Apple Confirms Governments Use Push Notifications to Surveil Users

• "In a letter to the Department of Justice, Senator Ron Wyden said foreign officials were demanding the data from Alphabet's Google and Apple."

"The traffic flowing from apps that send push notifications put the companies "in a unique position to facilitate government surveillance of how users are using particular apps," Wyden said. He asked the Department of Justice to "repeal or modify any policies" that hindered public discussions of push notification spying."

• "In a statement, Apple said that Wyden's letter gave them the opening they needed to share more details with the public about how governments monitored push notifications."

"In this case, the federal government prohibited us from sharing any information. Now that this method has become public we are updating our transparency reporting to detail these kinds of requests," the company told Reuters.

• "A source familiar with the matter confirmed that both foreign and U.S. government agencies have been asking Apple and Google for metadata related to push notifications. The data is said to have been used to attempt to tie anonymous users of messaging apps to specific Apple or Google accounts."
• "Reuters' source would not identify which governments were making the data requests but described them as "democracies allied to the United States." They did not know how long the requests had been going on for."
• "Apple advises developers not to include sensitive data in notifications and to encrypt any data before adding it to a notification payload," writes MacRumors.
• "Earlier this year French developer David Libeau said users and developers were often unaware of how their apps emitted data to the U.S. tech giants via push notifications, calling them "a privacy nightmare."

MacRumors Article / Archive
Reuters Article / Archive
Wyden Letter / Archive