iPhone keeps record of everywhere you go

[GTaudiophile]

Times likes these that I enjoy the bliss (and cost savings) of having a simple dumb phone.

 

[AyashiKaibutsu]

The main difference is google asks you were as the great Jobs decided it would be best that he have access to everywhere you've been.

 

[Patranus]

Times likes these that I enjoy the bliss (and cost savings) of having a simple dumb phone.

Again, you don't think your cellular provider keeps the exact same info based off tower data?

 

[Phynaz]

It's just another thing that can be used against you.
There is a thread on P&N about it:
http://news.cnet.com/8301-17938_105-20055431-1.html
Cop can simply take your iphone with no court order, make a copy of the data, and bam, he knows where you've been, when, and average speed between the points If you are at one point at 10pm, and at another point 100 miles away an hour later, you got some explaining to do

Not how it works, but hey we wouldn't want to actually research where that file is, would we?

 

[gsaldivar]

Again, you don't think your cellular provider keeps the exact same info based off tower data?

What makes you think cellular providers would keep this type of data indefinitely, for each subscriber?

 

[Dulanic]

What makes you think cellular providers would keep this type of data indefinitely, for each subscriber?

Or if it's not using GPS data that it will be nearly as accurate? I'm not surprised this doesn't piss off Apple people tho, after all Apple is doing it so it's got to be good for mankind.

 

[corkyg]

On the positive side, it could save your life someday. I have a good old ":dumb" phone, but it does have a locating capability that can be turned on and off. I keep it on.

 

[ChAoTiCpInOy]

This has been shown to be not as a big deal as people are making it out to be.
1) It's storing data of the cell towers that were near you at that time.
2) It's not sending that data back, it's just storing it on your iPhone or computer.
3) This has been a feature since pre-iOS 4, it's just more prominent because they had to move the location of the file.

 

[JeffreyLebowski]

Ah - I'm pretty sure every single GPS enabled device does something similar. When you click that you agree to share your location data with (google/bing/whoever), this is what happens. They store wifi access points to assist in getting your location when they don't have a firm enough GPS fix. I find it odd that they're storing it all in a file locally like that, but they all have a similar feature...outrage unnecessary.

https://www.google.com/latitude/b/0/history/dashboard

There's a difference. You willingly sign up for Google Latitude. With the iPhone if you buy the iPhone you are tracked and the information is logged.

 

[ChAoTiCpInOy]

There's a difference. You willingly sign up for Google Latitude. With the iPhone if you buy the iPhone you are tracked and the information is logged.

It's in the Terms of Service that you agree to when you activate your iPhone.

 

[TheStu]

This has been shown to be not as a big deal as people are making it out to be.
1) It's storing data of the cell towers that were near you at that time.
2) It's not sending that data back, it's just storing it on your iPhone or computer.
3) This has been a feature since pre-iOS 4, it's just more prominent because they had to move the location of the file.

There is also a theory that it is a bug that is causing the older entries to not be deleted. It probably wants to keep some data, sort of like cookies on a browser, so you don't have to always ping the tower for information, but it probably isn't supposed to keep all of it.

 

[Deeko]

There's a difference. You willingly sign up for Google Latitude. With the iPhone if you buy the iPhone you are tracked and the information is logged.

...after you click "Yes, I accept".

The user willingly and explicitely permitted Apple to do this. Google does the same thing with Android, not just in Latitude - Latitude just shows you pretty stats. HTC cleary does the same thing. That means if you have an Evo, you've got both Google AND HTC tracking your every move.

Seriously - every smartphone does this, and the user allowed them to. See the BGR article.

 

[zerocool84]

By now you've no doubt heard about a certain iOS database file called consolidated.db. It made quite a splash yesterday when a pair of researchers, Alasdair Allan and Pete Warden, from O'Reilly Media announced the "iPhone tracking software" the duo had "discovered hidden on the phones." Here's the problem: they didn't discover it, at least not originally. The file, known to hold large amounts of geolocation data collected from WiFi access points and cell-towers, has been probed by forensic experts ever since the retail launch of the iPhone 4 back in June of 2010. Hell, Sean Morrissey and Alex Levinson published a physical book on the topic back in December 2010, entire excerpts of which can easily be found on Google. So either the team from O'Reilly is being disingenuous with its claims or it's being lazy.

Regardless, the story laid dormant for months until the O'Reilly team was able to visualize the data in a very personal way. Running the team's open-source iPhoneTracker software to see the detailed locations of our worldly travels is absolutely fascinating. Imagining the same data file in the hands of a stalker, misguided detective, or a jealous lover is downright creepy.

