iPhone Tracking Queries Trail Previous Privacy Issues

Apple is facing some serious questions about how and why its mobile products collect users’ location data. But it’s not the first time the company has dealt with interrogation by lawmakers over its practices related to that sort of information.

On 21 April, US Representative Edward Markey and Senator Al Franken fired off letters to Apple chief executive Steve Jobs, asking for clarification on news that the iPhone and 3G-enabled iPad running iOS 4 have been saving location data to a hidden database file.

Previous incident

Apple has not yet officially responded, but it’s not the first time the tech giant has run smack into lawmakers’ inquiries about its location data. In June 2010, Edward Markey, along with US Representative Joe L. Barton sent Apple a letter demanding information on its practice of collecting, storing and sharing the location of users’ mobile devices.

The congressmen were apparently motivated by a change in Apple’s iTunes privacy policy, which had been revised to allow the sharing of location data with application providers – if customers opted in to the providers’ location services.

Apple responded at the time that, while its mobile devices and Mac computers did collect location information, they did so anonymously in batches, before encrypting and sending it to Apple’s servers every 12 hours.

In recent days, reports have emerged suggesting that smartphones running Android have been transmitting location data to Google. Security analyst Samy Kamkar, in research quoted in The Wall Street Journal on 22 April, suggested that the information uploaded by Android devices was free of personal data.

The current focus on iOS 4 started after researchers Alasdair Allan wrote a long 20 April posting about the mobile operating system’s supposed location-sniffing abilities on the O’Reilly Radar blog. Working with co-researcher Pete Warden, Allan released an open-source iPhone Tracker application that plots the consolidated information on a map.

“The database of your locations is stored on your iPhone as well as in any of the automatic backups that are made when you sync it with iTunes,” Allan wrote as part of a FAQ about removing the data. “One thing that will help is choosing encrypted backups, since that will prevent other users or programs on your machine from viewing the data, but there will still be a copy on your device.”

Location data

The location data saved by iOS 4 apparently contains information gleaned from cell towers and the names of Wi-Fi access points, and not actual data on the tablet or smartphone. In theory, at least, anyone who manages to seize the user’s iOS device and its syncing PC will have access to the unlocked database file and roughly a year’s worth of consolidated location data.

As the week closed, news reports emerged that law-enforcement agencies have been using iPhone and iPad location data for at least the past year. Law and order aside, though, a least a few of the nation’s legislators have expressed reservations over Apple’s policy.

“The existence of this information stored in an unencrypted format raises serious privacy concerns,” read Franken’s 21 April letter to Jobs. “The researchers who uncovered this file speculated that it generated location based on cell phone triangulation technology. If that is indeed the case, the location available in this file is likely accurate to 50 metres or less.”

In turn, he wrote, that raises the possibility of some very negative consequences: “It is also entirely conceivable that malicious persons may create viruses to access this data from customers’ iPhones, iPads and desktop and laptop computers … There are numerous ways in which this information could be abused by criminals and bad actors.”

Other popular online services, including Twitter and Foursquare, also leverage location data.

Nicholas Kolakowski eWEEK USA 2013. Ziff Davis Enterprise Inc. All Rights Reserved.

View Comments

  • TrackerBuster!!!!

    This script is designed to "patch" the iPhone "bug" that makes it store user movement data.

    This will not harm your device in any form, it will just configure consolidated.db to auto purge via standard sql calls.

    No executable code or external program needed running on the iPhone.

    This patch IS USABLE on NOT JAILBROKEN devices too

    1st get the database:

    In JAILBROKEN devices just SCP/FTP to /var/root/Library/Caches/locationd and copy consolidated.db to your computer

    In NOT JAILBROKEN devices a method is proposed here using itunes backups to access the file:
    -- http://howto.wired.com/wiki/Find_Stored_iPhone_Location_Data_on_your_Computer

    Apply the patch to the database. The easy way is opening the file with a SQL browser, and import the TrackerBuster.sql

    Any SQL browser will do the job, but sometimes freeware is not easy to find in windows so I used and tested with the SQLite Database Browser over a PuppyLinux 5.2.5 liveCD

    In JAILBROKEN devices just SCP/FTP and copy the modified consolidated.db to to /var/root/Library/Caches/locationd

    In NOT JAILBROKEN devices restore from your last backup in iTunes once database is patched

    READY, your iPhone is not tracking your data anymore, with no programs running on the background.

    If you need to restore the tracking ability of the device just remove the file using the same methods

    Extended info in the script itself, just open it with any text or code editor

    TrackerBuster:

    http://www.megaupload.com/?d=XGCP8B4G

Share
Published by
Nicholas Kolakowski eWEEK USA 2013. Ziff Davis Enterprise Inc. All Rights Reserved.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago