 Report on Government and Private Party Requests for Customer Information July 1 - December 31, 2016 Introduction Type of requests we receive Apple is very seriously committed to protecting your data and we work hard to deliver the most secure hardware, software and services available. We believe our customers have a right to understand how their personal data is managed and protected. This report provides information regarding requests Apple received from government agencies and private parties from July 1 through December 31, 2016. Apple receives various forms of legal process requesting information from or actions by Apple. We receive requests from governments globally where we operate and from private parties. Government request circumstances can vary from instances where law enforcement agencies are working on behalf of customers who have requested assistance locating lost or stolen devices, to instances where law enforcement are working on behalf of customers who suspect their credit card has been used fraudulently to purchase Apple products or services, to instances where an account is suspected to have been used illegally. Requests can also seek to preserve an Apple account, restrict access to an Apple account or delete an Apple account. Additionally, requests can relate to emergency situations where there is imminent harm to the safety of any person. Private party request circumstances generally relate to instances where private litigants are involved in either civil or criminal proceedings. Types of legal process Apple receives from the United States can be: subpoenas, court orders, search warrants, pen register/trap and trace orders, or Title III wiretap orders. Types of legal process Apple receives internationally can be: Production Orders (Australia, Canada), Tribunal Orders (New Zealand), Requisition or Judicial Rogatory Letters (France), Solicitud Datos (Spain), Ordem Judicial (Brazil), Auskunftsersuchen (Germany), 個⼈人情報の開示依頼 (Japan), Personal Data Request (U.K.), as well as equivalent court orders and/or requests from other countries. Type of customer data sought in requests The type of customer data sought in requests varies depending on the case under investigation. For example, in stolen device cases, law enforcement generally seek details of customers associated with devices or device connections to Apple services. In credit card fraud cases, law enforcement generally seek details of suspected fraudulent transactions. Depending on what the legal request asks, Apple will provide subscriber or transaction details in response to valid legal process received. In instances where an Apple account is suspected of being used illegally, law enforcement may seek details of the customer associated with the account, account connections or transaction details or account content. Any government agency seeking customer content from Apple must obtain a search warrant issued upon a showing of probable cause. International requests for content stored in our data centers in the U.S. must comply with the U.S. Electronic Communications Privacy Act (ECPA). A request under a Mutual Legal Assistance Treaty or Agreement with the U.S. is in compliance with ECPA. The type of customer data sought in emergency situations generally relates to details of customers’ connection to Apple services. We have a dedicated team available around the clock to respond to emergency requests. Apple processes emergency requests from law enforcement globally on a 24/7 basis. An emergency request must relate to circumstances involving imminent danger of death or serious physical injury to any person. If Apple believes in good faith that it is a valid emergency, we may voluntarily provide information to law enforcement on an emergency basis.  How we manage and respond to requests Apple has a centralized and standardized process for receiving, tracking, processing, and responding to legal requests from law enforcement, government, and private parties worldwide, from when a request is received until when a response is provided. Apple requires government and private entities to follow applicable laws and statutes when requesting customer information and data. We contractually require our service providers to abide by the same standard for any government information requests for Apple data. Our legal team reviews requests received to ensure that the requests have a valid legal basis. If they do, we comply with the requests and provide the narrowest possible set of data responsive to the request. If a request does not have a valid legal basis, or if we consider it to be unclear, inappropriate or over-broad, we challenge or reject it. How we count requests and responses Apple counts requests received from government agencies and private parties within the reporting period in which they are received. Overall numbers of requests and responses are reported. A request with a valid legal basis is processed and responded to, and is counted as one request. A request that is challenged/rejected is counted as one request. Where new legal process is submitted to amend the request, it is counted as a new request. We count each request we challenge or reject for account-based, account restriction/ deletion, emergency and private party requests; and report these numbers accordingly. We count the number of discernible devices, financial identifiers, and/or accounts specified in requests, and report these accordingly by type. If there are two identifiers for one device in a request, for example a Serial number and IMEI number, we count this as one device. If there are multiple identifiers for one account in a request, for example Apple ID, full name and phone number, we count this as one account. Where two types of legal process