Article Details

US senator: Govts spy on Apple, Google users via mobile notifications. A U.S. senator revealed today that government agencies worldwide demand mobile push notification records from Apple and Google users to spy on their customers. These revelations come after U.S. Senator Ron Wyden, who serves on the Senate Intelligence Committee, sent a letter to the Department of Justice warning that various governments around the world have been requesting push notification data from two major tech companies. The goal of these requests is likely to gain access to data required to link users with specific accounts or devices. Wyden said that he received a tip about governments requesting this data in 2022, and his office has been investigating the matter over the past year. Push notifications are smartphone alerts from mobile apps that go through intermediary gateways managed by the device vendor (through Google's Firebase Cloud Messaging and Apple's Push Notification Service). App developers must use Apple's and Google's notification gateways, which provide the tech giants with insight into their customers' app usage patterns and make it easier for U.S. or international governments to monitor individuals of interest through data requests. Data collection through this method helps link devices to Apple or Google accounts and may also allow access to unencrypted notification content, including text displayed on the receiving smartphone. In his letter, Wyden also asked the DOJ to allow the two companies to share more details regarding this practice with their customers, seeing that this information is restricted from public release by the U.S. government. "Apple and Google should be permitted to be transparent about the legal demands they receive, particularly from foreign governments, just as the companies regularly notify users about other types of government demands for data," Wyden said. "These companies should be permitted to generally reveal whether they have been compelled to facilitate this surveillance practice, to publish aggregate statistics about the number of demands they receive, and unless temporarily gagged by a court, to notify specific customers about demands for their data." Apple and Google promise to share more info In response to the letter, Apple said that this provides an opportunity to disclose further information to the public concerning how government entities use data related to such notifications for surveillance purposes. "In this case, the federal government prohibited us from sharing any information. Now that this method has become public we are updating our transparency reporting to detail these kinds of requests," Apple said in a statement shared with Reuters. A Google spokesperson added that the company shares "the Senator’s commitment to keeping users informed about these requests." "We were the first major company to publish a public transparency report sharing the number and types of government requests for user data we receive, including the requests referred to by Senator Wyden," BleepingComputer was told. An Apple spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today.