Apple blames iOS data tracking on firmware bug
updated 09:25 am EDT, Wed April 27, 2011
Promises improved security in future updates
Apple is not tracking the location of iPhone users, the company insists in an official FAQ responding to worries about a location history file in iOS 4. "Apple has never done so and has no plans to ever do so," part of the FAQ reads. "Providing mobile users with fast and accurate location information while preserving their security and privacy has raised some very complex technical issues which are hard to communicate in a soundbite. Users are confused, partly because the creators of this new technology (including Apple) have not provided enough education about these issues to date."
The company explains that the file is actually based on a database of Wi-Fi hotspots and celltowers around a person's location, used to speed up location-finding versus just using GPS, or in place of it via triangulation. "These calculations are performed live on the iPhone using a crowd-sourced database of Wi-Fi hotspot and cell tower data that is generated by tens of millions of iPhones sending the geo-tagged locations of nearby Wi-Fi hotspots and cell towers in an anonymous and encrypted form to Apple," the FAQ says.
The file is a local cache of the broader database, claimed to be "protected but not encrypted" except if a person has chosen to encrypt their backups in iTunes. Apple defends the data as imprecise, relaying information about hotspots and towers that can be "more than one hundred miles away" from a device. It adds that because the data is anonymous and encrypted when transmitted, individuals can't be identified.
The sheer quantity of information kept in the cache -- potentially going back as iOS 4's launch last year -- is said to be a bug. "We don’t think the iPhone needs to store more than seven days of this data," Apple elaborates. Also allegedly a bug is continuous updating of the cache even when Locations Services are turned off.
The company is promising to put out an iOS firmware update "in the next few weeks" which will reduce the size of the database cache, prevent it from being backed up, and delete it entirely when Location Services are switched off. A future "major" iOS update will do on-device encryption of the file. The company has meanwhile disclosed that it is collecting "anonymous traffic data" to create "a crowd-sourced traffic database with the goal of providing iPhone users an improved traffic service in the next couple of years."
Fresh-Faced Recruit
Joined: Jan 2008
"Users are confused..."
Not a good way to talk about your customers but whatever. I don't have a problem with what Apple is doing nor is it any different than what other smartphone mfgs are doing. However, I do have a problem with how they bungled it....as they did with Antennagate....as they did with the original iPhone pricing.... how anyone is still an iPhone customer after the string of media fumbles... oy vey.
"Users are confused, partly because the creators of this new technology (including Apple) have not provided enough education about these issues to date."
CNN, MSNBC, FOX News, NBC, etc. and just about every news outlet already did that for you. The horses have already left the barn but I'm glad to see you finally closed the door.
"This data is sent to Apple in an anonymous and encrypted form. Apple cannot identify the source of this data"
Except by GPS tagging, of course. No mention of UUID in this FAQ either.
"This is a bug, which we plan to fix shortly (see Software Update section below). "
Then why not say so early on? Unless of course you were waiting to announce the white iPhone to drown out the controversy.
"Apple will continue to be one of the leaders in strengthening personal information security and privacy."
So letting it get to CNN-type proportions, or get to Senate panel investigations meant you had your customers' best interests in mind?