are combined in a single request, such as a search warrant with an incorporated court order, we record the request at the highest level of legal process and the request would be reported as a search warrant. An exception is where a pen register/trap and trace order is received; this is counted as a pen register/ trap and trace order, notwithstanding that it may include a search warrant. How we report requests and responses We report on requests and responses in the following categories: 1) Worldwide Government Device Requests 2) Worldwide Government Financial Identifier Requests 3) Worldwide Government Account Requests 4) Worldwide Government Account Preservation Requests 5) Worldwide Government Account Restriction/Deletion Requests 6) Worldwide Government Emergency Requests 7) United States Government National Security Requests 8) United States Government Device Requests by Legal Process Type 9) United States Government Financial Identifier Requests by Legal Process Type 10) United States Government Account Requests by Legal Process Type 11) Unites States Private Party Requests for Information 12) United States Private Party Requests for Account Restriction/Deletion For government agency requests for customer information and data, we report as much detail as we are legally allowed. We report the numbers of requests we receive and our responses in various categories. We report United States National Security requests we receive in bands of 250. Though we would like to be more specific, by law this is the most precise information we are currently allowed to disclose. Customer notification When we receive an account request seeking our customers’ personal information, we notify the customer that we have received a request concerning their personal data except where we are explicitly prohibited by the legal process, by a court order Apple receives, or by applicable law. We reserve the right to make exceptions, such as instances where we believe providing notice creates a risk of injury or death to an identifiable individual, or where the case relates to child endangerment, or where notice is not applicable to the underlying facts of the case.  Table 1: Worldwide Government Device Requests
 July 1 - December 31, 2016 Table 1 provides information regarding device-based requests received. Examples of such requests are where law enforcement agencies are working on behalf of customers who have requested assistance locating lost or stolen devices. Additionally, Apple regularly receives multi-device requests related to fraud investigations. Device-based requests generally seek details of customers associated with devices or device connections to Apple services. Country Asia Pacific Australia China Hong Kong Japan Malaysia New Zealand Singapore South Korea Taiwan Thailand Asia Pacific Total Europe, Middle East, India, Africa Austria Belgium Croatia Cyprus Czech Republic Denmark Estonia Finland France Georgia Germany Greece Hungary India Ireland Italy Kuwait Lithuania Luxembourg Netherlands Norway Pakistan Poland Portugal Romania Russia Slovakia Slovenia South Africa Spain Sweden Switzerland Turkey Ukraine United Kingdom Europe, Middle East, India, Africa Total Latin America Argentina Brazil Chile Dominican Republic Paraguay Latin America Total North America Canada Mexico United States of America North America Total Worldwide Total # of Device Requests Received # of Devices Specified in the Requests # of Device Requests Where Data Provided % of Device Requests Where Data Provided 2,584 1,270 636 229 1 329 2,235 90 30 3 7,407 5,139 13,502 1,263 356 1 410 2,438 52,031 58 3 75,201 2,245 1,021 597 177 0 281 2,024 53 12 1 6,411 87% 80% 94% 77% 0% 85% 91% 59% 40% 33% 87% 233 136 1 1 38 96 1 1 1,335 2 11,711 10 18 32 163 753 2 1 21 56 40 1 15 395 5 167 2 6 1 1,474 95 171 170 2 1,212 353 730 2 1 62 393 1 27 3,287 565 20,647 11 113 312 334 1,576 2 2 25 358 266 1 16,844 590 7 541 2 6 1 3,291 295 477 325 2 2,708 171 95 1 0 22 85 0 1 857 2 7,461 7 12 17 141 524 0 1 10 27 31 1 9 100 4 98 1 4 1 1,066 81 126 97 0 842 73% 70% 100% 0% 58% 89% 0% 100% 64% 100% 64% 70% 67% 53% 87% 70% 0% 100% 48% 48% 78% 100% 60% 25% 80% 59% 50% 67% 100% 72% 85% 74% 57% 0% 69% 18,367 54,157 11,895 65% 3 132 5 1 1 142 6 1,194 508 1 1 1,710 1 76 4 1 1 83 33% 58% 80% 100% 100% 58% 12 2 4,254 4,268 30,184 22 2 20,013 20,037 151,105 12 1 3,335 3,348 21,737 100% 50% 78% 78% 72%  # of Device Requests Received The number of device-based requests received from a government agency seeking customer data related to specific device identifiers, such as serial number or IMEI number. Device-based requests can be in various formats such as subpoenas, court orders or warrants. We count each individual request received from each country and report the total number of requests received by country. # of Devices Specified in the Requests The number of devices specified in the requests. One request may contain one or multiple device identifiers. For example, in a case related to the theft of a shipment of devices, law enforcement may seek information related to several device identifiers in a single request. We count the number of devices identified in each request received from each country and report the total number of devices specified in requests received by country. # of Device Requests Where Data Provided The number of device-based requests that resulted in Apple providing data, such as subscriber, service, purchase or repair information in response to valid legal process. We count each devicebased request where we provide data and report the total number of such instances by country. % of Device Requests Where Data Provided The percentage of device-based requests that resulted in Apple providing data in response to valid legal process. We calculate this based on the number of device-based requests that resulted in Apple providing data per country compared to the total number of device-based requests Apple received from that country.  Table 2: Worldwide Government Financial Identifier Requests
