In a significant shift in cybersecurity response strategy, Apple has established a formal partnership with the nonprofit organization Access Now to handle spyware threats targeting iPhone users. This collaboration came to light following recent incidents, including one involving U.S. Vice President Kamala Harris’s campaign team, where Apple directed potential spyware victims to the nonprofit’s Digital Security Helpline rather than conducting internal investigations.
Access Now’s Digital Security Helpline has emerged as a crucial resource in the fight against sophisticated spyware attacks, handling over 4,300 cases in 2024 alone. The organization’s team of more than 30 specialists provides comprehensive support to civil society members who suspect they’ve been targeted by state-sponsored surveillance.
“These notifications have been a game changer for spyware accountability research,” says John Scott-Railton, a senior researcher at the Citizen Lab. “When I look back over the past few years, I see so many of the most important cases that we know about — Poland, Thailand, so many others — began with an Apple notification.”
Since 2021, Apple has issued threat notifications in over 150 countries, warning users of potential mercenary spyware targeting. The company’s approach includes recommending specific security measures, such as enabling Lockdown Mode, which Apple claims has successfully prevented spyware infections in all known cases where it was activated.
However, some experts argue that Apple could do more. “Apple could write more detailed reports and file more lawsuits. These are the things that take massive amounts of money NGOs don’t have and telemetry NGOs don’t have,” says Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation.
The collaboration between Apple and Access Now represents a broader trend in how tech companies address sophisticated cyber threats. While some critics view Apple’s approach as delegating responsibility, security experts generally support this model. Runa Sandvik, who runs the digital security consultancy Granitt, argues that keeping forensic investigations separate from tech companies is beneficial: “Big tech companies don’t want to get into the business of doing forensics on people’s devices or accounts. I think that should remain separate.”
Apple spokesperson Nadine Haija emphasizes that “the vast majority of users will never be the victims of such attacks,” but the company “sympathizes deeply with the small number of users who are and continues to work tirelessly to protect them.”
This partnership marks a significant evolution in corporate cybersecurity response, potentially setting a precedent for how other tech companies might handle similar threats in the future. As state-sponsored spyware becomes increasingly sophisticated, the collaboration between tech giants and specialized nonprofit organizations may become crucial in protecting vulnerable users worldwide