Foreign governments may be spying on smartphone use, and now Sen. Ron Wyden’s office is pushing Apple and Google to reveal exactly how it’s happening. Push notifications from apps can be sent by companies to government services if they are asked to do so. But the Justice Department doesn’t seem to be allowing companies to talk openly about the practice.

Push notifications don’t actually come directly from the app. Instead, they go through a smartphone platform provider, such as Apple for iPhone or Google for Android, to deliver the message to the screen. This created covert government surveillance capabilities.

“Because Apple and Google provide push notification data, governments can surreptitiously compel them to share this information,” Wyden wrote in the letter.

Apple claims it was not allowed to reveal the truth about the process, so Wyden’s letter takes direct aim at the Justice Department.

“In this case, the federal government prohibited us from sharing any information, and now that this method is publicly available, we are updating our transparency reporting to detail such requests,” Apple said in a statement.

Apple’s next transparency report will include requests for push notification tokens, the company said.

Specifically, Wyden is asking the Justice Department to allow Apple and Google to notify customers and the general public of requests for these app message records.

Google said it shares the senator’s desire to inform users about these requests.

Application developers have no way to prevent data transmission. If an app sends push notifications, it must use Apple’s or Google’s system to do so. In theory, this means that users’ private messages could be handed over to a foreign government when they receive any push notification from the app. This also includes any metadata about the message, such as account information.

Source: Engadget