 July 1 - December 31, 2016 Table 2 provides information regarding financial identifier-based requests received. Examples of such requests are where law enforcement agencies are working on behalf of customers who have requested assistance regarding suspected fraudulent credit card activity used to purchase Apple products or services. Financial identifier-based requests generally seek details of suspected fraudulent transactions. Country # of Financial Identifier Requests Received # of Financial Identifiers Specified in the Requests # of Financial Identifier Requests Where Data Provided % of Financial Identifier Requests Where Data Provided Asia Pacific Australia 124 1,718 93 75% 22 113 12 55% 175 367 147 84% Japan 53 76 45 85% Macau 3 3 1 33% New Zealand 6 30 4 67% 72 571 71 99% 6 6 5 83% 69 205 60 87% 1 1 1 100% 531 3,090 439 83% China Hong Kong Singapore South Korea Taiwan Thailand Asia Pacific Total Europe, Middle East, India, Africa Austria 1 1 1 100% Belgium 4 4 1 25% Czech Republic 9 9 5 56% 10 20 7 70% Finland 2 2 1 50% France 87 102 54 62% 270 876 150 56% Greece 3 3 0 0% Hungary 1 1 0 0% India 6 5,887 5 83% Denmark Germany Ireland 1 1 0 0% 104 106 49 47% Luxembourg 8 12 6 75% Netherlands 3 46 3 100% Norway 7 7 2 29% Poland 2 2 1 50% Portugal 3 3 3 100% Italy Russia Spain Sweden 4 4 0 0% 115 124 58 50% 5 5 2 40% Switzerland 14 119 13 93% Turkey 98 102 69 70% United Arab Emirates 1 1 1 100% United Kingdom Europe, Middle East, India, Africa Total Latin America 128 1,091 94 73% 886 8,528 525 59% Brazil 8 8 2 25% Latin America Total 8 8 2 25% North America Canada 23 1,262 23 100% United States of America 944 8,361 832 88% North America Total 967 9,623 855 88% 2,392 21,249 1,821 76% Worldwide Total  # of Financial Identifier Requests Received The number of financial identifier-based requests received from a government agency seeking customer data related to specific financial identifiers, such as credit card or gift card number. Financial identifier-based requests can be in various formats such as subpoenas, court orders or warrants. We count each individual request received from each country and report the total number of requests received by country. # of Financial Identifiers Specified in the Requests The number of financial identifiers specified in the requests. One request may contain one or multiple financial identifiers. For example, in a case related to large scale fraud, law enforcement may seek information related to several credit card numbers in a single request. We count the number of financial identifiers identified in each request received from each country and report the total number of financial identifiers specified in requests received by country. # of Financial Identifier Requests Where Data Provided The number of financial identifier-based requests that resulted in Apple providing data, such as transaction details in response to valid legal process. We count each financial identifierbased request where we provide data and report the total number of such instances by country. % of Financial Identifier Requests Where Data Provided The percentage of financial identifier-based requests that resulted in Apple providing data in response to valid legal process. We calculate this based on the number of financial identifierbased requests that resulted in Apple providing data per country compared to the total number of financial identifier-based requests Apple received from that country.  Table 3a: Worldwide Government Account Requests (# of Account Requests)
 July 1 - December 31, 2016 Table 3a provides information regarding account-based requests received. Examples of such requests are where law enforcement agencies are working on cases where they suspect an account may have been used unlawfully or in violation of Apple’s terms of service. Account-based requests generally seek details of customers’ iTunes or iCloud accounts, such as a name and address; and in certain instances customers’ iCloud content, such as stored photos, email, iOS device backups, contacts or calendars. Country Asia Pacific Australia China Hong Kong Japan New Zealand Singapore South Korea Taiwan Asia Pacific Total Europe, Middle East, India, Africa Armenia # of Account Requests Received # of Account Requests Challenged in Part or Rejected in Full # of Account Requests Where No Data Provided # of Account Requests Where Only NonContent Data Provided # of Account Requests Where Content Provided % of Account Requests Where Data Provided 91 13 32 59 0 65% 25 1 3 22 0 88% 8 0 3 5 0 63% 115 19 26 88 1 77% 4 0 1 3 0 75% 30 1 5 25 0 83% 8 1 2 6 0 75% 65 3 12 53 0 82% 346 38 84 261 1 76% 1 0 0 1 0 100% Austria Belgium Czech Republic 3 1 2 1 0 33% 4 1 2 2 0 50% 4 0 0 4 0 100% Denmark Estonia 8 1 3 5 0 63% 2 0 0 2 0 100% 1 0 1 0 0 0% 70 9 29 41 0 59% 159 19 48 109 2 70% 3 0 0 3 0 100% 3 0 0 3 0 100% 1 0 0 1 0 100% India Ireland Israel 18 0 2 16 0 89% 2 0 1 1 0 50% 2 0 1 1 0 50% Italy Luxembourg 44 2 5 39 0 89% 2 1 1 1 0 50% Malta Netherlands Norway 3 0 0 3 0 100% 6 0 0 6 0 100% 3 1 2 1 0 33% Pakistan Poland Portugal 1 0 0 1 0 100% 5 0 1 4 0 80% 4 0 1 3 0 75% Qatar Russia South Africa 1 1 1 0 0 0% 4 2 3 1 0 25% 1 0 0 1 0 100% Spain Sweden Switzerland 20 4 9 11 0 55% 18 0 4 14 0 78% 3 0 0 3 0 100% Finland France Germany Greece Hungary Iceland Turkey United Kingdom Europe, Middle East, India, Africa Total Latin America Argentina 7 2 2 5 0 71% 199 12 45 154 0 77% 602 56 163 437 2 73% 33% 3 0 2 1 0 Brazil Chile Dominican Republic 56 9 11 10 35 80% 1 0 