Shock: iPhones store location data (Gimme a break...)
Worried about LocationGate? I'll give you something to worry about
Computerworld - Location data retention sounds like a medical condition. In a way, it is. And your phone's probably got it.
We heard about a new scandal this week. iPhones, we discovered, keep a record of every place you've been, or, at least, every place your phone's been. That data is stored in a file on your phone, unencrypted. Shock!
The data could be subpoenaed in a divorce case. PCs and phones could be hacked, and the could be data exposed. The horror!
Congress is outraged: Comedian-turned-grandstanding-senator Al Franken (D-Minn.), and Rep. Ed Markey (D-Mass.) have demanded that Steve Jobs explain himself. And Germany, a country whose national pastime has become the harassment of Silicon Valley companies that may be violating German privacy laws, wants clarification as well.
The self-appointed guardians of privacy are breaking out the pitchforks and torches. The news media have been alerted. TV talking heads are aghast.
Meanwhile, the Wall Street Journal reported that Android phones not only capture location data, but also beam it back to Google every few minutes, along with the phones' unique identifiers and the location of nearby Wi-Fi hot spots. (Google erases the start and end locations for all "trips.")
The Drudge Report linked to the Journal story with this headline: "FOLLOWING YOU: APPLE, GOOGLE PHONES COLLECT DATA." You know it's serious if they use all caps.
The whole affair is a non-issue as far as I'm concerned, and for two reasons. First, we already knew all about it. And second, there are far more serious violations of privacy going on every day that few seem all that concerned about.
One of the most delicious ironies in all this is that Markey demanded -- and received -- an explanation about Apple's location collection policy in July. In response to that request, Apple offered a detailed explanation in a letter to Markey, and Rep. Joe Barton (R-Texas).
Markey could just read the letter he has on file. But his demand looks a lot like political grandstanding and not much like fact-finding.
A few bloggers were talking about this last year, but nobody cared. It's something of a mystery why this has suddenly become an issue.
The least of our location data worries
The biggest reason LocationGate is a non-issue is that it's far less of a privacy concern than other aspects of owning and using a smartphone.
Let's be clear about what's going on here. The scandal around the iPhone's user-tracking capability is that "you" should be the only one in possession of your own location data. Fears center around the "potential" for evil-doers to get their greasy mitts on that data -- something that has not actually happened, as far as I know.
If some shady hacker type steals my iPhone or hacks my laptop, the last thing I'm worried about is a database that shows where I went last month. I'm far more concerned about passwords, financial information, private e-mails, my list of contacts, information that would enable hardcore identity theft, and so on. Who cares if they know I went to Whole Foods last month or that I entered a Starbucks at 2:36 p.m. last Wednesday?
To me, it would be far more problematic if my location data -- and even truly sensitive information -- were being shared without my knowledge with companies I've never heard of. And in fact, that is happening every day.
First, iPhone and Android apps store and share all kinds of data, including location data.
Hundreds or thousands of apps routinely zap location data and personal information back to the companies that made the apps without your knowledge. Many of them share that information with advertisers without your consent. Much of that information is associated with your phone's unique identifier, along with personal data like gender and ZIP code.
Other apps store information that's far more sensitive than location history. Security researcher Michael Sutton found that many apps store data backups, passwords and other login credentials, and other sensitive information in a format that's readable by anyone who downloads a widely available tool from the Internet.
This is a vulnerability that thousands of apps share, including Google Docs, Apple iDisk and Evernote, that store and upload sensitive personal information and have open APIs that essentially hand the keys to that data to many third-party companies.
Unlike many cell-phone-enabled violations of your privacy, whose purpose is mainly to enrich the app maker, the storage of location data on iPhones and the gathering of location data by Android phones at least provide benefits to users and are under user control.
The database works behind the scenes mainly to improve wireless data service, traffic maps and other basic functions of a smartphone.
Location data isn't even gathered if location services are turned off.
Yes, the storage of unencrypted location data on your phone is a potential privacy breach waiting to happen. But there's a whole list of privacy violations taking place through your phone every day.
The hard reality is that there's only one way to guarantee privacy with a cell phone: Remove the battery.
Clarification: This column has been changed since it was originally posted to point out that Evernote is one of thousands of apps with open APIs that are vulnerable to having users' data exposed.
- Why HTC put Windows on its M8 smartphone
- iPhone 5C's China bust raises questions about Apple's pricing for '14 models
- China scrubs Apple's iPad and MacBooks from government buying list
- Navdy's planned heads-up car display works with iPhone or Android
- Circle the date: Apple's iPhone 6 event slated for Sept. 9
- Stable Mac prices fuel reliable profit engine
- Apple will 'set the world on fire' with iPhone 6 sales
- The other Apple economy: $2B in devices on eBay
- Apple sends users scrambling for OS X Yosemite
- Apple grows Mac sales by 18% on the back of the MacBook Air
Read more about Mobile Apps in Computerworld's Mobile Apps Topic Center.
- Vehicles Best Practices Installation Guide With the Vehicle Best Practices Installation Guide you will learn the background on the problems and solutions as well as guidance for the...
- Use the Mobile App Mix to Choose an Enterprise App Store Strategy In this research report Gartner outlines how organizations can optimally secure, distribute, and manage mobile applications for employees and contracted workers.
- Mobile Device Management Policy Best Practices This white paper explores ten policy best-practices for secure and compliant enterprise mobility.
- Mobile Data Security: Finding the Balance Bring Your Own Device has changed the rules for corporate security on smartphones and tablets. Companies need to find the right balance in...
- Managing a Mobile Workforce Learn how this biotechnology company used a mobile device management solution to help secure data accessed by over 125 employees globally.
- Sametime 9.0 Demo Showcasing a simplified user interface for desktop, web and mobile clients, IBM® Sametime® V9.0 is energizing today's enterprise with high definition, real-time communications. All Mobile Apps White Papers | Webcasts