Reading Into Apple’s Q&A on Location Data

| Dave Hamilton's Blog

This morning Apple (finally!) released an official and detailed response to all the questions that surfaced over the last week about the security of Location Services on the iPhone. The history of this is very well documented, and Apple very much needed to respond.

Map and magnifying glass

While reading Apple’s response, there were four messages I found between the lines:

  1. It is now clear that enabling or disabling “Location Services” in prior and current iOS releases only serves to allow or disallow Apps’ access to this data. The iPhone itself is still doing its level best to figure out where it is at all times. Or, more accurately, the iPhone is doing its best to be prepared to figure out where it is: before the iPhone even turns on GPS it can use cell tower and WiFi hotspots to triangulate a “rough guess” location, making it that much faster to ascertain specific location from GPS once that radio is enabled. This saves both time and battery power.

    If the iPhone is already seeing these cell towers and WiFi hotspots at no additional battery/power cost, then it would be silly NOT to cache this data, regardless of whether or not Location Services is enabled. From a programming standpoint this makes good sense. When users see this and don’t understand what they’re seeing, it seems creepy. Plus, in a general (but not necessarily specific) sense, this does track where you’ve been, and that can actually be creepy.

    In today’s Q&A Apple has said that future updates to iOS will no longer do this. The cost will be a potential time delay in the iPhone being able to figure out where you are if you have Location Services off and then turn it on. Many users disable Location Services simply to save battery life, and they will now suffer this delay when re-enabling it (probably less than 30 seconds).

     

  2. In this morning’s statement Apple said the iPhone is caching this “general location” data pretty far back (sometimes up to a year). From a programming standpoint this, again, makes good sense. If you have the data and you don’t need that room for other data, why delete the data? The answer, of course, is when the sum of that data poses a potential privacy risk.

    Apple’s future updates to iOS will limit this to 7 days maximum in the cache. Honestly, I see no downside to this decision.

     

  3. iTunes currently backs up this cache of “general location” data when you backup your iPhone. Akin to #2 above this makes good sense programatically: you have the data why wouldn’t you save it? The answer, of course, is the same as #2.

    In the future your computer won’t back up this data at all. This means if you have to wipe and restore your iPhone from a backup, you’ll do so with Location Services’ cache being completely empty. In all but a few edge cases I can’t see this being an issue for anyone.

     

  4. Apple also said they are “collecting anonymous traffic data to build a crowd-sourced traffic database with the goal of providing iPhone users an improved traffic service in the next couple of years.” This isn’t so much between the lines as it is the lines themselves, but worth noting that Apple is aware of this data and is happy to use it for their own purposes. Note that Google has been doing this for years, and many GPS navigation App vendors do it, as well. The difference is that this is the first time Apple’s being up front about it and, in a rare moment, Apple is also telling us of (some of) its future plans. 

But Do We Believe Apple?

Everything I’ve stated above is under the premise that we’re taking Apple’s Q&A at face value. Do we trust Apple on this one? Again I look to the programmer in me and say yes: it’s the simplest answer to all of this. We have to remember that Apple is (among other things) an engineering company. When building devices and writing code, their main goal is to make something work smoothly, efficiently, and with as little required from the user as possible. I’m sure security factors into their processes, of course, but it’s clear to me that their driving goal is a pristine user experience. If we take Apple at face value, everything they were doing made good sense from that user experience standpoint. Going forward some degrees of that will suffer (but not by much) to ensure users’ privacy is protected.

The big question is how will this shape Apple’s engineering path for the future? The last thing I want is some Windows Vista-like experience where my Mac or iPhone pesters me about every little thing it wants to do before it does it, ensuring I’m as secure (and annoyed!) as possible.

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

7 Comments Leave Your Own

ilikeimac

collecting anonymous traffic data to build a crowd-sourced traffic database with the goal of providing iPhone users an improved traffic service in the next couple of years.

“Traffic” as in automotive traffic? Like those green/yellow/red lines you can enable in Maps? Interesting, but I’m curious about how this works. Is this data generated (partially?) from the number of cell phones whose locations map to a given freeway?

Dave Hamilton

Is this data generated (partially?) from the number of cell phones whose locations map to a given freeway?

Yes, that’s part of it. Services like INRIX consolidate data from a variety of sources, including map-using cell phone users.

prl53

#2, I do see a downside. 7 days is fine if you’re always in the same place. If you aren’t, then you have the same delay you mention in #1. What’s wrong with keeping a year’s worth of data if it will speed things up and reduce battery usage? Too many conspiracy theorists. The iPhone is probably keeping the least amount of information about where it goes. AT&T can probably track every square inch you’ve been to an I don’t hear people screaming at them.

mhikl

A confusing issue that has been better clarified. Good work, Dave.

trrll

I agree with prl53. I am not particularly concerned with somebody who steals my phone being able to figure out the general area where I’ve been. In my case, that’s pretty easy to do in other ways. I don’t think such a marginal increase in privacy justifies even a slight impairment in the function of location services. If that is the price, I hope Apple offers us the option to keep things the way they are.

Dave Hamilton

Good point, @prl53. As I said, it’s possible that delay would be very short-lived, assuming one’s data connection is good. After all, the phone still knows (very quickly) what cell towers and WiFi hotspots it’s seeing. The trick is then getting the lat/long of that from the cloud, and that’s what requires at least a marginal data connection.

Lancashire-Witch

” The last thing I want is some Windows Vista-like experience where my Mac or iPhone pesters me about every little thing it wants to do before it does it, ensuring I?m as secure (and annoyed!) as possible. “

Absolutely.  Imagine being asked if you prefer “privacy” or “find my iPhone” every time you turn it on!  What’s more important?  Finding my iPhone if I lose it - or the thief being able to find me.

Maybe we should continue trust that Apple has thought through the myriad of implications that accompany all design decisions - until someone proves for sure that it hasn’t.

Log-in to comment