We've known (or suspected) for some time that Apple can provide data from iOS devices to US law enforcement, whether that data is stored on Apple's iCloud servers or on a password protected phone or tablet. In an effort to be more transparent about this process, Apple yesterday posted an extensive document describing what data the company can provide to law enforcement and the processes for requesting that data.

The document outlines two basic types of data: information stored on Apple's servers and information stored locally on iOS devices. Information on Apple's servers includes both data associated with your Apple ID—your basic contact information, customer service records, your transaction history both in Apple's retail stores and in the online iTunes and App Stores, and iTunes gift card information—and data associated with your iCloud account. All account data stored on Apple's servers is obtainable "with a subpoena or greater legal process."

The short version is that essentially anything you've backed up to or stored on iCloud is available for Apple to fork over to law enforcement, including connection logs and IP addresses you've used. Apple has access to 60 days of iCloud mail logs that "include records of incoming and outgoing communications such as time, date, sender e-mail addresses, and recipient e-mail addresses"; any e-mail messages that the user has not deleted; and any other information that can be backed up to iCloud. As of this writing, this list includes contacts, calendars, browser bookmarks, Photo Stream photos, anything that uses the "documents and data" feature (which can include not just word processors but also photo and video apps, games, and data from other applications), and full device backups. Subscriber information requires a "subpoena or greater legal process," e-mail logs require a court order or search warrant, and e-mail or other iCloud content requires a search warrant. Any iCloud information that the user deletes cannot be accessed.

The one major area that isn't mentioned is passwords stored using Apple's iCloud Keychain feature , which could provide credentials for non-Apple sites and services. Apple has said in the past that iCloud Keychain data is encrypted and inaccessible by Apple. Some security researchers have disputed that claim , but in any case it's unclear whether Apple will provide this data to law enforcement if requested. Apple also maintains that iMessages and FaceTime calls cannot be intercepted because of the end-to-end encryption those services use, though security researchers have also disputed those claims and the guidelines don't mention whether iMessages stored in an iOS device backup are similarly protected. In any case, even if Apple could view in-transit iMessages if it wanted to, its guidelines make it clear that it won't offer to do so.

Some data from the Find My iPhone service is also available, including connection logs and requests to remotely lock or wipe a device. Apple cannot manually activate the Find My iPhone service on a phone if requested by law enforcement, however, and it's not clear whether Apple will provide the current location of an iOS device that is turned on and has the Find My iPhone service enabled. We've contacted Apple for clarification on the Find My iPhone, iCloud Keychain, and iMessage questions and will update this article if we receive a response.

When law enforcement seeks any of the above data, the guidelines state that Apple will "notify its customers when their personal information is being sought in response to legal process except where providing notice is prohibited by the legal process itself." Apple will also avoid notifying users if the company "believes that providing notice could create a risk of injury or death to an identifiable individual or group of individuals or in situations where the case relates to child endangerment," though this is entirely up to Apple and not to the law enforcement agencies involved.

Finally, even if you don't store any of your information on iCloud, Apple can bypass security passcodes on our iOS devices to extract "certain categories of active data," though it apparently cannot bypass that protection entirely. If provided with a valid search warrant, Apple can hand over SMS messages, pictures and videos, contacts, audio recordings, and your phone's call history, but it can't access e-mails, calendar entries, or information from third-party applications. Devices must be running iOS 4 or newer, must be "in good working order," and must be provided directly to Apple's headquarters along with an external storage drive twice the size of the iOS device's internal storage.

Apple's guidelines are broadly similar to those provided by other tech companies—Google, for example, provides a similar "Transparency Report" outlining the types of data available to law enforcement. The best recourse for Apple customers who don't want this data to be available to law enforcement agencies is to limit what you store on Apple's servers. Anyone with a registered Apple ID has given some data to Apple, but by storing device backups locally or (for the especially privacy-minded) running your own OS X Server or e-mail server to store some of this potentially sensitive data, you can limit the amount of stuff that Apple and other cloud companies have access to in the first place. If nothing else, these new guidelines can help people make those decisions by outlining just what Apple can access and under what circumstances it can do so.