Apple has provided US federal agents with the personal details of customers who used its 'Hide My Email' privacy feature, according to newly revealed court documents. The information was handed over in response to law enforcement requests as part of separate criminal investigations.

The 'Hide My Email' service allows paying iCloud+ subscribers to generate unique, random email addresses that forward messages to their personal inbox, shielding their real email from apps and websites. Apple states it does not read the forwarded messages.

Details Emerge from Federal Investigations

In one case, the Federal Bureau of Investigation (FBI) requested records from Apple earlier this month during a probe into an email threat allegedly sent to Alexis Wilkins, the girlfriend of FBI director Kash Patel. In response, Apple provided records showing the anonymous address was linked to a specific Apple account, supplying the holder's full name and primary email address.

The search warrant affidavit, first reported by 404 Media, also notes Apple provided records for 134 anonymised email accounts created via the feature.

Second Case Involves Identity Fraud Probe

In a separate investigation, agents from Homeland Security Investigations (HSI), a unit within US Immigration and Customs Enforcement (ICE), obtained information from Apple about a customer suspected of identity fraud. An HSI agent cited "records received from Apple" in January 2026, which indicated the suspect had created several anonymised email addresses across multiple Apple accounts using the Hide My Email tool.

These disclosures highlight the limits of certain privacy features when faced with legal subpoenas and search warrants, contrasting with Apple's marketing of user data protection.

The Limits of Apple's Encryption and Email Privacy

While Apple promotes end-to-end encryption for much of its iCloud service—meaning not even Apple can access the data—not all customer information is protected this way. Information Apple stores about its customers, including names, physical addresses, billing details, and unencrypted data like standard emails, remains accessible to the company and, by extension, to law enforcement with the proper legal authority.

This reality underscores a broader privacy limitation: the vast majority of emails are sent unencrypted, containing plaintext information necessary for global routing. This has driven increased adoption of fully end-to-end encrypted messaging platforms like Signal.

Context and Company Response

Apple has positioned itself as a champion of user privacy, often contrasting its policies with those of data-hungry advertisers. The revelation that its anonymisation tool does not anonymise users from state authorities provides a critical nuance to that stance.

A spokesperson for Apple did not respond to a request for comment from TechCrunch regarding these cases.