/ Technology

Apple’s iPhone is tracking you. Yes, you should be worried

iPhone tracking from O-Reilly Radar

Unless you’ve already switched off for Easter, it will have been hard to miss this week’s revelation that iPhones and 3G iPads have been keeping a record of their users’ movements.

A file, made more visible when Apple released iOS 4.0, contains an approximation of where you’ve been, and the date and time you were there. It’s synced to PCs when you connect them, and the data is unencrypted and unprotected.

Depending on when you updated the software, the file could contain up to a year’s worth of information. Anyone with the knowledge to “jailbreak” your iPhone, or access the backups on your PC, would be able to get hold of your precious information about where you’ve been and when.

Should iPhone tracking worry us?

But does this matter? While there’s no evidence that Apple (or anyone else) has been accessing this information, the fact that this data is available and unprotected has massive implications for people’s privacy.

The data, which is derived from phone mast triangulation (not the built-in GPS), has been available to law enforcement agencies and other legitimate organisations for years. However, it’s protected by the Regulation of Investigatory Powers Act, and as such requires a court order to access.

If you use an iPhone, however, merely stealing your phone or PC could give an investigator access to information previously protected by law.

The potential for abuse is massive – anyone with an axe to grind could use the information to their advantage. It’s not exactly hard to extract – the researchers who discovered the exploit have created a tool allowing people to do so and visualise it on a map.

An Apple accident, or entirely deliberate?

Moreover, while we’ve been promised a comment from Apple, they’re still yet to clarify why they collect this information, or why it’s totally unprotected. That means that, for the moment, we can only guess at why this data is being recorded. But it seems unlikely to be an accident, given that the location details recorded are transferred to new devices when customers upgrade.

If it does prove to be the case that this is no accident, then it’s disappointing that Apple deems it acceptable to record the private movements of its customers without encrypting this data.

While Apple does warn its customers that it will collect this data, it’s basically hidden within its terms and conditions. I seriously question whether this can be construed as informed consent.

In my mind, it’s bad enough that they collect the information in the first place – that it’s so open to abuse is nothing short of outrageous.

Comments
Member

Why is anyone surprised? It’s Apple and Steve.

Member

My attention was directed earlier today to this article which tries to cut through some of the current hysteria about this topic in the press :

https://alexlevinson.wordpress.com/2011/04/21/3-major-issues-with-the-latest-iphone-tracking-discovery/

(sorry, can’t work out how to make this a clickable link)

It’s a bit technical but seems to be saying this is nothing to worry about.

Member

Dear me, what a load of paranoia
“If you use an iPhone, however, merely stealing your phone or PC could give an investigator access to information previously protected by law.”
Anyone stealing my car, wallet or breaking into my house will have access to material protected by law.
Get a grip on yourself.

Member

Interesting point kelpie.

The bit that many are getting upset about is that they weren’t aware that the phone was keeping tabs of their location, that it backed up to a computer when it synced, transferred across devices, and so on.

The point is this. To intentionally gather location data without openly and expressly informing the user is, to say the least, underhand. To not have an opt out, equally so.

You call the worry of data theft paranoia; considering how people are finding out, they can’t really be blamed for feeling that way.

Member

too much of our information is “out there” – our information is sold on, bought, swapped, used in studies, used to price things that we have to buy or that we may want to buy (demographics)

people should learn to tell any business to mind their own business!

Member
Phil says:
21 April 2011

Are the people most upset by this the same ones who tell everyone on Facebook/Twitter their every move?

Member

To answer Phil’s question…NO, at least not all of them.

Member

I like Phil’s point just above this – well said Phil.

I also agree very much with Paul Daly’s points, especially about the “openly and expressly” and “opt out” parts.

However, I would point out that whilst I think this is very underhand and reprehensible of Apple (a company that I have a lot of time for normally) it’s no different from what supermarkets have done with your loyalty cards for donkey’s years, nor from what people using Sat Nav’s could well be unwittingly engaging in – in both cases the technology is there and in the supermarkets’ case it is most definitely in use to track which branches you shop at, what time of day you shop, how much you spend, exactly what products you buy (let’s hope the bar codes are right so no one gets accused of buying something slightly embarrassing in the small hours rather than an innocent emergency loo roll), how often you shop, what payment methods you use, etc, etc.
Come to think of it it is also no different at all from what the banks, credit card providers and card reader companies have done ever since the EFT was invented (Wonder if that is another reason the banks want to abolish cheques???).

I think people are completely right to be angry about this and I think Apple needs to eat a very large humble pie whilst it explains to us exactly what it’s playing it, but whether that happens or not, Apple and the iPhone is just the tip of the “big brother” mountain.