Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Push notifications. Show all posts

Apple’s Push Notification Data Used to Investigate Capitol Rioters; Apple Sets Higher Legal bar


When it initially came to light that governments globally demanded push notification data from Apple and Google, suspicion mounted that the US government was doing the same. This has now been confirmed, with one use of it being the monitoring the Capitol riots, that will take place on January 6.

Previously, Apple was prohibited from disclosing that it was receiving legal demands for the information. However, now that it is permitted to do so, it has also raised the standard for compliance.

What is This All About? 

Last week, it was revealed that legal demands were being made to Apple and Google to provide details of the notifications that were sent to persons of interest in the legal investigations. While both companies were meeting the demands, they were not allowed to disclose that it was actually happening. 

The facts were then made public through an open letter by a senator. 

Push notifications can still disclose a lot of information, even though they prevent third parties from seeing the content of end-to-end encrypted conversations, such as those sent over iMessage.

Consider, for instance, a message exchange between a Chinese whistleblower and a US journalist exposing violations of human rights. The push data indicates that the source and journalist had a lengthy back-and-forth conversation yesterday, and a report on the abuses was released today. 

Apple swiftly verified the allegation and added these events to its transparency reporting once the open letter released them from legal constraints on publicizing the practice.

Push Notification Data Used by US Law Enforcement 

Although "foreign" countries were mentioned in the open letter, it was widely assumed that US law enforcement was also requesting the same information. The Washington Post has reported that the data aided in the investigation of Capitol riots, among other incidents, confirming this.

Apple Sets Higher Legal Bar 

Google held these demands to a higher legal standard than Apple did.

Apple provided the push notification data on the basis of a subpoena, whereas Google needed a court order to do so. Law enforcement agencies can issue subpoenas without judicial oversight; that is, they can demand data on their own, based only on their own determination that it is necessary. In contrast, a court order necessitates that a judge evaluate and accept the demand after reviewing the supporting documentation.

Apple has amended its instructions for law enforcement organizations to clarify that in order to obtain push notification data, a judge must approve a court order or search warrant.