• kirklennon
    link
    fedilink
    276
    edit-2
    11 months ago

    This headline is ridiculous; I expect better from Ars Technica. You “admit” to things you shouldn’t have done. In this case the government compelled Apple to disclose certain data and simultaneously prohibited Apple from disclosing the disclosure. Thanks to a senator’s letter, Apple is now free to disclose something that they previously wanted to disclose, about something they were forced to do in the first place.

    Compare to the Reuters headline: “Governments spying on Apple, Google users through push notifications - US senator.” The emphasis and agency are correctly placed on the bad actors.

      • @foggy
        link
        English
        1411 months ago

        It’s so telling, how good chat gpt is at creating click bait.

        Ask for 10 click bait titles to any essay. It’ll be better than your title.

        • @jaybone
          link
          English
          711 months ago

          You won’t believe these top 10 generated clickbait titles!

        • @[email protected]
          link
          fedilink
          English
          1811 months ago

          Lemmy isn’t really that different, beside being decentralized and has less restrictions (and downvotes/upvotes don’t mean shit here). People are people and news outlets are the same.

      • shootwhatsmyname
        link
        fedilink
        English
        411 months ago

        We need a bot that puts a better title in the comments, or an automod bot that physically changes the titles to be plain

    • @linearchaos
      link
      English
      3111 months ago

      yeah, it looks like most of the other new agencies are attributing it correctly as the government. IMO it’s the damn gag order that’s most damning. You will spy on them for us and tell no-one.

    • ᗪᗩᗰᑎ
      link
      fedilink
      English
      2311 months ago

      To be fair Google was already making this information public via their transparency reports, albeit in aggregate, since 2010 [0].

      “Google’s transparency report, Ars confirmed, already documents requests for push notification data in aggregated data of all government requests for user information.”

      Apple conveniently played it safe until the coast was clear. Maybe they’d have been allowed to comment on this privacy issue if they published it in aggregate like Google - e.g. not specifically calling out the U.S. Govt? But that wasn’t a risk Apple was willing to take for its users.

      [0] https://en.wikipedia.org/wiki/Transparency_report

    • @sramder
      link
      English
      6
      edit-2
      11 months ago

      I actually scrolled straight to the bottom of the article to see if it was flagged as being “republished from another Condé Nast property.” Just hoping there was an excuse for Ars.

    • Deconceptualist
      link
      fedilink
      English
      1
      edit-2
      11 months ago

      A letter from a senator doesn’t carry much legal force. From my understanding of the article, Apple claims they were prohibited from sharing this information, but a simple letter couldn’t overturn something like a legal order or court mandate. The change here doesn’t support the claim.

      It reads more like Apple chose not to disclose in order to avoid the ire of the DOJ, even though it would have been morally more correct to tell the public sooner.

  • @NocturnalMorning
    link
    English
    4111 months ago

    How are we not suing the ever living shit out of the government for violating peoples 4th ammendment rights? This is a gross violation of the unreasonable search and seizure clause in the constitution.

    • @Spotlight7573
      link
      English
      2211 months ago

      Third party doctrine for one: the data held by third parties has no expectation of privacy, even if it’s about you.

      From Wikipedia:

      The third-party doctrine is a United States legal doctrine that holds that people who voluntarily give information to third parties—such as banks, phone companies, internet service providers (ISPs), and e-mail servers—have “no reasonable expectation of privacy” in that information. A lack of privacy protection allows the United States government to obtain information from third parties without a legal warrant and without otherwise complying with the Fourth Amendment prohibition against search and seizure without probable cause and a judicial search warrant.

      Basically the government’s argument: if you wanted it to remain private, you wouldn’t have given it to someone else.

      I’m reality, it’s an area of law that desperately needs to be updated.

      • @NocturnalMorning
        link
        English
        1511 months ago

        The problem is that you almost can’t function in modern society without having a phone. So their argument is in bad faith, and really should be checked.

      • @slaacaa
        link
        English
        4
        edit-2
        11 months ago

        Laughs in GDPR

        (as an EU citizen)

        • @[email protected]
          link
          fedilink
          English
          211 months ago

          The same EU that’s desperately trying to ban end to end encryption and dictate which certification authorities browsers have to support so they can spy on you better?

    • @reddig33
      link
      English
      411 months ago

      It will take someone being brought in on evidence gathered by this method to get it overturned. It would probably wind its way up to the Supreme Court.

    • @[email protected]
      link
      fedilink
      English
      411 months ago

      What if push messages doesn’t happen on your phone but is somehow “pushed” from somewhere else?

  • AutoTL;DRB
    link
    fedilink
    English
    611 months ago

    This is the best summary I could come up with:


    Governments have been secretly tracking the app activity of an unknown number of people using Apple and Google smartphones, US Senator Ron Wyden (D-Ore.) revealed today.

    According to Wyden, many app users do not realize that these instant alerts “aren’t sent directly from the app provider to users’ smartphones” but instead “pass through a kind of digital post office run by the phone’s operating system provider” to “ensure timely and efficient delivery of notifications.”

    Wyden said his office spent the past year investigating a “tip” received in spring 2022 claiming that “government agencies in foreign countries were demanding smartphone ‘push’ notification records from Google and Apple.”

