• @GenderNeutralBro
    7 months ago

    Apple would be able (and perhaps required?) to provide the decrypted data. TLS is not end-to-end encryption; it’s just server-to-client. It’s useful to prevent MITM wiretapping but it is NOT useful to prevent server-side spying.

    The article quotes Apple as saying they can update their transparency report now that this is public. Doesn’t look like they have data for 2023 yet at https://www.apple.com/legal/transparency/

    I’d think Apple could make push notification content end-to-end encrypted if they so desired, but I don’t know how they could avoid having access to the vendor and user at minimum for the sake of validation and delivery.