U.S. Senator Ron Wyden sent a letter to the U.S. Department of Justice last week, looking for more information regarding a tip his office had received.
But what he discovered was shocking: Governments can surveil smartphone users by requesting their push notification data.
Apple changes its policy
Recent report from Reuters reveals that Apple has quietly updated its law enforcement policies, making it more difficult for the government to access that data.
Apple provides Legal Process Guidelines for law enforcement publicly on its website. Now, a “judge’s order,” or search warrant, is required for Apple to provide a user’s push notification data.
The relevant update appears under the “Apple Push Notification Service (APNs)” section of the policy.
As mentioned in Mashable’s prior coverage, data that a user provides to third-party mobile apps are generally stored by those third-party developers. However, when that data shows up as a push notification on a user’s phone, the information passes through Apple and Google’s servers. This makes certain data accessible to iPhone and Android device makers — and that data can be requested by law enforcement.
Now that this practice has been disclosed publicly, users should exercise caution when granting push notification access to certain apps. And companies like Apple are adjusting their own rules around how they treat this data as well.