Apple Redefines Notification Strategy, Opts Not to Use ‘State-Sponsored’ Label

Apple, a leading tech company, has made a significant change by removing the term “state-sponsored” from its threat notification policy. The update was announced on April 10 through a support page, informing users of the upcoming modification. This change was highlighted when Apple issued a warning to users in India and 91 other countries on April 11 regarding a potential “mercenary spyware attack”.

Related: Google CEO Sundar Pichai Apologizes for Gemini AI Blunders, Pledges Remedial Measures

Apple has updated its alerts to use a new phrase instead of “state-sponsored” when referring to malware attacks. The company stated on its support page that historically, individually targeted attacks of high cost and complexity have been linked to state actors. These attacks, often aimed at journalists, activists, politicians, and diplomats, are ongoing and global in nature.

This incident occurred following the confrontation between the company and the Indian government last year. The technology giant had issued a series of warnings to opposition leaders, alerting them of potential “state-sponsored” attacks.

According to a source speaking to Reuters, the decision to remove the term came after continuous pressure from the Indian government regarding the connection of such breaches to state actors. As outlined in the report, Apple engaged in thorough discussions with Indian officials prior to issuing the latest alerts.

This story takes us back to October of last year, when numerous opposition leaders reported receiving alerts from Apple cautioning them about state-sponsored attackers attempting to remotely compromise their iPhones. They also accused the government of being involved in hacking activities.

The leaders affected by this incident included Mallikarjun Kharge, the Chief of Congress, Shashi Tharoor from Congress, Priyanka Chaturvedi from Shiv Sena (UBT faction), Raghav Chadha from AAP, Sitaram Yechury from Communist Party of India (Marxist), and others.

Following this, the Centre denied the allegations of snooping, and the Ministry of Electronics and Information Technology (MeitY) issued a notice to Apple regarding the contentious threat notifications.

Recently, Rajeev Chandrasekhar, the Minister of State for IT, mentioned that the government had received unclear responses from Apple regarding questions about notifications. According to him, it’s understandable that any company, especially one with a proprietary platform like Apple, may not readily admit to vulnerabilities in their system. Chandrasekhar emphasized that it’s natural for platforms to be hesitant about acknowledging vulnerabilities. The government’s query was straightforward: is the iPhone vulnerable? However, Chandrasekhar noted that the response wasn’t straightforward either. It is noteworthy that the smartphone manufacturer has reportedly sent threat notifications to its users in almost 150 countries since the feature was activated in late 2021.

In response to security concerns, Apple removed “state-sponsored” from its threat notifications, opting for a new term amidst a potential “mercenary spyware attack” warning. Pressure from the Indian government played a role, triggering thorough discussions with officials. Earlier, opposition leaders in India received alerts about potential state-sponsored attacks, sparking allegations and inquiries into Apple’s unclear responses. This development sheds light on the complexity of tech security interactions between corporations and governments, influencing global threat notification strategies, like those deployed in nearly 150 countries since late 2021.