But how is it possible that an issue like this has avoided the tech community at large for more than a year? And more importantly, what can you do about it? Read on to find out.

Sure the visualization is powerful, but so is the emotive energy that surrounds any issue related to Apple. Toss in big brother privacy concerns and you've just unleashed the perfect storm into the blogosphere echo chamber. Yet, we heard nary a peep emitted outside of forensic circles until yesterday. Ryan Block, lover of fine coffee and Engadget Editor Emeritus, postulated an answer to our question over at GDGT, theorizing that perhaps the forensic community, unlike the security world, is so insular that it lacks the incentive to go public with such privacy concerns. After all, criminals will change their behavior if they know what you're tracking. But who's the so-called "criminal" in this case?

For that, we have to dig into Apple's privacy policy, something you accept every time you blindly click away Apple's terms and conditions. The policy was last updated on the 21st of June, 2010 -- the same day that Apple released iOS 4. Guess what? It talks a lot about collecting and using non-personal information, including location data. Here are a few choice paragraphs:

We also collect non-personal information − data in a form that does not permit direct association with any specific individual. We may collect, use, transfer, and disclose non-personal information for any purpose.

Apple then cites several examples:

We may collect information such as occupation, language, zip code, area code, unique device identifier, location, and the time zone where an Apple product is used so that we can better understand customer behavior and improve our products, services, and advertising.

The company later expounds on location services specifically:

To provide location-based services on Apple products, Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services.

Problem is, the location data is very personal and hardly anonymous because it's stored right on your phone -- the most personal device we own. The consolidated.db is also replicated (unencrypted by default) to any PC or Mac your iPhone syncs with, and subsequently any additional backup devices you might use (Windows Home Sever, Time Capsule, etc.).

Apple's not alone in this behavior, either. Just last month, The New York Times ran a story titled, "It's Tracking Your Every Move and You May Not Even Know." In this case, however, "it" does not refer to Apple, it references the cellphone companies who have to track your location in order to provide the best possible service. That meant 35,000 longitude and latitude coordinates collected over a six month period for one very unhappy Deutsche Telekom subscriber who had to go to court in Germany to find out what his provider knew. See, like the United States, German carriers are not required to report the data they collect.

Don't get us wrong, we're not letting Apple off the hook here -- we also want to know why the company needs to collect and maintain so much of our location data for such a long time. But we, as consumers, have to pay better attention if we want to reserve the right to scream foul.

If this issue really concerns you, then there are a few things you can do right now to take control of your privacy. First, you can go into iTunes and start encrypting your iPhone and iPad backups. Second, you can purge the consolidated.db files sitting on your various hard disk drives. Lastly, if your device is jailbroken, you can install the free Untrackerd app to continuously clean the consolidated.db file. That should keep you busy while we wait for Apple to respond.

Long read but breaks it all down for you. A lot of you guys are naive, if you have a smartphone, any smartphone, you're getting tracked. It's just part of owning a smartphone. Only way for that to stop is not owning a smartphone.

http://www.engadget.com/2011/04/21/the-iphone-tracking-fiasco-and-what-you-can-do-about-it/

 

[s44]

Having it stored deep in carrier servers somewhere is *not* the same as having it compiled and unencrypted on your device and home PC.

This is the "you're holding it wrong" defense, as bogus then as now.

 

[ChAoTiCpInOy]

Having it stored deep in carrier servers somewhere is *not* the same as having it compiled and unencrypted on your device and home PC.

This is the "you're holding it wrong" defense, as bogus then as now.

Basically you're saying it's all right for them to have the data, but not for you to hold onto the data on your device? Plus, you do realize you can encrypt those backups on your computer and you can wipe your device remotely in case its stolen.

 

[akugami]

I gotta ask... seriously... why is this so shocking/surprising? Anyone with two neurons firing in their brain when they started making GPS-enabled mobile devices should have put this eventuality together. No, it doesn't mean that it's right, but come on! It's not like we didn't see this coming!

My problem is the ease with which it is accessible. If it was an encrypted file on the phone...I could care less so long as I am opting in to the tracking. For instance, Apple may use the file for targetting ads.

I did realize as another user pointed out the fact that carriers can do the same thing. They have extensive records of everywhere your cell phone has been. However, at least we can assume the info is on a secure server somewhere that at least has some protection from nefarious folks accessing it.

 

[gsaldivar]

I have no problem with either Apple or Google having this data, as long as there is a data retention policy in place that explicitly spells out what data is being collected, how long the data will be retained, how it will be protected, and when it will be deleted.

For long term retention, I'm also OK with that - as long as the data is anonymized or aggregated in such a way that strips out personally identifiable information like phone ID, IP address, etc.

