• kirklennon@kbin.social
    link
    fedilink
    arrow-up
    287
    arrow-down
    11
    ·
    edit-2
    1 year ago

    This headline is ridiculous; I expect better from Ars Technica. You “admit” to things you shouldn’t have done. In this case the government compelled Apple to disclose certain data and simultaneously prohibited Apple from disclosing the disclosure. Thanks to a senator’s letter, Apple is now free to disclose something that they previously wanted to disclose, about something they were forced to do in the first place.

    Compare to the Reuters headline: “Governments spying on Apple, Google users through push notifications - US senator.” The emphasis and agency are correctly placed on the bad actors.

    • linearchaos@lemmy.world
      link
      fedilink
      English
      arrow-up
      31
      ·
      1 year ago

      yeah, it looks like most of the other new agencies are attributing it correctly as the government. IMO it’s the damn gag order that’s most damning. You will spy on them for us and tell no-one.

    • ᗪᗩᗰᑎ@lemmy.ml
      link
      fedilink
      English
      arrow-up
      23
      ·
      1 year ago

      To be fair Google was already making this information public via their transparency reports, albeit in aggregate, since 2010 [0].

      “Google’s transparency report, Ars confirmed, already documents requests for push notification data in aggregated data of all government requests for user information.”

      Apple conveniently played it safe until the coast was clear. Maybe they’d have been allowed to comment on this privacy issue if they published it in aggregate like Google - e.g. not specifically calling out the U.S. Govt? But that wasn’t a risk Apple was willing to take for its users.

      [0] https://en.wikipedia.org/wiki/Transparency_report

    • sramder@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      ·
      edit-2
      1 year ago

      I actually scrolled straight to the bottom of the article to see if it was flagged as being “republished from another Condé Nast property.” Just hoping there was an excuse for Ars.

    • Deconceptualist@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      A letter from a senator doesn’t carry much legal force. From my understanding of the article, Apple claims they were prohibited from sharing this information, but a simple letter couldn’t overturn something like a legal order or court mandate. The change here doesn’t support the claim.

      It reads more like Apple chose not to disclose in order to avoid the ire of the DOJ, even though it would have been morally more correct to tell the public sooner.

  • NocturnalMorning@lemmy.world
    link
    fedilink
    English
    arrow-up
    41
    ·
    1 year ago

    How are we not suing the ever living shit out of the government for violating peoples 4th ammendment rights? This is a gross violation of the unreasonable search and seizure clause in the constitution.

    • Spotlight7573@lemmy.world
      link
      fedilink
      English
      arrow-up
      22
      ·
      1 year ago

      Third party doctrine for one: the data held by third parties has no expectation of privacy, even if it’s about you.

      From Wikipedia:

      The third-party doctrine is a United States legal doctrine that holds that people who voluntarily give information to third parties—such as banks, phone companies, internet service providers (ISPs), and e-mail servers—have “no reasonable expectation of privacy” in that information. A lack of privacy protection allows the United States government to obtain information from third parties without a legal warrant and without otherwise complying with the Fourth Amendment prohibition against search and seizure without probable cause and a judicial search warrant.

      Basically the government’s argument: if you wanted it to remain private, you wouldn’t have given it to someone else.

      I’m reality, it’s an area of law that desperately needs to be updated.

      • NocturnalMorning@lemmy.world
        link
        fedilink
        English
        arrow-up
        15
        ·
        1 year ago

        The problem is that you almost can’t function in modern society without having a phone. So their argument is in bad faith, and really should be checked.

        • thecrotch@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          The same EU that’s desperately trying to ban end to end encryption and dictate which certification authorities browsers have to support so they can spy on you better?

    • reddig33@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      It will take someone being brought in on evidence gathered by this method to get it overturned. It would probably wind its way up to the Supreme Court.

      • AeroLemming@lemm.ee
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        And of course, the things they’ll be looking for with this will be things that are settled with two bullets to the back of the head and a suicide ruling.

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    1
    ·
    1 year ago

    This is the best summary I could come up with:


    Governments have been secretly tracking the app activity of an unknown number of people using Apple and Google smartphones, US Senator Ron Wyden (D-Ore.) revealed today.

    According to Wyden, many app users do not realize that these instant alerts “aren’t sent directly from the app provider to users’ smartphones” but instead “pass through a kind of digital post office run by the phone’s operating system provider” to “ensure timely and efficient delivery of notifications.”

    Wyden said his office spent the past year investigating a “tip” received in spring 2022 claiming that “government agencies in foreign countries were demanding smartphone ‘push’ notification records from Google and Apple.”

    Ars verified that Apple’s law enforcement guidelines now notes that push notification records “may be obtained with a subpoena or greater legal process.”

    It’s unclear if either Apple or Google plans to provide any standalone reporting documenting all past requests for push notification data.

    Wyden declined to comment further but wrote in his letter that he is pushing the DOJ to not just end the secrecy but also require even more transparency about these secretive requests.


    The original article contains 694 words, the summary contains 182 words. Saved 74%. I’m a bot and I’m open source!

