My take on the iPhone location services hubbub

Tech sites and developer blogs have been reacting to the recent release of iPhoneTracker, a Mac OS X app that can easily plot where you’ve been, and when, since you started using your iPhone. While it might sound “scary” or “creepy” from the get-go, it’s not horrible – it carries roughly the same privacy concerns as leaving your laptop or phone unlocked and inadvertently allowing people to peruse your recent calls, emails, or other personal data.

Some Mac/iOS developers on Twitter have been bemoaning the backlash from this not-so-new revelation – that the iPhone keeps track of every time you geolocate and stores it in a relatively easily-accessible database. I’ve heard arguments like, “this outrage is coming from a population that regularly checks themselves into Foursquare,” or “you’re at fault if you let this information get into the wrong hands.” I think these defensive statements are missing the point, and border on zeal toward Apple.

I need to reiterate my stance on this issue, lest I be grouped in with the down-with-Apple FUD crowd (or with the non-Apple-shareholder crowd): I don’t think this is a very big deal. As it’s been stated over and over again, recently: cell phone companies track your location and record your calls all the time, so the DHS or FBI or whoever can come down hard on you if the need arises. A history of where you’ve been over time might even seem useful to some. But I still think that blame can be placed on whoever at Apple decided to retain this tracking data indefinitely, and do so in an easily-accessible database file.

The reason Apple stores location data on your phone is so those who explicitly opt-in to provide “diagnostic” data to Apple can help improve their geolocation services. If Apple’s phones can tell them where Wi-Fi networks are physically located, then even devices without GPS technology can still be geolocated rather confidently. It’s a fascinating effort that I have opted to take part in, but I have two main concerns, which I have yet to hear good answers to:

  • Why has Apple decided to retain tracking data on your phone indefinitely? According to Apple’s terms, diagnostic information might be sent up to twice a day. If that’s the case, why isn’t the data destroyed locally afterwards? Why can’t I destroy it without starting from a fresh iOS installation? Is there any further use for it?
  • Why is it so easy to access this tracking database? When you sync your iPhone to any computer, the tracking database is saved along with the rest of your backup – and applications like iPhoneTracker have access to these files without administrator privileges.

I am not an iOS developer, and I can’t even claim to know the ins and outs of file permissions, let alone how the internal storage of my iPhone works. But I do find it alarming that this file can be accessed and I won’t even be notified or requested for permission. iPhoneTracker was created as proof of this. It’s child’s play for a malware developer to access this database and upload the information anywhere, and you don’t know the first thing about security if you trust in good faith that this sort of thing won’t happen.

I’m not mad at Apple. I’m not mad, period. I just have some unanswered questions, and it’s hard to get them answered amongst the squawking from all sides.

P.S. one non-argument I read earlier is that Android keeps a cache of your location tracking as well. I will hold Google equally responsible, but only if that cache can be accessed without root privileges, and if it is stored indefinitely. I might be wrong (by all means, prove me wrong), but I don’t believe either to be the case.