In either case -- there should also be a way for users to manage this data and opt-out at any time, should they so desire.

With Google at least, there has been a significant progress in this area. Users are able to directly manage most data that Google collects about its users on a wide variety of their products (Youtube, Google Voice, etc...) by simply logging into Google Dashboard:

http://www.youtube.com/watch?v=ZPaJPxhPq_g

https://www.google.com/accounts/Ser...d/&followup=https://www.google.com/dashboard/

 

[Bateluer]

Its funny, when I made posts here and on FB a while back about smart phones and apps tracking users location and data, I was called a crackpot and a weirdo and told this was nothing to worry about. Once again, history backs me up.

 

[zerocool84]

Its funny, when I made posts here and on FB a while back about smart phones and apps tracking users location and data, I was called a crackpot and a weirdo and told this was nothing to worry about. Once again, history backs me up.

Huh??? We had threads about this last year already.

 

[Bateluer]

Huh??? We had threads about this last year already.

Was mostly from people on Facebook, took a lot of flak from friends when I told them to be watching the permissions on the apps they were installing, and declined all their Latitude/Foursquare/Gowalla invites.

 

[gsaldivar]

Was mostly from people on Facebook, took a lot of flak from friends when I told them to be watching the permissions on the apps they were installing, and declined all their Latitude/Foursquare/Gowalla invites.

I've found Latitude (Google) to be pretty good about informing you of tracking. Even after accepting all the terms and conditions, several days after activating, you still get emails reminding you that you have opted-in to location tracking:

To protect your privacy we would like you to know that Google Latitude is running on your mobile device and reporting your location.
If you didn't enable this or want to stop reporting your location, please open Latitude privacy settings or sign out of Latitude. To learn more, visit the Latitude Help Center.
Thanks,
Google Latitude Team
(c) 2010 Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Terms of Service | Privacy Policy

 

[Capt Caveman]

Its funny, when I made posts here and on FB a while back about smart phones and apps tracking users location and data, I was called a crackpot and a weirdo and told this was nothing to worry about. Once again, history backs me up.

Yes, then and now, it's nothing to worry about.

Don't like it, turn off Location Services.

 

[Suspicious-Teach8788]

My only concern would be not privacy, but battery life.

But here's the thing. It clearly doesn't do it THAT often otherwise battery life would be horrendous. If I turn 1 hr weather sync for Beautiful Widgets, there's noticeable battery drain. It has to communicate with location server and then pull weather. Granted it's a 2 step process, but the battery drain is really in communicating. When your phone can't get reliable data, it ups the power. So once you start transmitting, 5kb or 100kb is almost the same in power consumption.

Thus I question the details of this data mining process. Is it an automated app-like thing built into the system where it pings a location server every hour? Or what? Or is it everytime an app requests your location (i.e. twitter, Facebook, etc), the system gets your location, logs it down in a log, and then sends it to the app?

I'm not too worried about this, but at the same time, we need more details. I think the worst is if this is really just built into the system where it auto locates you every x # hours.

Also comparing to Latitude is different. latitude is a service you subscribe to. You CHOOSE to do it, and you have to agree to its terms. But on the other hand, Latitude data is broadcasted to the world. iOS location data is NOT.

 

[akugami]

Its funny, when I made posts here and on FB a while back about smart phones and apps tracking users location and data, I was called a crackpot and a weirdo and told this was nothing to worry about. Once again, history backs me up.

If you posted here about it, I must have missed it. Honestly, I know Apple collects data. It's in their EULA. Especially since they bought an advertisement firm to help them sell ads on iOS devices. The problem is the ease with which this data can be compromised if someone gets hold of your phone.

BTW, Google has very extensive records of who searches what on their web site too. So I wouldn't be surprised if a similar archive of user habits exists on Android phones. Not that I'm saying there is evidence to such, just that it wouldn't surprise me.

I almost always opt out of tracking in apps. And some of those apps that ask to track you have less than zero reason to do so.

 

[Glitchny]

If you posted here about it, I must have missed it. Honestly, I know Apple collects data. It's in their EULA. Especially since they bought an advertisement firm to help them sell ads on iOS devices. The problem is the ease with which this data can be compromised if someone gets hold of your phone.

BTW, Google has very extensive records of who searches what on their web site too. So I wouldn't be surprised if a similar archive of user habits exists on Android phones. Not that I'm saying there is evidence to such, just that it wouldn't surprise me.

I almost always opt out of tracking in apps. And some of those apps that ask to track you have less than zero reason to do so.

Pretty sure I just saw a news blurb about Google doing it as well.. which was to be expected IMO. I already use Latitude so this really isn't an issue for me.