Consumer Tips: Is Your iPhone or iPad taking a bite out of your privacy?
Some of Apple’s products, including iOS 4 iPhones and iPads, have been collecting consumers’ detailed location information and storing the data directly on the devices and on devices they have synced with. Apple has now created a software update (iOS4.3.3 <http://support.apple.com/kb/DL1358?viewlocale=en_US>) that responds to many of these issues. WPF urges all owners of these devices to ensure that they have downloaded the most recent versions of the iOS4 software. Some device owners may also want to opt out of location sharing.
If the devices are left with older versions of the iOS4 software, the data stored on the iPhones and iPads will be unencrypted and can include latitude, longitude, when the location was visited, for how long, and the data could have been collected for as long as a year. Up to 2 MG of data can be stored, which can be a lot of location data.
This tipsheet explains in capsule some of the key issues and discussions regarding this issue. Please note that in addition to the iOS4 devices, some smartphones using Google’s Android system have similar issues. This tipsheet does not cover Android phones specifically.
How do I know if I have an iPhone or iPad that is collecting and storing my location details?
The Apple devices that are collecting and storing detailed location information are iPhones and iPads with the iOS4 operating system. To see what iOS version your device is using, look at the About this iPhone or About this Mac menu item, and see what iOS version number the device lists. If you have any doubts about whether or not your iPhone or iPad is one of those that can track you, see the next bullet point.
How do I know if detailed location data is stored on my phone or iPad?
You can install an app called iPhone Tracker to view your data, if it exists on your device. If you can see information through the iPhone Tracker app, then your Apple has been tracking you. If this is the case, we urge you to update your software immediately.
What can I do to fix this?
Fortunately, you can correct many of the issues related to this problem.
- If you have an iOS4 device, download the software update.
- If you want to remove the cached information from your device, turn off location sharing. You can do this via the iTunes interface.
Why is this collection and storage a potential safety problem?
If the devices are not updated with the software update, and if location sharing is not turned off, the location information Apple is storing on these products can reveal where the devices have been, when, and for how long by longitude and latitude. Anyone who can pick up someone’s iOS4 iPhone or iPad could potentially access this data, view it, and use it to find out where the device owner has spent time, what roads and cities she frequents, and where she has been on what date. The accuracy is potentially quite good.
Many people will be sensitive to having their location data stored on a device they carry around and use everyday — and rightly so. Law enforcement professionals, including police and judges, human rights workers in foreign countries, journalists, and people with location concerns such as victims of domestic violence and stalking have a safety interest in keeping their home addresses, frequently traveled routes, and general geographic patterns private.
Special note for health care providers using iPads and iPhones
If you are a health care provider, and you have been using an iOS4 iPhone or an iPad as part of your practice, it will be especially important for you to take immediate steps to update the software for your devices. This may not solve all of the potential privacy issues, and we encourage health care providers to include smartphones in any HIPAA risk assessments. It may be prudent for health care providers to opt out of location sharing on their devices.
Who can access your location information?
Location information may be available to anyone who can access your iPhone or iPad, if you have not updated the software and if you have not opted out of sharing your location information.
Why was this collection and storage a privacy and consumer rights problem?
Beyond the immediate privacy concerns this issue raised when it was first discovered, there are additional privacy and consumer rights issues this controversy raised. Although Apple has taken steps to correct many of the problems, the rights consumers should have in regards to this data have not changed.
- Consumers should have the right to affirmatively consent to this collection and storage of data on the device, not have it automatically occur with little to no meaningful notice.
- From a security perspective, this data stored on devices should have been encrypted from the very beginning as a matter of course, notwithstanding that it should not have been stored directly on the devices in the first place without express user consent.
- Consumers should have the right and ability to easily delete all of this data from their devices.
- Detailed geo-location data usually requires some legal process (e.g., a subpoena) before a phone company can release the data to the police or in a lawsuit.. But because much or all of the same data is stored on the phone, the legal protections that individuals enjoy may be circumvented by anyone who has direct access to the phone.
- There should be a general policy of not tracking children under 13 with geolocation data stored on devices.
- Individuals who work or live in special circumstances such as overseas human rights workers, members of law enforcement, journalists, and other individuals who need to keep their home, work, and travel patterns private need robust and immediate assistance in removing this information entirely from their devices. [Note: individuals may now update their software and opt out of location sharing, which will reduce the threat initially posed. However, the fact remains that these individuals still need these rights, and these rights remain important.]
- Location-Based Services To provide location-based services on Apple products, Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services. Some location-based services offered by Apple, such as the MobileMe “Find My iPhone” feature, require your personal information for the feature to work.
What has Apple done about this? What is Apple planning to do about this?
Apple has updated its software. Apple has said the following about what the software update will accomplish:
- About iOS 4.3.3 Software Update
- This update contains changes to the iOS crowd-sourced location database cache including:
- Reduces the size of the cache
- No longer backs the cache up to iTunes
- Deletes the cache entirely when Location Services is turned off
Apple has also said that in the next major iOS software release the cache will also be encrypted on the iPhone.
What is being done right now? Where can I find more information?
- Apple has issued an official Q and A about this issue. They have also issued a software update that corrects many (but not all) of the problems noted in this tipsheet. <http://www.apple.com/pr/library/2011/04/27location_qa.html>.
- Researchers Alasdair Allen (Twitter: @aallan) and Pete Warden (Twitter: @petewarden) have published information about this issue. To see their work, please visit <http://radar.oreilly.com/2011/04/apple-location-tracking.html>.
- Paul Corbis also published early, groundbreaking work on this issue, that information is available here: <http://www.courbis.fr/spip.php?page=article&id_article=255>.
- A highly technical description of this type of geolocation issue may be found in an academic paper by Levinson, Stackpole, and Johnson: <http://www.computer.org/portal/web/csdl/doi/10.1109/HICSS.2011.440>
- The iPhone Tracker Application will assist iOS4 device owners to see their data
- Senator Al Franken wrote a letter to Apple with his concerns.
- After publication of the Apple geolocation issue, news about similar features on Google Android systems was also discovered. <http://lastwatchdog.com/googles-android-location-tracking-invasive-iphones/>.
- Apple is being investigated by EU Data Privacy Authorities over this issue. <http://www.tmtlawwatch.com/2011/05/articles/apple-investigated-by-european-privacy-authorities-for-tracking-bug/>.
What more can I do?
Published April 21, 2011. Updated April 28, 2011, updated May 10, 2011.