Governments Spying on Apple and Google Users, Says Senator

Written by

A senior US lawmaker has written to the attorney general requesting that the Department of Justice (DoJ) allows Apple and Google to publicly disclose details of secret government data requests.

Senator Ron Wyden, who sits on the Senate Intelligence Committee, revealed in his letter to Merrick Garland that these push notification access requests have so far been kept hidden due to DoJ rules, but that his staff have been investigating the practice over the past year.

As the gatekeepers of push notifications from apps to their users, Apple and Google ensure the “timely and efficient” delivery of such messages, Wyden said. But it also means they can be secretly compelled by foreign governments to reveal that information.

“Consequently, Apple and Google are in a unique position to facilitate government surveillance of how users are using particular apps,” Wyden added.

“The data these two companies receive includes metadata, detailing which app received a notification and when, as well as the phone and associated Apple or Google account to which that notification was intended to be delivered. In certain instances, they also might also receive unencrypted content, which could range from backend directives for the app to the actual text displayed to a user in an app notification.”

Read more on government data requests: Tech Giants Suspend Hong Kong Co-Operation Following Security Law

Unlike other data access requests made by governments of US tech companies, the demands for push notification information have so far been kept a secret, leaving potential victims of state surveillance in the dark.

“These companies should be permitted to generally reveal whether they have been compelled to facilitate this surveillance practice, to publish aggregate statistics about the number of demands they receive, and unless temporarily gagged by a court, to notify specific customers about demands for their data,” Wyden concluded.

“I would ask that the DoJ repeal or modify any policies that impede this transparency.”

What’s hot on Infosecurity Magazine?