A U.S. senator just revealed some unsettling information about how some governments are spying on smartphone users using their apps’ push notifications.
Oregon Sen. Ron Wyden sent a letter to Attorney General Merrick Garland in which he told Garland about a tip his office received that exposed how government agencies in foreign countries demanded those notifications’ records from Google and Apple.
The letter never identified which governments were involved in the surveillance tactic and details were limited on the exact process they used to access smartphone users’ information, but Wyden did map out a possible path.
When a person first receives a push notification on their smartphone, the alert isn’t just instantly sent. It first travels through what Wyden characterized as a “digital post office” that’s operated by Google and Apple servers. App companies have no choice but to use those servers to get their notifications to iPhone and Android users.
The senator stated that foreign governments can persuade Google and Apple to hand over the metadata that goes through their servers daily. That data can reveal app information and details about the phones to which the push alerts were sent.
While Wyden’s letter seems mostly speculative, an anonymous source confirmed to Reuters that what he surmised is indeed the case. Both foreign and U.S. government agencies have asked Apple and Google for push alert metadata, the source told Reuters. That data could reportedly help link anonymous users of messaging apps to specific Apple or Google accounts.
Wyden is demanding that both tech companies remain transparent with the U.S. government if they receive these requests.
“These companies should be permitted to generally reveal whether they have been compelled to facilitate this surveillance practice, to publish aggregate statistics about the number of demands they receive, and unless temporarily gagged by a court, to notify specific…
Read the full article here
