Locational Privacy and Smart Phones

Before I get to the startling news that security researchers have discovered that Apple's iPhone keeps track of EVERYWHERE you go – and saves every detail of it to a secret file on the device which is then copied to the owner's computer when the two are synchronized, let me briefly provide some context. As I have written here before, the fact that Americans are losing their privacy as they travel through public space due to location-based technologies isn't debatable. The question, as is so often the case when it comes to issues at the intersection of privacy and technology, is what kind of say do we have in the matter and what kind of rules are in place protecting our privacy rights?

Now the issue of locational privacy has resurfaced in a way that was just "conspiracy theories" and "worst case scenarios" in the very recent past. In that past, we had services such as EZ Pass (allows you to bypass stopping to pay the bridge toll), Google Latitude, the GPS tracking of cellphones, the right of police and government to track our whereabouts (both by phone and car), transit cards, social networking sites, WiFi networks, and more, all opening up a brave new world of real time, locational tracking of Americans.

But these new Smart Phone revelations take this to another level.

The UK's Guardian reports: The files contained the latitude and longitude of the phone's recorded coordinates along with a timestamp, meaning that anyone who stole the phone or the computer could discover details about the owner's movements using a simple program. For some phones, there could be almost a year's worth of data stored, as the recording of data seems to have started with Apple's iOS 4 update to the phone's operating system, released in June 2010.

"Apple has made it possible for almost anybody – a jealous spouse, a private detective – with access to your phone or computer to get detailed information about where you've been," said Pete Warden, one of the researchers.

Only the iPhone records the user's location in this way, say Warden and Alasdair Allan, the data scientists who discovered the file and are presenting their findings at the Where 2.0 conference in San Francisco on Wednesday. "Alasdair has looked for similar tracking code in [Google's] Android phones and couldn't find any," said Warden. "We haven't come across any instances of other phone manufacturers doing this."

Simon Davies, director of the pressure group Privacy International, said: "This is a worrying discovery. Location is one of the most sensitive elements in anyone's life – just think where people go in the evening. The existence of that data creates a real threat to privacy. The absence of notice to users or any control option can only stem from an ignorance about privacy at the design stage."

Indeed it is an important element. I'd point everybody to check out a report from the Electronic Frontier Foundation (EFF) in 2009 on the issue of "locational privacy". The report warned that Americans are losing their privacy as they travel through public space due to location-based technologies and services.

As the report detailed, "Location-based services that transmit, record, and store where a person is—such as EZ Pass, WiFi networks, transit cards, Google Latitude—can be exploited by government, business, or prying ex-lovers to track and reconstruct where people have been as they go about their daily life."

And what of the common response to worries about locational privacy, or other privacy issues in fact, that posits "I'm not doing anything wrong, why should I care?"

EFF lays out the folly of such a knee jerk defense of our ever expanding surveillance state...one that goes beyond the usual concerns of big government or law enforcement overreach:

One answer to this concern is a reminder that there are more subtle reasons for needing privacy. It’s not just the government, or law enforcement, or political enemies you might want to be protected from.

• Your employer doesn’t need to know things about whether, when, and where you went to church.
• Your co-workers don’t need to know how late you work or where you shop.
• Your sister’s ex-boyfriend doesn’t need know how often she spends the night at her new boyfriend’s apartment.
• Your corporate competitors don’t need to know who your salespeople are talking to.

Now, let's get back to the Guardian piece:

Warden and Allan point out that the file is moved onto new devices when an old one is replaced: "Apple might have new features in mind that require a history of your location, but that's our specualtion. The fact that [the file] is transferred across [to a new iPhone or iPad] when you migrate is evidence that the data-gathering isn't accidental." But they said it does not seem to be transmitted to Apple itself.


The iPhone system, by contrast, appears to record the data whether or not the user agrees. Apple declined to comment on why the file is created or whether it can be disabled.

Warden and Allan have set up a web page which answers questions about the file, and created a simple downloadable application to let Apple users check for themselves what location data the phone is retaining. The Guardian has confirmed that 3G-enabled devices including the iPad also retain the data and copy it to the owner's computer.

If someone were to steal an iPhone and "jailbreak" it, giving them direct access to the files it contains, they could extract the location database directly. Alternatively, anyone with direct access to a user's computer could run the application and see a visualization of their movements.

Graham Cluley, senior technology consultant at the security company Sophos, said: "If the data isn't required for anything, then it shouldn't store the location. And it doesn't need to keep an archive on your machine of where you've been." He suggested that Apple might be hoping that it would yield data for future mobile advertising targeted by location, although he added: "I tend to subscribe to cockup rather than conspiracy on things like this – I don't think Apple is really trying to monitor where users are."

We shouldn't view this as that big of a surprise of course. A study released last year by the Worcester Polytechnic Institute (WPI) in Massachusetts found that mobile social networks are giving data about users' physical locations to tracking sites and other social networking services. Researchers reported that all 20 sites that were studied leaked some kind of private information to third-party tracking sites.

In the study, the researchers looked at the practices of 13 mobile online social networks, including Brightkite, Flickr, Foursquare, Gowalla and Urbanspoon. They also studied seven traditional online social networks, such as Facebook, LinkedIn, MySpace and Twitter, which allow users to access their sites using mobile devices.

In many cases, the data given out contained the user's unique social networking identifier, which could allow third-party sites to connect the records they keep of users' browsing behavior with the their profiles on the social networking sites.

As the report notes, "The combination of location information, unique identifiers of devices, and traditional leakage of other personally identifiable information all conspire against protection of users' privacy."

I addition, we also know that the FBI uses 'dragnet'-style warrantless cell phone tracking. In other words, there are more and more ways, through more and more devices, that can track and store our location, and that data is worth more and more money.

There is some good news to report on this however. Senator Al Franken, who continues to distinguish himself as an excellent Senator on issues related to privacy and the internet, has indicated he's not at all pleased by these revelations about Apple, and could seek a full fledged investigation.

The Senator sent a letter to Apple late Wednesday to question why it included the feature in its software in the first place. The letter reads, “The existence of this information — stored in an unencrypted format — raises serious privacy concerns,” He later emphasized the information — which could be “accurate to 50 meters or less” — also applies to iPhones and iPads owned by children, and could easily be exploited by “criminals and bad actors.”

As reported by Politico, "Franken wants to know why Apple included the feature in the operating system. In a two page letter issued Wednesday, the senator asked Apple to explain why it initiated this tracking process in iOS 4, and why the company “never affirmatively informed [consumers] of the collection and retention of their location data in this manner?”

Franken also asked Jobs to explain whether the location data has been disclosed, and whether the same technology is also included as part of the operating system software that runs on the company’s popular MacBook laptops.

Franken’s letter is significant given lawmakers’ heightened interest in reforming federal laws on privacy, tracking and surveillance. The issue of mobile phone privacy, in particular, has Sen. Ron Wyden (D-Ore.) still working on legislation that could become part of the chamber’s larger effort to set new rules for how and when federal law enforcement can access consumers’ location data.

A constantly monitored citizenry used to conjure up images of totalitarian states - not Google and I-Phones. And granted, now technology does the surveillance — generally in the name of being helpful and entertaining, not to stifle dissent or oppress the public.

This fact does not mean that these technologies can't still be used in ways that do reduce freedoms, do play into the hands of overly aggressive and/or oppressive governments, and does invade privacy by using our private information to maximize corporate profit.

Perhaps its time for a serious conversation about how much of our privacy of movement we want to give up - and how much control do we get over that decision?