Push notifications could be used to snoop on Google and Apple users, US Senator warns

(Image credit: Shutterstock)

Governments could be using push notifications to spy on phones, a top US Senator has warned.

Google and Apple phones process push notifications through servers belonging to the tech giants, allowing governments to potentially demand access to this data.

Messages, breaking news, and other priority updates all generate push-notifications, meaning that encrypted data, potentially including the actual message itself, could be accessed.

Push for Apple and Google transparency on notifications

Ron Wyden, who sits on the Senate Intelligence Committee, shared his concerns in a letter to the US Justice Department, stating that Apple and Google are “in a unique position to facilitate government surveillance of how users are using particular apps.”

“Apple and Google should be permitted to be transparent about the legal demands they receive, particularly from foreign governments, just as the companies regularly notify users about other types of government demands for data.”

“These companies should be permitted to generally reveal whether they have been compelled to facilitate this surveillance practice, to publish aggregate statistics about the number of demands they receive, and unless temporarily gagged by a court, to notify specific customers about demands for their data.”

According to Reuters, both Apple and Google have been approached in requests for push-notification data from both foreign and US government agencies, with Apple spokesperson Shane Bauer stating in an email to TechCrunch that, “Apple is committed to transparency and we have long been a supporter of efforts to ensure that providers are able to disclose as much information as possible to their users.”

“In this case, the federal government prohibited us from sharing any information and now that this method has become public we are updating our transparency reporting to detail these kinds of requests.”

In a similar statement, Matt Bryant of Google said, “We were the first major company to publish a public transparency report sharing the number and types of government requests for user data we receive, including the requests referred to by Senator Wyden.”

Via TechCrunch

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Before settling into journalism he worked as a Livestream Production Manager, covering games in the National Ice Hockey League for 5 years and contributing heavily to the advancement of livestreaming within the league. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but he also likes to draw on his knowledge of geopolitics and international relations to understand the motives and consequences of state-sponsored cyber attacks.

He has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham. His masters dissertation, titled 'Arms sales as a foreign policy tool,' argues that the export of weapon systems has been an integral part of the diplomatic toolkit used by the US, Russia and China since 1945. Benedict has also written about NATO's role in the era of hybrid warfare, the influence of interest groups on US foreign policy, and how reputational insecurity can contribute to the misuse of intelligence.

Outside of work Ben follows many sports; most notably ice hockey and rugby. When not running or climbing, Ben can most often be found deep in the shrubbery of a pub garden.