Image Courtesy: Dall-E 2
A US Senator has written to the Department of Justice warning it of unauthorised surveillance of smartphones by foreign governments, urging its intervention in allowing tech firms to reveal such demands to users.
Senator Ron Wyden in his letter to Attorney General Merrick B Garland claimed an investigation by his office has revealed foreign officials are requesting private data from Google and Apple.
While he did not name any particular country or official, Wyden said governments might be using app push notifications to monitor smartphones and keep surveillance on them.
"Apple and Google should be permitted to be transparent about the legal demands they receive, particularly from foreign governments, just as the companies regularly notify users about other types of government demands for data.
"These companies should be permitted to generally reveal whether they have been compelled to facilitate this surveillance practice, to publish aggregate statistics about the number of demands they receive, and unless temporarily gagged by a court, to notify specific customers about demands for their data," Wyden urged the department.
Senator Wyden's letter mentioned receiving a "tip" as the source of information about surveillance, which his staff followed up with a yearlong investigation.
According to the tip-off, a source familiar with the matter confirmed that both US and foreign government agencies have requested metadata from Apple and Google related to push notifications.
According to Reuters, Apple welcomed the letter saying it gave them the opening they needed to protect its users.
"In this case, the federal government prohibited us from sharing any information," the company said in a statement. "Now that this method has become public we are updating our transparency reporting to detail these kinds of requests."
Despite push notifications being a routine aspect for users, they have occasionally raised concerns among technologists due to the challenge of deploying them without transmitting data to Google or Apple.
Earlier this year, French software developer David Libeau highlighted users and developers often overlook how their apps share data with these US tech giants through push notifications, referring to them as a "privacy nightmare."
Apple recommends developers avoid including sensitive data in notifications and encrypt any data before adding it to a notification payload. However, this depends on developers taking appropriate measures.
Additionally, metadata, such as information about which apps are sending notifications and their frequency, is not encrypted. This lack of encryption potentially allows anyone with access to the information to gain insights into users' app usage patterns.
Коментарі