Sorry, that solution doesn’t work. The API in question is designed to send push notifications. Push notifications are delivered by each platform on a best-effort basis. You simply cannot rely upon any particular push notification being delivered.
If somebody is sending a disclosure in a separate notification to the message that needs the disclosure, they are already running afoul of the law because they have no way of ensuring the disclosure is delivered.
The only way for an API like this to operate correctly is to reject invalid messages and not truncate. Silent data mangling is not acceptable.
