Al Franken vs. Steve Jobs: Why are you tracking our locations?

Your iPhone may be tracking your every move and Senator Al Franken, with Congressman Ed Markey, has set out to do something about it.

From HuffPo:

Researchers found that iPhones and iPads track and record users’ locations by latitude and longitude, sometimes hundreds of times a day, for up to a year, storing the file in an unencrypted format on the device.

Franken highlights some of the potential dangers of this system, noting someone in possession of a stolen iPhone or iPad could “easily download and map out a customer’s precise movements for months at a time.” The senator also points out that there’s no indication the software can tell the difference between minors and adults meaning that “the millions of children and teenagers who use iPhone or iPad devices also risk having their location collected and compromised.”

I’m going to reproduce Franken’s letter to Apple Chairman Steve Jobs here:

Mr. Steve Jobs
1 Infinite Loop
Cupertino, CA 90514

Dear Mr. Jobs, 

Sen. Al Franken

I read with concern a recent report by security researchers that Apple’s iOS 4 operating system is secretly compiling its customers’ location data in a file stored on iPhones, 3G iPads, and every computer that users used to “sync” their devices. According to the researchers, this file contains consumers’ latitude and longitude for every day they used an iPhone or 3G iPad running the iOS 4 operating system-sometimes logging their precise geo-location up to 100 times a day. The researchers who discovered this file found that it contained up to a year’s worth of data, starting from the day they installed the iOS 4 operating system. What is even more worrisome is that this file is stored in an unencrypted format on customers’ iPads, iPhones, and every computer a customer has used to back up his or her information. See Alasdair Allen & Pete Warden, Got an iPhone or 3G iPad? Apple is Recording Your Moves (Apr. 20, 2011), available at http://radar.oreilly.com/2011/04/apple-location-tracking.html. 

Advertisement

The existence of this information stored in an unencrypted format-raises serious privacy concerns. The researchers who uncovered this file speculated that it generated location based on cell phone triangulation technology. If that is indeed the case, the location available in this file is likely accurate to 50 meters or less. See Testimony of Michael Amarosa, Before the House Judiciary Committee, Subcommittee on the Constitution, Civil Rights and Civil Liberties, June 24, 2010 at page 7 available at http://judiciary.house.gov/hearings/pdf/Amarosa100624.pdf. Anyone who gains access to this single file could likely determine the location of a user’s home, the businesses he frequents, the doctors he visits, the schools his children attend, and the trips he has taken-over the past months or even a year. Cf: People v. Weaver, 909 N.E.2d 1195, 1199- 1200 (N.Y. 2009) (“What this technology yields and records with breathtaking quality and quantity is a highly detailed profile, not simply of where we go, but by easy inference, of our associations … and of the pattern of our professional and avocational pursuits.”). 

Moreover, because this data is stored in multiple locations in an unencrypted format, there are various ways that third parties could gain access to this file. Anyone who finds a lost or stolen iPhone or iPad or who has access to any computer used to sync one of these devices could easily download and map out a customer’s precise movements for months at a time. It is also entirely conceivable that malicious persons may create viruses to access this data from customers’ iPhones, iPads, and desktop and laptop computers. There are numerous ways in which this information could be abused by criminals and bad actors. Furthermore, there is no indication that this file is any different for underage iPhone or iPad users, meaning that the millions of children and teenagers who use iPhone or iPad devices also risk having their locationcollected and compromised. An estimated 13% of the 108 million iPhones and 19 million iPad devices sold are used by individuals under the age of 18, although some of these devices may not have been upgraded to iOS4. See AdMob, Admob Mobile Metrics Report at 5 (Jan. 2010), available at htt://metrics.admob.com/wp-content/uploads/2010/02/AdMob-Mobile-Metrics-Jan-10.pdf; Complaint of Apple Inc. v. Samsung Electronics CV-11-1846 at 4-5 (N.D. Cal. Apr. 15, 2011).

These developments raise several questions:

  1. Why does Apple collect and compile this location data? Why did Apple choose to initiate tracking this data in its iOS 4 operating system?
  2. Does Apple collect and compile this location data for laptops?
  3. How is this data generated? (GPS, cell tower triangulation, WiFi triangulation, etc.)
  4. How frequently is a user’s location recorded? What triggers the creation of a record of someone’s location?
  5. How precise is this location data? Can it track a user’s location to 50 meters, 100 meter, etc.?
  6. Why is this data not encrypted? What steps will Apple take to encrypt this data?
  7. Why were Apple consumers never affiamtely informed of the collection and retention of their location data in this manner? Why did Apple not seek affirmative consent before doing so?
  8. Does Apple believe that this conduct is permissible under the terms of its privacy policy? See Apple Privacy Policy at “Location-based Services” (accessed on April 20, 2011), available at www.apple.com/privacy.
  9. To whom, if anyone, including Apple, has this data been disclosed. When and why were these disclosures made?

I would appreciate your prompt response to these questions and thank you for your attention to this matter.

Sincerely,

Al Franken

United States Senator

So the next time you make a call on your iPhone or bring up the web on your iPad, you should realize that you are not alone. And, by the way, if you thought you were beating the location cache problem by buying an Android device, you should be aware that they have been found to cache location data in a similar manner.
Gotcha!

About these ads

About btchakir

Retired Theatre Producer, Graphic Designer, Usability Tester and General Troubleshooter with a keen interest in Politics and The Stage. Currently heard on WSHC, 89.7 FM (on line at www.897wshc.org) and occasionally dabbling in Community Theatre.

Posted on April 22, 2011, in Announcement, Business, Congress, Corporations, government, Internet, Legal, News, Opinion, Politics, recording, Science, Technology, Warning, Word from Bill and tagged , , , , , , , . Bookmark the permalink. 2 Comments.

  1. Apple iPhone: Do leave home without it.

  2. WOW for once picking a Windows device seems to have been a good idea (he says while hugging his Pro Touch).

    Privacy is dead folks, get used to it. Orwell was only off by what, 25 years or so?

Follow

Get every new post delivered to your Inbox.

Join 318 other followers

%d bloggers like this: