Responding to the tempest in a teapot surrounding the discovery that the iPhone records certain location data, Apple last week issued a clearly written Q&A that addresses the primary questions asked by users. Later that day, Steve Jobs, Phil Schiller, and Scott Forstall talked to Ina Fried of All Things Digital (run by the Wall Street Journal) about the situation; the transcript is well worth reading.
For those who have been lucky enough to miss the fuss, it was determined that some form of location data was being stored on the iPhone, which led to hysterical news articles claiming that Apple was tracking the locations of iPhone users. This data included geographic coordinates that, when plotted on a map, seemed to provide a long-term record of your movements.
The hysteria continued even after saner heads, like David Pogue of the New York Times, pointed out that the information wasn’t being transmitted to Apple or anyone else and that all cell phone carriers track and record every movement of their subscribers. Nor did it make a difference that the information extracted from your iTunes backups (which was extremely hard to get until the iPhoneTracker application was created to display it) was often clearly different from where you actually were. The greatest risk might have been someone (law enforcement or a technically savvy stalker) obtaining your phone and having what seemed to be a record of your location over time.
Although I strongly recommend reading Apple’s Q&A, it can be summarized as follows.
Apple is not tracking the location of your iPhone. Nor is your iPhone logging your actual locations. Instead, iOS maintains a database that represents a subset of Wi-Fi hotspots and cell towers in the general vicinity of a current location. The point of this database is to help the iPhone calculate its location more quickly when requested, both by avoiding a round-trip query over a mobile or Wi-Fi network to look up this information, but also to help a GPS receiver, if one is present (as one is on all iPhones since the iPhone 3G and all 3G versions of the iPad).
When starting fresh, a GPS receiver by itself can take up to 12.5 minutes to receive the full set of information about all the satellites it can see and obtain a location. If the GPS receiver knows its approximate location, that time can be reduced to 30 to 60 seconds. But with Assisted GPS (AGPS), which Apple and other smartphone companies employ, the time to acquire a satellite lock can be reduced to just a few seconds by using rough Wi-Fi or cell tower location information (the large blue circle in the Maps app, for instance) to help interpret fragments of GPS satellite signals. (TidBITS editor Glenn Fleishman wrote a long explanation of AGPS for Ars Technica in 2009, if you want more detail.)
There is little more frustrating than sitting in a car and waiting for your GPS navigation app to figure out your location so you can start driving in unfamiliar environs. That’s where AGPS comes in, and it’s part of the explanation for why Apple caches location data.
The iPhone does transmit — in an anonymous and encrypted form that Apple cannot use to identify you or your position — the locations of nearby Wi-Fi hotspots and cell towers back to Apple, where they are added to a massive crowd-sourced database. Apple used to get this sort of data from Skyhook Wireless, the firm that pioneered Wi-Fi positioning, but switched to its own network data gathering with the first iPad release, and with iOS 4.0 for all other devices.
The iPhone downloads and caches an appropriate subset of that database to aid in location calculations, and it’s this cached subset that is backed up in iTunes and read by iPhoneTracker, which accounts for the locations that don’t correspond with where you’ve actually been. For instance, check out the screenshot to see that, yes, I’ve driven around a bunch of upstate New York for cross country and track races. But I can guarantee that I’ve never been to lots of these spots.
The only location data that Apple collects and shares with other companies comes from iAds, which can use location as a factor in targeting ads. That information will be shared, but only if you explicitly approve when an iAd asks for your current location (Apple gives the example of a user requesting that an ad locate the nearest store).
Apple did for the first time reveal that it is now “collecting anonymous traffic data to build a crowd-sourced traffic database with the goal of providing iPhone users an improved traffic service in the next couple of years.” Although the Q&A isn’t clear about this, it’s likely the same sort of current road speed data captured by Android phones and some cell-connected standalone GPS navigation devices. Live traffic data can be integrated and then fed back out to provide real-time road status even on relatively low-traffic streets.
Now, all this said, Apple also acknowledged that they have identified a number of bugs in how location services were working. A free iOS update within the next couple of weeks will:
- Reduce the size of the crowd-sourced Wi-Fi hotspot and cell tower database cached on the iPhone. Previously, the iPhone was storing as much as a year’s worth of the subsets of Apple’s crowd-sourced location database. Apple says that was a bug, and after the update it will store only the last seven days’ worth of this data.
- Cease backing up this cache. There’s no reason to back up this data, since it’s just a cache to speed up location calculations, and can easily be downloaded again. After the update, this data will no longer appear in the iTunes backup files.
Delete this cache entirely when Location Services is turned off. This was another bug; even if you turned off Location Services, the iPhone could continue updating its cached subset of the Apple’s location database. Obviously, with Location Services off, there’s no reason for the iPhone to maintain this cache at all, and it won’t in the future.
Finally, Apple promised that the next major release of iOS would encrypt the cache on the iPhone so it couldn’t be used to determine even the general part of the world the user was in. It’s unclear if this means iOS 4.4 or iOS 5.
The only remaining question is if there’s anything more to this situation than Apple is letting on, and honestly, I doubt it. Apple is a business, and businesses exist to make money. Unless someone can point to a legal way Apple could make a boatload of money from location data without in any way endangering the massively lucrative iPhone market, assuming that Apple is up to no good here is pure conspiracy theory.
Yes, Apple could have designed the system to encrypt this data to start, and yes, Apple could have caught the bugs they’ve now identified and acknowledged earlier, but minor technical mistakes happen in all sufficiently complex systems. More important is how they’re resolved — and how quickly — and it appears that Apple is doing the right thing with the forthcoming iOS update.
Now perhaps privacy watchdogs can turn their attention to the very real breach of Sony’s PlayStation Network, from which hackers were able to steal personal information about tens of millions of subscribers, possibly including credit card data.