Shock: iPhones store location data (Gimme a break...)
Worried about LocationGate? I'll give you something to worry about
Computerworld - Location data retention sounds like a medical condition. In a way, it is. And your phone's probably got it.
We heard about a new scandal this week. iPhones, we discovered, keep a record of every place you've been, or, at least, every place your phone's been. That data is stored in a file on your phone, unencrypted. Shock!
The data could be subpoenaed in a divorce case. PCs and phones could be hacked, and the could be data exposed. The horror!
Congress is outraged: Comedian-turned-grandstanding-senator Al Franken (D-Minn.), and Rep. Ed Markey (D-Mass.) have demanded that Steve Jobs explain himself. And Germany, a country whose national pastime has become the harassment of Silicon Valley companies that may be violating German privacy laws, wants clarification as well.
The self-appointed guardians of privacy are breaking out the pitchforks and torches. The news media have been alerted. TV talking heads are aghast.
Meanwhile, the Wall Street Journal reported that Android phones not only capture location data, but also beam it back to Google every few minutes, along with the phones' unique identifiers and the location of nearby Wi-Fi hot spots. (Google erases the start and end locations for all "trips.")
The Drudge Report linked to the Journal story with this headline: "FOLLOWING YOU: APPLE, GOOGLE PHONES COLLECT DATA." You know it's serious if they use all caps.
The whole affair is a non-issue as far as I'm concerned, and for two reasons. First, we already knew all about it. And second, there are far more serious violations of privacy going on every day that few seem all that concerned about.
One of the most delicious ironies in all this is that Markey demanded -- and received -- an explanation about Apple's location collection policy in July. In response to that request, Apple offered a detailed explanation in a letter to Markey, and Rep. Joe Barton (R-Texas).
Markey could just read the letter he has on file. But his demand looks a lot like political grandstanding and not much like fact-finding.
A few bloggers were talking about this last year, but nobody cared. It's something of a mystery why this has suddenly become an issue.
The least of our location data worries
The biggest reason LocationGate is a non-issue is that it's far less of a privacy concern than other aspects of owning and using a smartphone.
Let's be clear about what's going on here. The scandal around the iPhone's user-tracking capability is that "you" should be the only one in possession of your own location data. Fears center around the "potential" for evil-doers to get their greasy mitts on that data -- something that has not actually happened, as far as I know.
If some shady hacker type steals my iPhone or hacks my laptop, the last thing I'm worried about is a database that shows where I went last month. I'm far more concerned about passwords, financial information, private e-mails, my list of contacts, information that would enable hardcore identity theft, and so on. Who cares if they know I went to Whole Foods last month or that I entered a Starbucks at 2:36 p.m. last Wednesday?
To me, it would be far more problematic if my location data -- and even truly sensitive information -- were being shared without my knowledge with companies I've never heard of. And in fact, that is happening every day.
First, iPhone and Android apps store and share all kinds of data, including location data.
Hundreds or thousands of apps routinely zap location data and personal information back to the companies that made the apps without your knowledge. Many of them share that information with advertisers without your consent. Much of that information is associated with your phone's unique identifier, along with personal data like gender and ZIP code.
Other apps store information that's far more sensitive than location history. Security researcher Michael Sutton found that many apps store data backups, passwords and other login credentials, and other sensitive information in a format that's readable by anyone who downloads a widely available tool from the Internet.
This is a vulnerability that thousands of apps share, including Google Docs, Apple iDisk and Evernote, that store and upload sensitive personal information and have open APIs that essentially hand the keys to that data to many third-party companies.
Unlike many cell-phone-enabled violations of your privacy, whose purpose is mainly to enrich the app maker, the storage of location data on iPhones and the gathering of location data by Android phones at least provide benefits to users and are under user control.
The database works behind the scenes mainly to improve wireless data service, traffic maps and other basic functions of a smartphone.
Location data isn't even gathered if location services are turned off.
Yes, the storage of unencrypted location data on your phone is a potential privacy breach waiting to happen. But there's a whole list of privacy violations taking place through your phone every day.
The hard reality is that there's only one way to guarantee privacy with a cell phone: Remove the battery.
Clarification: This column has been changed since it was originally posted to point out that Evernote is one of thousands of apps with open APIs that are vulnerable to having users' data exposed.
- Apple grows Mac sales by 18% on the back of the MacBook Air
- What to listen for during Apple's earnings call today
- Timeline: How Apple's iOS gained enterprise cred
- Apple and IBM: A winning combo for IT
- IBM and Apple ties go way back
- Apple quickly counters China claim of iPhone spying
- China calls the iPhone and iOS 7 threats to national security
- Apple's CarPlay to dominate infotainment systems, will be in 24M cars by 2019
- Dev interest in OS X Yosemite is 4X what it was for Mavericks in '13
- Apple yanks Google Maps from iCloud's 'Find My iPhone'
Read more about Mobile Apps in Computerworld's Mobile Apps Topic Center.
- Use the Mobile App Mix to Choose an Enterprise App Store Strategy In this research report Gartner outlines how organizations can optimally secure, distribute, and manage mobile applications for employees and contracted workers.
- The Case for Mobile Apps Today's mobile apps turn handheld devices into e-book readers, portable navigation systems, digital wallets and more. And for organizations with mobile workers, they...
- The 5 Big Lies About Going Mobile You've heard about the power of mobile to change your business. But have you realized your mobile potential? It's about much more than...
- Transforming enterprise applications for mobile environments This new white paper explains how Dell Application Modernization and Development Solution Set can help you understand when to develop new mobile apps,...
- On-demand webinar - 7 Keys to Service Catalog Implementation Success Watch this webinar to learn 7 crucial keys to make your service catalog a success!
- Transform Your IT Service Management Watch this webinar, to learn how EasyVista can increase IT productivity & efficiency and deliver streamlined & integrated IT Service & Asset Mgmt. All Mobile Apps White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!