Apple and Google have confirmed that they have been providing push notification data to governments, following a letter from Senator Ron Wyden that exposed this practice, MacRumors is reporting.
Push notifications create a token that links user devices to their account information, potentially allowing governments to track individuals.
Apple’s updated Legal Process Guidelines now state that the Apple ID associated with a push notification token can be obtained with legal process. This confirms reports that governments have been using notification data for user surveillance.
From Apple’s website:
“When users allow an application they have installed to receive push notifications, an Apple Push Notification Service (APNs) token is generated and registered to that developer and device. Some apps may have multiple APNs tokens for one account on one device to differentiate between messages and multi-media.
The Apple ID associated with a registered APNs token may be obtained with a subpoena or greater legal process.”
Reuters has previously confirmed that both U.S. and foreign governments have requested push notification data from Apple and Google.
This data has been used to link anonymous users of messaging apps to their accounts.
The Washington Post also found court documents related to federal requests for push notification data, including nine related to the January 6th Capitol riot investigation.
This revelation raises concerns about user privacy and the potential for misuse of push notification data by governments. Senator Wyden called for greater transparency and accountability in how this data is collected and used.
Want to see more of our stories on Google?
P.S. Want to keep this site truly independent? Support us by buying us a beer, treating us to a coffee, or shopping through Amazon here. Links in this post are affiliate links, so we earn a tiny commission at no charge to you. Thanks for supporting independent Canadian media!
Apple: We have nothing to hide, user privacy is important, we’re more secure than anyone else! Also Apple: Oh here, Government and law enforcement, have a user’s notifications without their knowledge or consent.
So, at the end of the day, no different than Google’s nonsense, just more hidden and as per usual with Apple gets a pass.
Double standards sure are great.
It’s actually worse when you consider that everyone knows what to expect from Google and can choose to defend themselves as a result. Meanwhile Apple constantly deceives their users, leaving them in the dark, and takes advantage of their misplaced trust. How can Apple users defend themselves against things Apple hides? They can’t.
Honestly just skuzzy, manipulative marketing at its best. Feeding people nonsensical garbage while calling it candy.
The fact that Apple’s own iMessage has been reverse engineered by a teenager really shows just how ‘secure’ it is
It’s interesting how people will comment on things they’re poorly informed about.
• neither Apple nor Google are giving over your notifications. They are providing the user token, which helps identify the user/device. Not great but not nearly the same thing. Difficult to even confuse the two, TBH.
• access to the notification data, can be obtained subsequently, depending entirely on the app/developer.
• easily remediated, on iOS, by disabling notifications on sensitive apps
• alternatively, at least on iOS, simply reinstalling the app periodically resets the token, making whatever was previously obtained obsolete for tracking.
This still doesn’t change the fact that apple is deceiving its customners into believing that user privacy is taken seriously. Clearly it isn’t if the identification of a user’s device can be done from a notification.
I do not care that this can be gotten around – the fact Apple touts user privacy at the core of its usability is laughable, at this point. Reminds me of DuckDuckGo.