“App developers can encrypt these messages when they’re stored (in transit they’re protected by TLS) but the associated metadata – the app receiving the notification, the time stamp, and network details – is not encrypted.”
“App developers can encrypt these messages when they’re stored (in transit they’re protected by TLS) but the associated metadata – the app receiving the notification, the time stamp, and network details – is not encrypted.”
How is getting a push notification any better at tracking someone than the actual gps and tower data that their phone is CONSTANTLY sending out to their cell providers?
Seems really overblown, like most people hearing this assume it’s including contents of the notifications but it doesn’t, and if law enforcement wants to put a suspect at a crime scene, they can just get the data from T-Mobile, if it gets to the point they’re asking Google or Apple for info, id be much more concerned about all the data and emails stored on the cloud, which they already have no problems giving out.
Am I missing something? What can law enforcement gain from push notification data that they can’t get with data from the cell provider already or the wealth of other data collected by Gmail, maps, Uber, etc, which is way more useful than anything a push notification would contain.
Not defending the practice of course, I don’t get push notifications because I don’t have Google apps installed on my grapheneOS phone, but I’m pretty sure T-Mobile knows my location just as well.
I think the whole thing is that it’s a class of data that has very few privacy protections on it and is therefore more easily accessible by assholes