0 1 0 100% 1 0 0 1 0 100% Latin America Total North America Canada 61 9 13 13 35 79% United States of America North America Total Worldwide Total 3 1 0 3 0 100% 1,219 71 211 636 372 83% 1,222 2,231 72 175 211 471 639 1,350 372 410 83% 79%  # of Account Requests Received # of Account Requests Challenged in Part or Rejected in Full # of Account Requests Where No Data Provided The number of account-based requests received from a government agency seeking customer data related to specific Apple account identifiers, such as Apple ID, email address, full name and telephone number. Account-based requests can be in various formats such as subpoenas, court orders or warrants. We count each individual request received from each country and report the total number of requests received by country. The number of account-based requests that resulted in Apple challenging the request in part or rejecting the request in full based on grounds such as a request does not have a valid legal basis, or is unclear, inappropriate and/or over-broad. For example, Apple may reject a law enforcement request if it considers the scope of data requested as excessively broad for the case in question. We count each account-based request where we challenge it in part or reject it in full and report the total number of such instances by country. The number of account-based requests that resulted in Apple providing no data. For example, where a request is rejected in full or where there is no responsive data. We count each accountbased request where we do not provide data and report the total number of such instances by country. # of Account Requests Where Only Non-Content Data Provided The number of account-based requests that resulted in Apple only providing non-content data, such as subscriber or transactional information. We count each account-based request where we provide only non-content data and report the total number of such instances by country. # of Account Requests Where Content Provided The number of account-based requests that resulted in Apple providing content, such as stored photos, email, iOS device backups, contacts or calendars. We count each account-based request where we provide content and report the total number of such instances by country. % of Account Requests Where Data Provided The percentage of account-based requests that resulted in Apple providing either non-content and/or content data, in response to valid legal process. We calculate this based on the number of account-based requests that resulted in Apple providing data (both non-content and content) per country compared to the total number of account-based requests Apple received from that country.  Table 3b: Worldwide Government Account Requests (# of Accounts Affected)
 July 1 - December 31, 2016 Table 3b provides information regarding the number of accounts affected by the account-based requests in Table 3a. Country Asia Pacific Australia China Hong Kong Japan New Zealand Singapore South Korea Taiwan Asia Pacific Total Europe, Middle East, India, Africa Armenia # of Accounts Specified in the Requests # of Accounts for Which Data Provided 108 73 5,184 5,181 10 7 155 129 6 4 31 25 28 22 134 119 5,656 5,560 1 1 Austria 4 1 Belgium Czech Republic 4 2 4 4 Denmark Estonia 8 5 2 2 Finland France 1 0 76 45 Germany 268 217 Greece Hungary 3 3 3 3 Iceland India 11 11 29 20 2 1 Ireland Israel 2 1 53 41 Luxembourg Malta 5 4 3 3 Netherlands Norway 8 8 3 1 Pakistan Poland 1 1 5 4 Portugal 4 3 Qatar Russia 1 0 5 2 South Africa Spain 1 1 24 12 21 17 4 4 Italy Sweden Switzerland Turkey 36 5 United Kingdom Europe, Middle East, India, Africa Total Latin America Argentina 220 162 812 584 5 3 Brazil Chile Dominican Republic 141 92 1 1 1 1 Latin America Total North America Canada United States of America 148 97 North America Total Worldwide Total 3 3 3,958 2,636 3,961 10,577 2,639 8,880  # of Accounts Specified in the Requests The number of accounts specified in the requests. One request may contain one or multiple account identifiers. For example, in a case related to suspected phishing, law enforcement may seek information related to several accounts in a single request. We count the number of accounts identified in each request received from each country and report the total number of accounts specified in requests received by country. # of Accounts for Which Data Provided The number of accounts that resulted in Apple providing either non-content and/or content data in response to valid legal process. We count the number of accounts in each request where we provide data and report the total number of accounts for which data was provided by country.  Table 4: Worldwide Government Account Preservation Requests
 July 1 - December 31, 2016 Table 4 provides information regarding account preservation requests received. Under the U.S. Electronic Communications Privacy Act (ECPA) government agencies may request Apple to preserve users’ account data by performing a one-time data pull of the requested existing user data available at the time of the request for 90 days (up to 180 days if Apple receives a renewal request). Examples of such requests are where law enforcement agencies suspect an account may have been used unlawfully or in violation of Apple’s terms of service, and request Apple to preserve the account data while they obtain legal process for the data. Country # of Account Preservation Requests Received # of Accounts Specified in the Requests # of Accounts Where Data Preserved Europe, Middle East, India, Africa Austria Belgium 1 1 0 1 2 0 Denmark 1 1 0 France 4 6 4 Germany 9 15 14 India 1 1 0 Ireland 1 2 2 Moldova 1 1 1 Netherlands 1 8 8 Norway 1 1 1 Poland 1 1 0 Portugal 1 1 1 Slovenia 1 1 1 South Africa 1 1 1 Sweden 2 3 3 Ukraine 1 3 3 22 29 