• @ItsComplicated@sh.itjust.works
    link
    fedilink
    English
    711 months ago

    Would it be possible for Apple to just encrypt this data or, not keep this data? Then there would be nothing to give law enforcement or government. (Forgive my ignorance, I have no idea how all this works.)

    • kirklennon
      link
      fedilink
      511 months ago

      The developer of the app sends the push notification through Apple’s service. Developers have always been able to encrypt it, at which point it can be decrypted only by their app, but not all developers do this. There’s also still limited metadata about the fact that a notification was sent, even if the contents are encrypted.

      • @ItsComplicated@sh.itjust.works
        link
        fedilink
        English
        211 months ago

        Would it not make more sense to remove metadata and not even collect it? Maybe have an encrypted protocol for push notifications all developers use regardless of the app?

        • skulblaka
          link
          fedilink
          511 months ago

          Your phone has to be informed somehow, from the internet, that it has data to present as a notification. The fact that you got a notification at 3:32 and then again at 3:35 is trackable data, pretty much no matter what anyone does with it, encrypted or not. Doubly so if someone has MITM attacked your data stream. They may not know what the notification contains or even what app it was sent to, but the act of transmitting and then receiving this data packet over cell network or internet is a trackable event. And I don’t really know what Apple could even do about that beyond attempting to build Internet 2 solely for the purposes of keeping the cops out of it, which is unlikely at best.

        • 𝒍𝒆𝒎𝒂𝒏𝒏
          link
          English
          2
          edit-2
          11 months ago

          Honestly I think developers should just use push notifications to tell the app to directly fetch the notification contents from their server, rather than sending the contents of the notification using push, where it is stored by Apple/Google.

          Or do what Element and Syncthing do, which is bypass that entire Google push infrastructure (FCM, formerly GCM?) and connect directly to their own ones instead - at the expense of some additional battery consumption, particularly when there’s poor cell service. Due to iOS restrictions on background apps, this probably isn’t possible on that platform?

          Edit: add clarification

        • Avanera
          link
          fedilink
          211 months ago

          Because protecting user privacy is not a priority.

        • kirklennon
          link
          fedilink
          2
          edit-2
          11 months ago

          Why not chuck the data when it’s no longer being used, though?

          They do. Apple is sending literally trillions of push notifications per year and certainly doesn’t want to save them longer than necessary (a useless expense), but the government can also ask that information for a targeted user be retained, going forward from the request, even though it would normally be purged.

    • gregorum
      link
      fedilink
      English
      1
      edit-2
      11 months ago

      It’s possible that they could encrypt and anonymize this data with yet another set of tokenization, but that would be quite an effort on their part. As for not keeping the data, the metadata, itself, it’s necessary in order to coordinate the sending and delivery of push notifications between apps, services, and your devices. It needs to exist.