This morning convened a Senate Judiciary Committee’s subcommittee on privacy, technology, and law with a hearing about location tracking on mobile phones and heard from representatives of Apple and Google. All of this has reached out of a series of privacy concerns governing location tracking—a fact about iOS devices that was rediscovered by UK researchers in April.
Barron’s is running a comprehensive article about Sen. Al Franken and others grilling the representatives from Apple about the subject,
Bud Tribble is next up, VP of software development at Apple and a longtime Apple employee, and a veteran as well of NeXT and Sun.
He explains the function of the “crowd-sourced location cache” that is stored on Apple’s iPhone and that was the subject of the “locationgate” brouhaha in recent weeks.
“We do not share customer information with third parties without our customers’ explicit consent. Apple does not track users’ locations. Apple has never done so and has no plans to do so. An Apple device does not send to Apple any specific device information associated with a user. The purpose of the cache is to allow the device to more quickly and reliably respond to location requests. Apple was never tracking an individual user’s location. The data seen on the iPhone was not the location past or present of the iPhone, but the location of cell towers surrounding the phone. Although the cache was not encrypted, it was protected from other apps on the phone.”
In good news, Tribble also explained that the 4.3.3 patch for iOS encrypts the location cache as well addresses multiple other concerns about how it endangers customer privacy. It also stops the iOS device from syncing the cache with iTunes—this was really a problem when it was unencrypted.
Both Google and Apple have seen users jumping on this bandwagon and signing on for lawsuits due to fears about violations to their privacy. Apple found themselves facing a pair of lawsuits seeking to bar them from collecting location data; and Google is now staring down the barrel of a class-action for very similar reasons. (Google recently had their S. Korean office raided over location tracking issues.) In fact, the Google Buzz privacy issues from last year were brought up by Sen. Al Franken and others.
Many of the questions concerned why Apple’s devices “track users location” and how they do so. Much of the discussion explained that the cache itself doesn’t track locations of the phone itself, but that of nearby radio sources such as cell towers and WiFi networks. Both Apple and Google use this information to greatly enhance the accuracy of their location-services when GPS doesn’t quite cut it.
The article ends the Apple spokesman questions on a very high note.
Both Google and Apple representatives speak about how they need to go beyond warning users that they are going to track their locations—something that iOS became famous for is that they warned users in the EULA and privacy statement, but nobody reads them. Both mobile device giants agreed that they need to place further indicators on the dashboard and UI of these devices to tell users that location-services is active.
If users can see that an application is using their location data and when (and can control how and why) they might feel better about it.
iOS devices don’t actually emit the users tracked location whereas Android phones do; yet Apple took a great deal more flack in the media for their tracking. Why? Apple devices did so without having users opt-in, they did so secretly, and didn’t turn it off when the users asked. The Android location functions seem to be more comprehensive but they’re much more out in the open and answered readily to user control.