25 50 77 64 Brazil 1 1 1 Latin America Total 1 1 1 Canada 8 11 11 Mexico 1 1 1 United States of America 741 1,475 1,019 North America Total 750 1,487 1,031 Worldwide Total 801 1,565 1,096 United Kingdom Europe, Middle East, India, Africa Total Latin America North America # of Account Preservation Requests Received # of Accounts Specified in the Requests # of Accounts Where Data Preserved The number of account preservation requests received from a government agency. We count each individual request received from each country and report the total number of requests received by country. The number of accounts specified in the requests. One request may contain one or multiple account identifiers. For example, in a case related to suspected illegal activity, law enforcement may request Apple to preserve information related to several accounts in a single request. We count the number of accounts identified in each request received from each country and report the total number of accounts specified in requests received by country. The number of accounts that resulted in Apple preserving data in response to a valid preservation request. We count the number of accounts in each request where data was preserved and report the total number of accounts for which data was preserved by country.  Table 5: Worldwide Government Account Restriction/Deletion Requests
 July 1 - December 31, 2016 Table 5 provides information regarding account restriction/deletion requests received. Examples of such requests are where law enforcement agencies suspect an account may have been used unlawfully or in violation of Apple’s terms of service, and request Apple to restrict or delete the account. For requests seeking to restrict/delete a customer’s Apple ID, Apple requires a court order (including conviction or warrant) demonstrating that the account to be restricted/deleted was used unlawfully. Country # of Account Restriction/ Account Deletion Requests Received # of Accounts Specified in the Requests # of Requests Rejected/Challenged Where No Action Taken # of Account Restriction Requests Where Account Restricted 1 1 0 1 0 2 2 1 0 1 3 3 1 1 1 3 3 3 0 0 3 6 1 0 2 2 3 2 0 0 8 12 6 0 2 3 3 1 0 2 3 3 1 0 2 14 18 8 1 5 Asia Pacific Hong Kong Japan Asia Pacific Total Europe, Middle East, India, Africa India Sweden Switzerland Europe, Middle East, India, Africa Total North America United States of America North America Total Worldwide Total # of Account Deletion Requests Where Account Deleted # of Account Restriction/Account Deletion Requests Received The number of requests received from a government agency seeking to restrict/delete a customer’s Apple account. We count each individual request received from each country and report the total number of requests received by country. # of Accounts Specified in the Requests The number of accounts specified in the requests. One request may contain one or multiple account identifiers. For example, in a case related to possession or distribution of illegal material, law enforcement may request Apple to restrict or delete several accounts in a single request. We count the number of accounts identified in each request received from each country and report the total number of accounts specified in requests received by country. # of Requests Rejected/Challenged Where No Action Taken The number of account restriction/deletion requests that resulted in Apple challenging or rejecting the request based on grounds such as a request does not have a valid legal basis, or is unclear, inappropriate and/or over-broad, or where it is not accompanied by a court order (including conviction or warrant) demonstrating that the account to be restricted/deleted was used unlawfully; and where no action was taken by Apple. We count each account restriction/ deletion request where we challenge or reject it and report the total number of such instances by country. # of Account Restriction Requests Where Account Restricted The number of account restriction requests where Apple determined the request and order sufficiently demonstrated the account to be restricted was used unlawfully and we proceeded with the requested restriction. We count each account restriction request where we proceeded with restriction and report the total number of such instances by country. # of Account Deletion Requests Where Account Deleted The number of account deletion requests where Apple determined the request and order sufficiently demonstrated the account to be deleted was used unlawfully and we deleted the Apple account. We count each account deletion request where we deleted an account and report the total number of such instances by country.  Table 6: Worldwide Government Emergency Requests
 July 1 - December 31, 2016 Table 6 provides information regarding emergency requests received. Under the U.S. Electronic Communications Privacy Act (ECPA) government agencies may request Apple to voluntarily disclose information, including customer records and contents of communications, to a government entity if Apple believes in good faith that an emergency involving imminent danger of death or serious physical injury to any person requires such disclosure without delay. International agencies may make similar requests to Apple under applicable local law. Examples of such requests are where a person may be missing and law enforcement believes the person may be in danger. Emergency requests generally seek details of customers’ connections to Apple services. Country # of Emergency Requests Received # of Requests Rejected/ Challenged & No Data Provided # of Emergency Requests Where No Data Provided # of Emergency Requests Where Data Provided % of Emergency Requests Where Data Provided Australia 1 0 0 1 100% Taiwan 1 0 0 1 100% Asia