Last week, concerns were raised about governments spying on smartphone users via push notifications on both iOS and Android devices. In response to this, Apple has updated its Legal Process Guidelines.
In a statement, Apple mentioned that US Senator Ron Wyden’s concerns prompted them to share more details on how governments monitored push notifications. They mentioned that the federal government previously prohibited them from sharing any information, but now they are updating their transparency reporting to detail these kinds of requests.
When users allow an application they have installed to receive push notifications, an Apple Push Notification Service (APNs) token is generated and registered to that developer and device. Some apps may have multiple APNs tokens for one account on one device to differentiate between messages and multi-media. The Apple ID associated with a registered APNs token and associated records may be obtained with an order under 18 U.S.C. 2703(d) or a search warrant.
Previously, the section read the push notification token could be obtained with “a subpoena or greater legal process.” Stepping up to requiring a search warrant is a significant change and reflects the same requirements provided by Google.
