The blogosphere has been agog for the past week or so, since information was made public showing that Apple’s iPhone (and other 3G iOS devices) records user location data. We felt that this wasn’t a big deal, and much of the press agreed. However, a number of people found this to be a Big Problem, leading Apple to release a Q&A on Location Data.
In this document, Apple addresses the issue, explaining what data is stored, why, and for how long.
First, the iPhone does not store user locations, but rather:
a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than one hundred miles away from your iPhone, to help your iPhone rapidly and accurately calculate its location when requested.
Some of this data comes from a crowd-sourced database – from other iPhone users. Apple says:
The entire crowd-sourced database is too big to store on an iPhone, so we download an appropriate subset (cache) onto each iPhone. This cache is protected but not encrypted, and is backed up in iTunes whenever you back up your iPhone.
For this reason, users may find that the database shows them having been in locations they have never visited.
Apple points out that users cannot be identified:
This data is sent to Apple in an anonymous and encrypted form. Apple cannot identify the source of this data.
But Apple also points out that when Location Services is turned off, this data shouldn’t be stored. They say that this is a bug, and say that they will issue a software update in the coming weeks to fix it.
Apple says that the software update will do the following:
- reduce the size of the crowd-sourced Wi-Fi hotspot and cell tower database cached on the iPhone,
- cease backing up this cache, and
- delete this cache entirely when Location Services is turned off.
And, finally, Apple says:
In the next major iOS software release the cache will also be encrypted on the iPhone.
This all led to a nice discussion about user privacy and location data, and it showed that other phones store such data as well. Apple has reacted promptly and will fix the bug that allowed this data to be stored even when Location Services is turned off, and will encrypt this data just in case.
So can we move on to something more important now?