Apple admits to secretly giving governments push notification data::Apple to update transparency report to break out push notification data requests.

  • jmd_akbar@aussie.zone
    link
    fedilink
    English
    arrow-up
    23
    ·
    11 months ago

    If you can give them that, give me that. Give me a log of my own notifications please!!! Please!!! Ffs…

    • AlexWIWA@lemmy.ml
      link
      fedilink
      English
      arrow-up
      13
      ·
      11 months ago

      Fr. Here I am writing a diary when the NSA could just send me a wrapped instead. But noooooo they can’t give me the snooping data 🙄

  • abhibeckert@lemmy.world
    link
    fedilink
    English
    arrow-up
    12
    arrow-down
    1
    ·
    edit-2
    11 months ago

    Oof that’s bad.

    Although it should be noted that in well designed apps this should only be metadata. The push notification should just tell the phone that “content is available”, which will power up the CPU, launch the app in the background, download your actual message/etc, decrypt it, and finally put a notification on the lock screen.

    Metadata is obviously useful to law enforcement, but unless the app is really poorly written they shouldn’t be getting your actual notification alerts. Those should be E2EE and therefore can’t be disclosed.

    Unfortunately the notification system does allow messages to be sent without encryption. Perhaps they should remove that feature.

    • Chris Ely@fosstodon.org
      link
      fedilink
      arrow-up
      13
      ·
      11 months ago

      For Signal, they will know when and how often you receive Signal messages.

      Notifications are used to “activate” the app on your device. Then it will connect to Signal servers and download the encrypted messages.

      After the software on your device decrypted the message, then it has the sender details and message content.

      There are settings to control how much of that information is used when creating the local notification. Because other apps might log notifications.

      @jackalope
      @L4s

    • noodlejetski@lemm.ee
      link
      fedilink
      English
      arrow-up
      4
      ·
      11 months ago

      don’t know about iOS, but on Android Signal doesn’t send the content of messages through Google’s servers.

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    2
    ·
    11 months ago

    This is the best summary I could come up with:


    Governments have been secretly tracking the app activity of an unknown number of people using Apple and Google smartphones, US Senator Ron Wyden (D-Ore.) revealed today.

    According to Wyden, many app users do not realize that these instant alerts “aren’t sent directly from the app provider to users’ smartphones” but instead “pass through a kind of digital post office run by the phone’s operating system provider” to “ensure timely and efficient delivery of notifications.”

    Wyden said his office spent the past year investigating a “tip” received in spring 2022 claiming that “government agencies in foreign countries were demanding smartphone ‘push’ notification records from Google and Apple.”

    Ars verified that Apple’s law enforcement guidelines now notes that push notification records “may be obtained with a subpoena or greater legal process.”

    It’s unclear if either Apple or Google plans to provide any standalone reporting documenting all past requests for push notification data.

    Wyden declined to comment further but wrote in his letter that he is pushing the DOJ to not just end the secrecy but also require even more transparency about these secretive requests.


    The original article contains 694 words, the summary contains 182 words. Saved 74%. I’m a bot and I’m open source!