ICEBlock, an iOS Exclusive
John Gruber (Mastodon, Hacker News):
The ICEBlock app is interesting in and of itself (and from my tire-kicking test drive, appears to be a well-crafted and designed app), as will be Apple’s response if (when?) the Trump administration takes offense to the app’s existence. Back in 2019, kowtowing to tacit demands from China, Apple removed from the App Store an app called HKmap.live which helped pro-democracy activists in Hong Kong know the location of police and protest activity. The app broke no Hong Kong laws, but scared the thin-skinned skittish lickspittles in the Chinese Communist Party.
Apple first rejected HKmap.live, on the grounds that it “allowed users to evade law enforcement.” That seems to be pretty much what ICEBlock is meant to do, too. I don’t think there was ever a written rule about this, however. The closest I see is rule 1.4.4, which says that “Apps may only display DUI checkpoints that are published by law enforcement agencies[…].”
HKmap argued that the app could be used for evading law enforcement, but that it was really to help people “note locations” and that it wasn’t for the user to avoid police but to avoid dangerous situations caused by other people clashing with police.
I don’t like these types of arguments. You built a hammer, and it could be used to build a house or to vandalize, and there’s a certain ratio of use (assuming that could be calculated) where it becomes bannable?
Anyway, ICEBlock is saying something similar. Officially, it’s not for evading ICE but to “stay informed” and to help report “civil rights abuses.”
Apple ended up approving HKmap.live without citing why it changed its mind. Speculation at the time was that the initial reviewer was just wrong.
But then, a few weeks later, Apple removed HKmap.live from the App Store, saying that it had “endangered law enforcement and residents.” Again, this is a terrible place to be as a developer: it’s not enough to follow the local laws and the written guidelines from Apple, but your app’s fate hinges on whether Apple determines that it endangers people? Of course, there was no attempt to balance this against the number of people it protected. But the real reason was probably political pressure, anyway.
It will be interesting to see what Apple does here. Presumably, if Congress or certain states passed a targeted law—e.g. radar detectors are commonly restricted and outright illegal in Virginia and DC—Apple would follow it. But so far all I’ve seen are vague claims from the administration that the app is already illegal—I guess on the grounds that it constitutes abetting/harboring—and it’s unclear how much Apple has been pressured.
One defense from Apple regarding HKmap.live, however, was that the iOS app was a thin wrapper around the website, and website remained fully functional and could be saved to an iPhone user’s home screen.
This always seemed to me like a legal case decided on a procedural issue to avoid ruling on the merits.
To deliver push notifications on Android, the developers claim they would need to maintain a database of device IDs, create a user account system to manage those device IDs, and all of that server-stored data would be susceptible to law enforcement subpoenas and pro-ICE red hat hackers. […] Only iOS supports the security and privacy features for ICEBlock to offer what it does, the way it does.
But doesn’t the database still exist with iOS, and it could just be subpoenaed from Apple? Apple doesn’t want to break the security of its own devices, but it’s always cooperated with law enforcement to share cloud data that it does have.
Previously:
- Apple in China
- Apple Removes Messaging Apps From Chinese App Store
- AirDrop “Everyone” Limit in China
- HKmap Live Removed From the App Store
- HKmap Live Rejected From the App Store
- Apple Pulls VPN Apps From China App Store
- Apple Removes New York Times Apps From Chinese App Store
Update (2025-07-28): Dominic Preston (via Bruce Schneier):
The developer of ICEBlock, an iOS app for anonymously reporting sightings of US Immigration and Customs Enforcement (ICE) officials, promises that it “ensures user privacy by storing no personal data.” But that claim has come under scrutiny. ICEBlock creator Joshua Aaron has been accused of making false promises regarding user anonymity and privacy, being “misguided” about the privacy offered by iOS, and of being an Apple fanboy. The issue isn’t what ICEBlock stores. It’s about what it could accidentally reveal through its tight integration with iOS.
[…]
The developers of GrapheneOS, an open-source, privacy-focused take on Android, took to BlueSky to accuse ICEBlock of “spreading misinformation about Android” by describing it as less private than iOS. The developers said that ICEBlock ignores data kept by Apple itself and claims it “provides complete anonymity when it doesn’t.”
[…]
Apple maintains a database of which devices and accounts have installed a given app, and Carlos Anso from GrapheneOS told me that it likely also tracks device registrations for push notifications. For either ICEBlock’s iOS app or a hypothetical Android app, law enforcement could demand information directly from the company, cutting ICEBlock out of the loop.
As far as we know, ICEBlock is as private as possible while still enabling push notifications, and a hypothetical Android version couldn’t be as private. But that privacy does depend on trust in Apple.
21 Comments RSS · Twitter · Mastodon
This is the biggest problem with Apple's AppStore: it can be used as a way to suppress freedom.
For example, could you imagine the outcome for PGP had Zimmerman's software been limited to the App Store model?
Apple always prohibited apps that let you know where DUI checkpoints are. As far as I know I they were not compelled by law enforcement to have that policy (I could be wrong about that though but I believe there are DUI checkpoint finder websites out there). This is kind of the same thing?
The name of the app is ice block. "Block" is in the title. it's clear that the target audience is people trying to evade law enforcement. Regardless of anyone's stance as it relates to the illegal immigration debate I don't think anyone is using the "ICEBlock" app just to know where ICE is, just to jot it down.
