Bottom line: Federal investigators were able to trace an anonymous email sent using Apple's privacy feature Hide My Email back to its source after Apple provided the real iCloud address linked to the disguised sender, according to newly filed court records. The disclosure offers a rare glimpse into how Apple cooperates with law enforcement requests and what the company can reveal about data generated through its privacy tools. While the move aligns with Apple's longstanding compliance practices, the case highlights the limits of anonymity under the iCloud+ Hide My Email option.
According to the affidavit, the FBI sought information during a probe into a threatening message received by Alexis Wilkins, the girlfriend of FBI Director Kash Patel. The email, sent from the address [email protected], reads, "Do you know how happy I'll be when your c**t ass face is canoed by an assault rifle? Tick tock bitch. Watch your back."
The document identifies Person 1 as Wilkins and includes the explicit language of the threat, which references a slang term for the mutilation of a victim's head.
Court records indicate that after investigators traced the email to Apple, the company provided information linking [email protected] to an account belonging to Alden Ruml. According to the affidavit, Apple's records also showed that the same account had created 134 anonymized email addresses through the Hide My Email service.
When questioned, Alden Ruml admitted to sending the threatening email, according to the affidavit. He allegedly told investigators that he was motivated by a February 28 news article describing the FBI's efforts to provide personal security for Alexis Wilkins. Although the affidavit does not specify which report he referred to, The New York Times published a story that day outlining Kash Patel's order for federal agents to transport his girlfriend to errands and events.
Apple's Hide My Email feature is marketed as a way to protect user privacy by allowing iCloud+ subscribers to create random forwarding email aliases. The company describes the function on its website as a tool to keep personal email addresses private.
According to Apple, the Hide My Email feature lets users generate random, one-off email addresses that automatically forward messages to their real inbox. This allows users to avoid disclosing their actual email when registering for services, subscribing to mailing lists, or sending messages online.
The incident highlights the delicate balance Apple and other major tech companies maintain between privacy-enhancing technologies and lawful access requests. While Hide My Email can protect user identities in routine digital interactions, the case demonstrates that anonymity ends when authorities present valid legal orders.
Apple did not immediately respond to a request for comment regarding its role in the investigation.