Following the news that the iPhone keeps a log file of the locations users visit, Senator Al Franken (D-MN) sent Apple CEO Steve Jobs a letter (PDF) asking for detailed information about why Apple is storing the information, and whether or not the tracking data has been shared with anyone.
Senator Franken questions Apple’s data policies
Word that the iPhone and 3G-enabled iPad track and log detailed information location data spread like wildfire on Wednesday when two security researchers released an application that overlays the information on a map. The collected data is transfered from user’s iPhones to their computer during a standard synchronization, and the information is stored in an unencrypted file.
The location data files first appeared about the same time as the release of iOS 4 in June 2010, which means that people who have used an iPhone for at least that long could have nearly a year worth of tracking data stored on their computer.
In his letter to Mr. Jobs, Senator Franken voiced his concern that “Anyone who gains access to this single file could likely determine the location of the user’s home, the businesses he frequents, the doctors he visits, the schools his children attend, and the trips he has taken over the past months or even a year.”
He added that the locally stored data could potentially be accessed by viruses and other malicious applications. “There are numerous ways in which this information could be abused by criminals and bad actors,” he said.
Senator Franken included a list of nine question he’d like Mr. Jobs to address promptly:
- Why does Apple collect and compile this location data? Why did Apple choose to initiate tracking this data in its iOS 4 operating system?
- Does Apple collect and compile this location data for laptops?
- How is this data generated? (GPS, cell tower triangulation, Wi-Fi triangulation, etc.)
- How frequently is a user’s location recorded? What triggers the creation of a record of someone’s location?
- How precise is this location data? Can it track the users location to 50 m, 100 m, etc.?
- Why is this data not encrypted? What steps will Apple take to encrypt the data?
- Why were Apple consumers never affirmatively informed of the collection and retention of their location data in this manner? Why did Apple not seek affirmative consent before doing so?
- Does Apple believe that this conduct is permissible under the terms of its privacy policy?
- To whom, if anyone, including Apple, has this data been disclosed? When and why were these disclosures made?
The iPhone stores detailed location data that can be mapped
While the location data logs are stored by default in an unencrypted format, users that enable encrypted backups in iTunes are better protected from prying eyes since their log files will require a password before they can be opened. Blocking access to the location data file doesn’t, however, stop someone from looking at the call history on a phone — which in many cases can be just as revealing as location logs.
Cell service providers log similar data, too, although they maintain the records on their own servers instead of locally on user’s computers.
Apple hasn’t commented yet on its data logging practices, nor has the company confirmed that the data isn’t being shared with third parties, although it’s very likely that it isn’t.
Despite the fact that the location log storage seems limited to user’s mobile devices and computer, Senator Franken isn’t comfortable with Apple’s actions. “Because this data is stored in multiple locations in an unencrypted format, there are various ways third parties could gain access to this file,” he said. “Anyone who finds a lost or stolen iPhone or iPad or who has access to any computer used to sync one of these devices could easily download and map out a customer’s precise movements for months at a time.”
[Thanks to Ars Technica for the heads up.]