US Senator Ron Wyden revealed last week that “unknown governments” were collecting user data via push notifications on smartphones. Apple and Google confirmed this when contacted by Reuters. SRF Digital Editor Jürg Tschirren with the most important answers.
Jorg Cherin studied contemporary history and journalism. He has been with SRF since 2007 and reports on ICT, consumer electronics, digital distribution, social networking, data protection, computer security and gaming.
What kind of information can governments collect via push notifications on smartphones?
It is primarily about so-called metadata, that is, not the actual content of messages, but data that can reveal, for example, which application someone needs, or who sent a message to someone, or when this message was sent. In some cases, according to The Washington Post, it is also possible to collect the actual content of the payment message.
How exactly does data collection via push notifications work?
When apps send push messages to smartphone users, this happens via the operating system of the smartphone in question. For iPhones, this runs via Apple’s servers, and for Android smartphones via Google’s servers. Apple and Google know which account the corresponding smartphone belongs to and can assign push message data to the person. Authorities can then legally obtain the information through these technology companies.
What are push notifications?
A push notification is a short message that appears on the smartphone screen notifying the user that new content is available. For example, users receive a message from an SMS when another user writes to them. News portals, on the other hand, send push messages to draw attention to recently published content on their site.
The user usually has to explicitly select push messages for them to appear. It cannot be sent without the user’s consent.
Which governments use push notifications to collect data?
You can’t say that exactly. The whole matter only came to light last week when US Senator Ron Wyden called on the US Department of Justice to give Apple and Google the right to inform customers of this type of monitoring in the first place. Until now, the US Department of Justice has prohibited companies from doing so. Therefore, it can be assumed that the United States itself will use the possibility of this surveillance. The senator also said he received information from an informant that foreign governments had also begun requesting this data. However, it is not clear what these governments are.
What do the new results mean from the perspective of smartphone users?
It shows once again that we leave behind a huge data trail when we use our smartphones and that this data is usually collected centrally somewhere, as in this case at Apple or Google. And that they are available there to the authorities if they want to reach them. However, in this case it should be added that monitoring via notifications probably represents only a small part of digital monitoring options. Countries like the USA have completely different options for this. The revelations of whistleblower Edward Snowden made this clear a few years ago.
Does it make sense to deactivate notifications if I want to protect myself?
If you want to protect yourself from surveillance, you wouldn’t feel safer if you deactivate push notifications on your smartphone. Therefore, you will have to give up your smartphone completely and perhaps also many other digital services. But I don’t think push notifications are used for mass surveillance. Because it is always difficult for government agencies to obtain this data. You have to take legal action against companies like Apple or Google. There are also other, simpler ways and means of mass state surveillance.
“Typical entrepreneur. Lifelong beer expert. Hipster-friendly internet buff. Analyst. Social media enthusiast.”