  • MarmaladeMermaid@lemm.ee
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    8
    ·
    1 year ago

    The only push notifications I get are from post mates.

    What other, more sensitive information would they be collecting this way?

    • PM_Your_Nudes_Please@lemmy.world
      link
      fedilink
      English
      arrow-up
      12
      ·
      1 year ago

      Pretty much any app that has message details in the notification. For instance, if I get a comment response on Lemmy, my app sends a push notification. If that notification contains details about the message, the government would supposedly be able to read that data.

      Secure messaging apps have moved away from including message info specifically for this reason. For instance, Signal only sends a notification that you received a message. The push notification doesn’t say who the message was from, or what the message said.

      But when Snapchat tells you that a specific friend is typing/has sent a message, the government could conceivably see that and connect you to that person. Maybe not a huge deal if it’s just a friend with nothing to hide. But we all know that “you have nothing to hide so you have nothing to fear” is a horrible excuse. Because it could land you on a list if that friend is a dealer, or becomes radicalized in the future, or has family who has ties to illegal activity, or any number of other things that the government may want to start watching them for.

      • brbposting@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        …Signal only sends a notification that you received a message.

        Signal on iOS shows previews by default. It even reads messages over AirPods as they come in.

        iOS must be doing something special here, right? They can’t be sending message contents through the same route as push notification metadata, or it would be breaking end-to-end encryption… right?

        • NotMyOldRedditName@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          Correct, messages aren’t E2E encrypted if the push has the data.

          If there’s any reason to preserve privacy the push only has an identifier of the message to be downloaded on the device. When it comes in, the device downloads it and then if you’ve allowed it, will show it on a notification

      • MarmaladeMermaid@lemm.ee
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Oh, got it. I turn all those off to avoid being bothered. Post mates is only on so I don’t miss it if “the driver is trying to contact” me.

        Does this apply to when I get a text or voice message on my iPhone? There is a message preview before clicking on it.

      • FiveMacs@lemmy.ca
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        3
        ·
        1 year ago

        Good thing I block/disable all of that crap and if a program does it I will just uninstall…I don’t need some shit device to tell me what to do and when to do it.

        • PM_Your_Nudes_Please@lemmy.world
          link
          fedilink
          English
          arrow-up
          10
          arrow-down
          1
          ·
          edit-2
          1 year ago

          I mean, notifications are an integral part of many apps. You think people just randomly decide to open their phone app, texts, or emails, just to see if they have any unread messages or if they’re actively receiving a call? No, they wait for a notification to prompt them. Nobody is just randomly browsing through all their various apps to check for new messages.

          Saying you don’t use notifications is like saying you only turn your phone on when you’re actively making a call, then you turn it right back off again. While it may be true for you, it’s intentionally missing the point and definitely isn’t the typical use case.

          Hell, if you’re reading this comment now, it’s likely because you got a notification that I responded.

          • merde alors@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            1 year ago

            apart from signal (molly), all my app notifications, like the previous commenter, are off. If i open the app, i can see that you replied to me in the inbox. if i don’t open one of these apps, then i’m not interested, at that moment, in what’s happening on lemmy (or any other platform)

            some people are alright with all that nagging buzz, some find it irritating. i grew up before mobile phones, present time was pure and distractions were scarce

            that said, i find it troubling to learn that notifications too were being used to collect even more information. but, am i surprised?

            • Spotlight7573@lemmy.world
              link
              fedilink
              English
              arrow-up
              5
              ·
              1 year ago

              Does turning the notifications off mean that it isn’t sending these messages or is the app or OS just not displaying them?

                • Outcide@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  Thinking this through a bit more. It’s the server (eg. Signal) that sends the push notifications to Apple/Google. So turning off notifications on your phone presumably means that that Apple/Google doesn’t send them to your device. However they are presumably still be going from the server to Apple/Google (because how would Signal know that you’ve turned notifications off on your phone)?

              • merde alors@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                1
                ·
                1 year ago

                interesting question, like others too have wrote.

                My guess is that because most apps ask explicitly for permission (after the 1st install) unless they’re permitted by the user they don’t register for the push (just a guess :/

                app makers pay for notifications, iirc (wrong?), they wouldn’t want to pay for notifications that are turned off on devices

              • merde alors@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                1
                ·
                1 year ago

                another question would be: After uninstalling google services, if you install degoogled signal and choose to connect directly to signal servers, do signal still send information to google for push?

          • FiveMacs@lemmy.ca
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            I check my apps daily for updates…I don’t rely on my device to tell me what to do, ever.

  • Pratai@lemmy.ca
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    15
    ·
    edit-2
    1 year ago

    lol…. No they didn’t. Ars Technica is now among the untrusted/unreliable sources in my book. Bummer, because I used to respect them.

      • Pratai@lemmy.ca
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        11
        ·
        1 year ago

        It’s more than just one. It’s a trend. And I couldn’t care less what you do “in my presence.” You’re a random person on the internet trying to make a pointless point for no purpose other than to stir a pot.