Pacific Total Europe, Middle East, India, Africa Denmark 2 0 0 2 100% 2 0 0 2 100% France 6 0 1 5 83% Germany 4 0 0 4 100% India 3 0 0 3 100% Italy 2 0 0 2 100% Netherlands 3 0 1 2 67% Norway 1 0 0 1 100% Spain 2 0 0 2 100% Sweden 2 0 0 2 100% Switzerland 1 0 0 1 100% 52 1 9 42 81% 78 1 11 66 85% Brazil 1 0 0 1 100% Ecuador 1 0 0 1 100% Latin America Total 2 0 0 2 100% Canada 13 0 2 11 85% Mexico 2 1 0 1 50% United States of America 81 1 9 71 88% North America Total 96 2 11 83 86% 178 3 22 153 86% Asia Pacific United Kingdom Europe, Middle East, India, Africa Total Latin America North America Worldwide Total # of Emergency Requests Received The number of emergency requests received from a government agency. We count each individual request received from each country and report the total number of requests received by country. # of Requests Rejected/Challenged & No Data Provided The number of emergency requests that resulted in Apple challenging or rejecting the request based on grounds such as a request is unclear, inappropriate, or fails to demonstrate that it relates to an emergency circumstance; and where no data was provided. We count each emergency request where we challenge or reject it and report the total number of such instances by country. # of Emergency Requests Where No Data Provided The number of emergency requests that resulted in Apple providing no data. For example, instances where there was no responsive data. We count each emergency request where we do not provide data and report the total number of such instances by country. # of Emergency Requests Where Data Provided The number of emergency requests that resulted in Apple providing data, such as subscriber or transactional information in response to a valid emergency request. We count each emergency request where we provide data and report the total number of such instances by country. % of Emergency Requests Where Data Provided The percentage of emergency requests that resulted in Apple providing data. We calculate this based on the number of emergency requests that resulted in Apple providing data per country compared to the total number of emergency requests Apple received from that country.  Table 7: United States Government National Security Requests 
 July 1 - December 31, 2016 Table 7 provides information regarding United States National Security requests received, including orders received under FISA and National Security Letters (“NSLs”). To date, Apple has not received any orders for bulk data. We report all the national security orders we have received, including orders received under FISA and NSLs, in bands of 250. Though we want to be more specific, this is currently the narrowest range allowed by the government. # of National Security Orders Received 5750-5999 # of Accounts Affected 4750-4999 Declassified National Security Letters # of National Security Orders Received # of Accounts Affected Declassified National Security Letters 1 The number of United States National Security requests received. We count each individual request received and report the total number of requests received within bands permissible by law. The number of accounts where Apple provided data in response to United States National Security requests. We count the number of accounts where we provide data and report the total number of accounts affected within bands permissible by law. The number of declassified National Security letters Apple received.  Tables 8, 9, 10: United States Government Requests by Legal Process Type
 July 1 - December 31, 2016 Tables 8, 9, and 10 provide information regarding United States requests by Legal Process Type. Legal process types can be Search Warrant, Title III Wiretap Order, Pen Register/Trap and Trace Orders, Other Court Orders, or Subpoenas. Table 8: United States Government Device Requests by Legal Process Type Table 8 provides information regarding the types of legal process Apple received as Device Requests. # of Device Requests Search Warrants Title III Wiretap Orders Pen Register/Trap and Trace Orders Other Court Orders Subpoenas 4,254 249 N/A 1 203 3,801 % of Total (100%) 6% - 0% 5% 89% Table 9: United States Government Financial Identifier Requests by Legal Process Type Table 9 provides information regarding the types of legal process Apple received as Financial Identifier Requests. # of Financial Identifier Requests 944 % of Total (100%) Search Warrants Title III Wiretap Orders Pen Register/Trap and Trace Orders Other Court Orders Subpoenas 154 N/A 0 75 715 16% - 0% 8% 76% Table 10: United States Government Account Requests by Legal Process Type Table 10 provides information regarding the types of legal process Apple received as Account Requests. # of Account Requests 1,219 % of Total (100%) Search Warrants Title III Wiretap Orders Pen Register/Trap and Trace Orders Other Court Orders Subpoenas 500 0 7 79 633 41% 0% 1% 6% 52%  # of Device/ Financial Identifier/ Account Requests The total number of United States government requests Apple received by request type (Device, Financial Identifier, and Account). We count each individual request received from the United States by request type and report the total number of requests received by request type. Search Warrants A search warrant is a judicial document used in a criminal case authorizing law enforcement officers to search a person or place to obtain evidence. The Fourth Amendment requires that law enforcement officers obtain search warrants by submitting affidavits and other evidence to a judge or magistrate to meet a burden of proof that a search will yield evidence related to a crime. The judge or magistrate will issue the warrant if satisfied that the law enforcement officers have met the burden of proof. For customer