Law Enforcement Orders," stating:

Apple is reporting the actual number of requests for information related to law enforcement investigations. Law enforcement requests most often relate to criminal investigations such as robbery, theft, murder, and kidnapping. In addition, Apple is re-reporting all the guidelines that allow us to report these orders separate from law enforcement orders, in bands of 250. This data represents every U.S. national security order for data about our customers regardless of geography. We did not receive any orders for bulk data. The number of accounts involved in national security orders is infinitesimal relative to the hundreds of millions of accounts registered with Apple.

In all four transparency reports the company has issued to date, Apple does not mention Section 702 of the Foreign Intelligence Surveillance Act (FISA) Amendments Act, which compels companies to share data on foreigners and provides the legal basis for the National Security Agency's PRISM program.

Channel Ars Technica