The Centre has ordered an investigation into the alert issued by Apple that warned several leaders of opposition parties about a potential state-sponsored snooping into their iPhones.
“The Government of Bharat takes its role of protecting the privacy and security of all citizens very seriously and will investigate to get to the bottom of these notifications. In light of such information and widespread speculation, we have also asked Apple to join the investigation with real, accurate information on the alleged State-sponsored attacks,” Ashwini Vaishnaw, Minister for Telecommunications and Information Technology, said, adding that the Indian Computer Emergency Response Team has been entrusted with the investigations.
Opposition’s attack
This came after several political leaders, including Congress’ Shashi Tharoor, Aam Aadmi Party’s Raghav Chadha, Shiv Sena’s Priyanka Chaturvedi, and Trinamool Congress’ Mahua Moitra, claimed that they received an alert from Apple that stated that the State-sponsored attacker may be able to remotely access sensitive data, communications, or even the camera and microphone of their iPhones.
The opposition leaders launched a scathing attack on the Centre, seeking clarity on the alert issued by Apple. Chaturvedi wrote to the Prime Minister, calling for an urgent inquiry. “As an Indian citizen, before being a Member of Parliament, I believe it is a violation of my fundamental rights. As a vocal critic of certain government activities, I am deeply troubled by these alerts. This raises serious questions about our agencies targeting the opposition.”
Countering the opposition charge, BJP leader Ravi Shankar Prasad said instead of levelling allegations against the government, the opposition leaders should take up the matter with Apple and lodge an FIR.
The political storm prompted Apple to issue a statement saying that it “does not attribute the threat notifications to any specific state-sponsored attacker.”
Apple’s explanation
The iPhone maker explained that State-sponsored attackers are very well-funded and sophisticated, and their attacks evolve over time. “Detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete. It’s possible that some Apple threat notifications may be false alarms or that some attacks are not detected. We are unable to provide information about what causes us to issue threat notifications, as that may help state-sponsored attackers adapt their behaviour to evade detection in the future.”
While Apple has sent similar alerts to users in 150 countries over the last 2 years, experts said that India’s case raises suspicion because opposition party leaders have been targeted. Lloyd Mathias, an angel investor and business strategist, said Apple should put out the name of the State sponsor behind the attack. “A warning of a general attempt to compromise one’s phone and what action needs to be taken is fine. Calling it a ’State-sponsored’ attack without clarity is baloney and about as meaningful as a ‘credible allegation’! Time to clear the air,” he said.
Internet activists raised concerns over the frequent leakage of information and questioned the safety of digital public infrastructure.
“Yesterday, personal data (Aadhaar, passport details, names, phone numbers, and addresses) of 81.5 crore Indians was leaked. Later at night, Apple sent threat notifications of State-sponsored attacks to opposition MPs. Meanwhile, there is a continuing five-month internet shutdown in Manipur. At all levels of governance, there is incompetence, threat, and bluster,” ApartGupta, an advocate and founder director of the Internet Freedom Foundation, posted on X.