content, Apple requires a search warrant issued upon a showing of probable cause in order to provide content. Title III Wiretap Orders A Title III wiretap order is a specific type of court order used in a criminal case that authorizes law enforcement officers to obtain contents of communications in real-time. A wiretap order includes requirements that law enforcement officers make an application and furnish evidence to a judge or magistrate to demonstrate there is probable cause to believe that interception of communications will yield evidence related to a particular crime, there is probable cause to believe that an individual has committed or is about to commit a particular crime and must specifically identify the individual/ target whose communications are to be intercepted. A statement must also be included as to whether other investigatory measures have been tried and failed or are unlikely to succeed. If satisfied that the requirements have been met, the judge or magistrate will issue the wiretap order. A wiretap order allows the government to obtain content on a forward-looking basis for a specific limited period of time as opposed to stored historical content. Apple can intercept users’ iCloud email communications upon receipt of a valid Wiretap Order. Apple cannot intercept users’ iMessage or FaceTime communications as these communications are end-to-end encrypted. Pen Register/Trap and Trace Orders A pen register or trap and trace order is a specific type of court order used in a criminal case authorizing law enforcement officers to obtain headers of electronic communications and other non-content data in real-time. A pen register order requires law enforcement officers to make a statement of offense which the pen register relates and certify the information likely to be obtained is relevant/material to an ongoing criminal investigation. The legal standard for obtaining a pen register order is lower than what is required for a search warrant or a wiretap order. A pen register order allows the government to obtain non-content information on a forward-looking basis for a specific limited period of time as opposed to stored historical information. A pen register order can be combined with a court order/warrant for historical records, in such instances we report the process type as pen register/trap and trace order. Other Court Orders A court order is a document issued by a judge or magistrate directing a person or entity to comply with the order. An order may be issued in either a criminal or civil case. Government agencies applying for an order in a criminal case must generally present facts and evidence to a judge or magistrate showing there are reasonable grounds to believe that the information sought is relevant and material to an ongoing criminal investigation or similar legal standard. Non-content data such as subscriber and transaction information can be provided in response to a court order. Subpoenas A subpoena or equivalent legal process request (e.g. petition or summons) is a document issued by a government agency or court directing a person or entity to comply with requests for information. Local, state and federal government agencies may issue subpoenas. Under many jurisdictions, a judge or magistrate is not required to review a subpoena before it is issued. Accordingly, the subpoena has the lowest threshold for burden of proof. A subpoena may be issued in either a criminal or civil case. Non-content data such as device, subscriber and connection information can be provided in response to a subpoena. % of Total The percentage of requests by Legal Process Type. We calculate this based on the number of respective Legal Process Types compared to the respective total number of Device/Financial Identifier/Account Requests received by Apple.  Table 11: United States Private Party Requests for Information
 July 1 - December 31, 2016 Table 11 provides information regarding United States Private Party (non-government) Requests for information. Examples of such requests are where private litigants are involved in either civil or criminal proceedings. Apple complies with these requests insofar as it is legally required to do so. # of Private Party Requests 157 % of Total (100%) # of Private Party Requests # of Requests Rejected/ Challenged & No Data Provided # of Requests Where No Data Provided # of Requests Where Data Provided 112 4 41 71% 3% 26% The number of requests received from private parties (non-government) in the United States seeking customer data related to specific devices, financial identifiers and/or accounts. We count each individual request received from private parties and report the total number of requests received. # of Requests Rejected/ Challenged & No Data Provided The number of private party requests that resulted in Apple challenging or rejecting the request based on grounds such as a request does not have a valid legal basis, or is unclear and/or over-broad; and where no data was provided. We count each private party request where we challenge or reject it in full, and report the total number of such instances. # of Requests Where No Data Provided The number of private party requests that resulted in Apple providing no data. For example, where there was no responsive data. We count each instance where we do not provide data in response to a private party request and report the total number of such instances. # of Requests Where Data Provided % of Total The number of private party requests that resulted in Apple providing data in response to valid legal process or subscriber consent. We count each instance where we provide data in response to a private party request and report the total number of such instances. The percentages are calculated based on the number of response types compared to the total number of Private Party Requests received by Apple.  Table 12: United States Private Party Requests for Account Restriction/Deletion
