Archives

Apple’s Tracking Concerns: Location Database on the iPhone & 3G iPad

In the last month or so, anyone with an interest in data privacy issues has been aware of the string of disturbing data breaches that have made headlines. Apple product users have certainly been following developments since the company’s data collection practices surfaced in April 2011.

Apple’s Location Database

It’s common knowledge that Apple’s iPhones and 3G-enabled iPads have been keeping track of their users’ location data. While Apple has publicly acknowledged that its iOS devices send location data back to the company, researchers have also revealed that the devices can record the history of the users’ movements for a year or more. Researchers found that Apple devices have been storing the location data in an unencrypted database, which was then backed up onto whatever computer the iPhone or iPad was syncing to.

This raised concerns, especially as this location database has been accessible to law enforcement and computer forensics communities as of last year. These communities have been using the database to gather evidence on individuals’ movements.

In response to the collection, there was understandable outrage over privacy violations. To many, it seemed unclear if users had agreed to this collection. Others also wondered where the information was ultimately being stored, how it was being used and why it hadn’t been protected better.

Other reactions were more positive. Many rushed to download the iPhone Tracker, an open-source app that maps the location data being collected by users’ devices. Such users seemed unconcerned about the potential invasion of privacy, instead wanting to share their personal information with other users.

Not really a surprise?

Privacy concerns about Apple’s products are not new. Last June, Congress took the opportunity to question Apple CEO Steve Jobs over the company’s privacy policy and the collection of personal information. This was in response to Apple’s updated privacy policy, which stated that their devices will collect location data and share the data with third parties. The text read:

To provide location-based services on Apple products, Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services.

Proponents of location-based apps argue that such data can have legitimate uses and don’t necessarily have to be privacy-sensitive, if the information is anonymized properly. For instance, location data can be filtered to provide traffic data for navigation apps and to map Wi-Fi access points, in order to facilitate quick location fixes.

The case for collection…

In a recent interview given at the end of April 2011, Apple CEO Steve Jobs said the iPhone database that had many consumers up in arms was actually a piece of a global crowdsourced database that Apple uses to deliver location-based information. According to Jobs, “We haven’t been tracking anyone. The files they found on these phones, as we explained, it turned out were basically files we have built through anonymous, crowdsourced information that we collect from the tens of millions of iPhones out there.”

Jobs did admit that the company had found a bug in the program, which led to the location data cache to be stored on phones that had their location data switched off. He promised that this would be corrected in a future update and that a smaller amount of data would be stored on the phone. It was stressed that Apple did not track iPhone users’ locations, but instead, users needed to turn on their location-based information as well as allow such collection for each application. Jobs pointed out users had a way to see which applications have been using their location information, currently as well as over the past 24 hours.

Summary

This article takes a look at the privacy concerns raised when researchers discovered the collection and storage of location-based data on Apple’s iPhones and 3G iPads, during April 2011. This discovery resulted in a number of responses from the public, ranging from outrage and fear to interest in the possible apps that could be developed utilizing such information. Apple CEO Steve Jobs explained that the devices were not tracking users; rather the location database was built from anonymous crowdsourced information.

CIPP Exam Preparation

In preparation for the Certified Information Privacy Professional/Information Technology (CIPP/IT) exam, a privacy professional should be comfortable with topics related to this post, including:

  • Personally Identifiable Information – PII (I.A.a.)
  • Methods of Data Collection (I.B.a.)
  • Consumer Privacy Concerns (II.A.a.)
  • Phone-Home Software (II.A.l.i.)
  • Prominent & Inconspicuous Notice (IV.A.)
  • Location-Based Services (VI.E.)

 

Share

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>