Apple has updated its Legal Process Guidelines to reflect the company's legal obligation to comply with law enforcement requests for Apple ID information associated with its push notification service. The change follows yesterday's revelation that governments are actively using smartphone notification data as a user surveillance tool.
In the section titled "Information Available from Apple," Apple has appended an alphabetical list with the subsection "AA. Apple Push Notification Service (APNs)," which reads:
When users allow an application they have installed to receive push notifications, an Apple Push Notification Service (APNs) token is generated and registered to that developer and device. Some apps may have multiple APNs tokens for one account on one device to differentiate between messages and multi-media.
The Apple ID associated with a registered APNs token may be obtained with a subpoena or greater legal process.
Apple and Google have been forced by governments at home and abroad to provide users' data from notifications they get on their devices, US Senator Ron Wyden revealed on Wednesday in a letter to the Justice Department, drawing attention to a new smartphone privacy concern.
The Justice Department declined to comment on the letter, but Apple and Google confirmed that they have been subject to the requests. The companies explained that they had been prohibited from sharing information about how governments monitored push notifications until Wyden's letter had been made public and given them the legal opening they needed.
With push notifications enabled, Apple and Google create a small bit of data, known as a token, that links the user's device to the account information they've given the companies, such as their name and email address.
A Reuters source familiar with the matter confirmed that both foreign and U.S. government agencies have been asking Apple and Google for user information related to push notifications. The data is said to have been used to attempt to tie anonymous users of messaging apps to specific Apple or Google accounts.
The Washington Post said on Wednesday it had found more than two dozen search warrant applications and other documents in court records related to federal requests for push notification data. Though many were redacted, nine of the documents pertained to the federal hunt for U.S. Capitol rioters on January 6, 2021.
Note: Due to the political or social nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Top Rated Comments
this may or may not be a rhetorical question
There are some serious safety concerns expressed by experts and scientists, but that’s still something entirely different than “mass surveillance”.
Here is an example of myself using our app. The SDK from CleverTap basically lets me see anything a user does as long as I know the user ID