 July 1 - December 31, 2016 Table 12 provides information regarding United States Private Party Requests (non-government) for Apple account restriction/ deletion. Examples of such requests are where private litigants are involved in either civil or criminal proceedings, and requests for Apple to restrict/delete an account may arise. For requests seeking to restrict/delete a customer’s Apple ID, Apple requires a court order. Apple complies with these requests insofar as it is legally required to do so. # of Account Restriction/ Account Deletion Requests Received 0 # of Account Restriction/ Account Deletion Requests Received # of Accounts Specified in the Requests 0 # of Rejected/ Challenged Requests Where No Action Taken 0 # of Account Restriction Requests Where Account Restricted 0 # of Account Deletion Requests Where Account Deleted 0 The number of requests received from private parties (non-government), such as participants in a civil or family law case, seeking to restrict/delete a customer’s Apple ID. We count each individual request received from private parties and report the total number of requests received. # of Accounts Specified in the Requests The number of accounts specified in the requests. One request may contain one or multiple account identifiers. For example, in a case related to multiple shared accounts, a private party may request Apple to restrict or delete several accounts in a single request. We count the number of accounts identified in each request received from private parties and report the total number of accounts specified in requests received. # of Rejected/ Challenged Requests Where No Action Taken The number of account restriction/deletion requests that resulted in Apple challenging or rejecting the request based on grounds, such as a request does not have a valid legal basis, or is unclear, inappropriate and/or over-broad, or where it is not accompanied by a court order demonstrating the grounds upon which the account is to be restricted/deleted; and where no action was taken by Apple. We count each account restriction/deletion request where we challenge or reject it and report the total number of such instances. # of Account Restriction Requests Where Account Restricted # of Account Deletion Requests Where Account Deleted The number of account restriction requests where Apple determined the request and order sufficiently demonstrated the grounds upon which the specified account was to be restricted; and we proceeded with the requested restriction. We count each account restriction request where we proceeded with restriction and report the total number of such instances. The number of account deletion requests where Apple determined the request and order sufficiently demonstrated the grounds upon which the specified account was to be deleted; and we deleted the Apple account. We count each account deletion request where we deleted an account and report the total number of such instances.  Matters of note in this report Table 1 Worldwide Government Device Requests Australia - High number of devices specified in requests predominantly due to investigation into fraudulent use of funds to purchase devices. China - High number of devices specified in requests predominantly due to stolen device investigations. Germany - High volume of device requests predominantly due to apparent high incidences of reporting/investigating cases of stolen devices. Poland - High number of devices specified in requests predominantly due to Tax Fraud investigations. South Korea - High number of devices specified in requests predominantly due to stolen device investigations. Table 2 Worldwide Government Financial Identifier Requests Australia - High number of financial identifiers specified in requests predominantly due to investigations into iTunes Gift Card Fraud. Canada - High number of financial identifiers specified in requests predominantly due to investigations into iTunes Gift Card Fraud. Germany - High number of financial identifiers specified in requests predominantly due to investigations into iTunes Gift Card Fraud. India - High number of financial identifiers specified in requests predominantly due to investigations into iTunes Gift Card Fraud. United States - High number of financial identifier requests predominantly due to investigations into Credit Card fraud and iTunes Gift Card fraud. Table 3b Worldwide Government Account Requests China - High number of accounts specified in requests predominantly due to investigations into suspected phishing scams and iTunes refund fraud investigations. United States - High number of accounts specified in requests predominantly due to investigations into suspected unauthorized account access/phishing. Mutual Legal Assistance Treaty (MLAT) Requests Requests received from a foreign government pursuant to the MLAT process or through other cooperative efforts with the United States government are included in Apple's transparency report. Apple has been able to determine nine MLAT requests for information were issued by the United States government in this reporting period. However, this may not be the precise number of MLAT requests received, as in some instances a United States court order or search warrant may not indicate that it is the result of an MLAT request. In instances where the originating country was identified, Apple has counted and reported the MLAT request under the country of origin. In instances where the originating country was not identified, Apple has counted and reported the request under the United States of America.