Would this even be an argument if there was a CopBlock app where people could report the location of police officers, particularly useful for gang members to avoid the police in inner cities?
I mean whether the app's existence is illegal? Probably not but what do I know about the law? Its presence in the App Store does imply Apple's endorsement, somewhat. So that's a problem for Apple. They've removed apps that are far less controversial than this.
>This is the biggest problem with Apple's AppStore: it can be used as a way to suppress freedom.
By locking down the platform and making everything go through the App Store they put themselves in the middle of political arguments they otherwise would avoid. So yea. They don't want to piss off "Daddy Trump" and they also don't want to piss off liberal tech people like Gruber.
> Would this even be an argument if there was a CopBlock app where people could report the location of police officers, particularly useful for gang members to avoid the police in inner cities?
Or for people who want to target said cops or ICE officers with violence.
> But doesn’t the database still exist with iOS, and it could just be subpoenaed from Apple?
Yes. Someone has to know who the push notification is going to and for iOS I have to assume it's Apple. iOS is "privacy-preserving" in the sense that it hides your identity from the notifier, but the threat here is the government, not the developers of ICEBlock.
I'm not deeply familiar with the tech, but this seems like the problem that Tor was designed to solve. It seems likely to me that it would be easier to integrate Tor-based notifications into Android than iOS for a bunch of reasons.
A bit confused about why this was even developed as an iOS app in the first place. Surely this would make more sense on the web?
@Tom: I mean, supporting people targeting law enforcement officers, or helping people evade those officers, while they are performing their lawful duties is certainly a choice.
There’s a misapprehension here. The app tracks folks wearing masks and not identifying as law enforcement personnel. Surely if any legitimate government employee is accidentally tracked in the app they can present a photo ID and be removed.
"helping people evade those officers, while they are performing their lawful duties is certainly a choice."
You'd make the exact opposite argument under different circumstances.
@pirijan why indeed.
Apparently because Apple has successfully brainwashed the world and made everyone forget that the web exists
And yeah Apple does put itself in the middle of everything politically by choosing to be the only way to distribute software on iOS. Again, a choice they made and continue to make, not just something that happened to them they are forced to deal with.
> Goverment exists to protect its borders.
Partially yes. Just to add America has one of the most welcoming legal immigration policies in the entire world. Try immigrating to Japan or Australia. Good look with that
Any country that doesn't defend its borders both literally and metaphorically doesn't remain a country for long. That's not a political statement, just a historical fact.
There literally are countries right now that do not defend their borders and yet remain. But really, that is beside the point. What strikes me about this conversation is how cowardly the comments are.
You write about "law enforcement performing their lawful duties" and say stuff like "Goverment exists to protect its borders" as if that was what any of this was about. It's not. This is about the government taking brown people off the streets and putting them in concentration camps. That is what you are arguing for, not "protecting borders" or "lawful duties." But you're too craven to say it, so you have to make proxy arguments about "protecting borders."
If you're so ashamed of your own opinion that you can't even plainly state it, change your opinion.
Government exists to enforce all of its laws, border laws included. There aren't many (any?) major countries that allow you to just move in, no questions asked. There are nations that have agreements to allow travel in both directions because they have decided it is of mutual benefit (for ex: Uk and Ireland).
When you break certain laws you can end up getting yourself detained, jailed, imprisoned, whatever you want to call it.
Being "brown" isn't a requirement for getting detained by ICE. Being in the country illegally is. I don't think it is accurate at all to describe someone being detained for breaking the law, as being put in a concentration camp.
@Nick M
The push notification can be a local notification, so no data trail.
If I were building this, there’d be a big core data database that everyone has a copy of and syncs live via push.
Mirroring a Core Data store with CloudKit
And
Mirroring a Core Data store with CloudKit
The app compares user’s location with data in the local database, and displays a *local* (not push) notification if some ICE activity is nearby.
https://developer.apple.com/documentation/UserNotifications/UNNotificationRequest
Submissions would go through a forgetful proxy / remixer before going into the database.
This way, Apple doesn’t know who is being notified, who submits what, and doesn’t know who is seeing annything. It only knows who downloaded it, and since there’s nothing illegal about downloading it (or reporting ICE sightings), I think users are pretty safe.
> It only knows who downloaded it, and since there’s nothing illegal about downloading it (or reporting ICE sightings), I think users are pretty safe.
It's not about the legality of using the app. If the gov't can identify who is listening for these notifications. A high percentage of these people are likely in the country illegally. Who else would ever use this? Check the names of the device owners, flag the ones who are here illegally, find and deport them. The app will essentially end up doing exactly the opposite of what it says it's trying to do.
>The push notification can be a local notification, so no data trail.
I don't think using local notifications causes there to be no data trail. I have a CloudKit app. I use local notifications in response to CloudKit pushes (CKSubscription something something). But isn't the push stuff with the device ids just being handled on Apple's end in the CloudKit framework? It doesn't matter that I use a local notification to display the banner for my own convenience. So it's still kind of the same issue?
@pirijan
It would've made even more sense had it been not that blatant both in its name and stated purpose. Something more subtle, like an app that notifies about traffic jams, best discounts in local stores, whatever.
Regarding 'gangs would use', they prolly do already in group chats on whatever common messenger that is out there.
Good article summarizing the issues with ICEBlock:
https://micahflee.com/unfortunately-the-iceblock-app-is-activism-theater/