    Ars verified that Apple’s law enforcement guidelines now notes that push notification records “may be obtained with a subpoena or greater legal process.”

    It’s unclear if either Apple or Google plans to provide any standalone reporting documenting all past requests for push notification data.

    Wyden declined to comment further but wrote in his letter that he is pushing the DOJ to not just end the secrecy but also require even more transparency about these secretive requests.


    The original article contains 694 words, the summary contains 182 words. Saved 74%. I’m a bot and I’m open source!

  • Billy
    link
    fedilink
    English
    111 months ago

    (Also Google, and both by force)

  • @[email protected]
    link
    fedilink
    English
    -511 months ago

    The only push notifications I get are from post mates.

    What other, more sensitive information would they be collecting this way?

    • @PM_Your_Nudes_Please
      link
      English
      1211 months ago

      Pretty much any app that has message details in the notification. For instance, if I get a comment response on Lemmy, my app sends a push notification. If that notification contains details about the message, the government would supposedly be able to read that data.

      Secure messaging apps have moved away from including message info specifically for this reason. For instance, Signal only sends a notification that you received a message. The push notification doesn’t say who the message was from, or what the message said.

      But when Snapchat tells you that a specific friend is typing/has sent a message, the government could conceivably see that and connect you to that person. Maybe not a huge deal if it’s just a friend with nothing to hide. But we all know that “you have nothing to hide so you have nothing to fear” is a horrible excuse. Because it could land you on a list if that friend is a dealer, or becomes radicalized in the future, or has family who has ties to illegal activity, or any number of other things that the government may want to start watching them for.

      • @[email protected]
        link
        fedilink
        English
        411 months ago

        …Signal only sends a notification that you received a message.

        Signal on iOS shows previews by default. It even reads messages over AirPods as they come in.

        iOS must be doing something special here, right? They can’t be sending message contents through the same route as push notification metadata, or it would be breaking end-to-end encryption… right?

        • @NotMyOldRedditName
          link
          English
          411 months ago

          Correct, messages aren’t E2E encrypted if the push has the data.

          If there’s any reason to preserve privacy the push only has an identifier of the message to be downloaded on the device. When it comes in, the device downloads it and then if you’ve allowed it, will show it on a notification

      • @[email protected]
        link
        fedilink
        English
        311 months ago

        Oh, got it. I turn all those off to avoid being bothered. Post mates is only on so I don’t miss it if “the driver is trying to contact” me.

        Does this apply to when I get a text or voice message on my iPhone? There is a message preview before clicking on it.

      • FiveMacs
        link
        fedilink
        English
        111 months ago

        Good thing I block/disable all of that crap and if a program does it I will just uninstall…I don’t need some shit device to tell me what to do and when to do it.

        • @PM_Your_Nudes_Please
          link
          English
          9
          edit-2
          11 months ago

          I mean, notifications are an integral part of many apps. You think people just randomly decide to open their phone app, texts, or emails, just to see if they have any unread messages or if they’re actively receiving a call? No, they wait for a notification to prompt them. Nobody is just randomly browsing through all their various apps to check for new messages.

          Saying you don’t use notifications is like saying you only turn your phone on when you’re actively making a call, then you turn it right back off again. While it may be true for you, it’s intentionally missing the point and definitely isn’t the typical use case.

          Hell, if you’re reading this comment now, it’s likely because you got a notification that I responded.

          • @I_Fart_Glitter
            link
            English
            511 months ago

            People are out here letting Lemmy comments interrupt their day?!

          • merde alors
            link
            fedilink
            English
            3
            edit-2
            11 months ago

            apart from signal (molly), all my app notifications, like the previous commenter, are off. If i open the app, i can see that you replied to me in the inbox. if i don’t open one of these apps, then i’m not interested, at that moment, in what’s happening on lemmy (or any other platform)

            some people are alright with all that nagging buzz, some find it irritating. i grew up before mobile phones, present time was pure and distractions were scarce

            that said, i find it troubling to learn that notifications too were being used to collect even more information. but, am i surprised?

            • @Spotlight7573
              link
              English
              511 months ago

              Does turning the notifications off mean that it isn’t sending these messages or is the app or OS just not displaying them?

              • Outcide
                link
                English
                311 months ago

                I think it means that notifications aren’t sent, but it’s a good question.

                • Outcide
                  link
                  English
                  111 months ago

                  Thinking this through a bit more. It’s the server (eg. Signal) that sends the push notifications to Apple/Google. So turning off notifications on your phone presumably means that that Apple/Google doesn’t send them to your device. However they are presumably still be going from the server to Apple/Google (because how would Signal know that you’ve turned notifications off on your phone)?

              • merde alors
                link
                fedilink
                English
                111 months ago

                interesting question, like others too have wrote.

                My guess is that because most apps ask explicitly for permission (after the 1st install) unless they’re permitted by the user they don’t register for the push (just a guess :/

                app makers pay for notifications, iirc (wrong?), they wouldn’t want to pay for notifications that are turned off on devices

              • merde alors
                link
                fedilink
                English
                111 months ago

                another question would be: After uninstalling google services, if you install degoogled signal and choose to connect directly to signal servers, do signal still send information to google for push?

          • FiveMacs
            link
            fedilink
            English
            111 months ago

            I check my apps daily for updates…I don’t rely on my device to tell me what to do, ever.