Apple iPhone becomes lightning rod for public's privacy fears
- By John Zyskowski
- May 05, 2011
The big flap in the past few weeks about the Apple iPhone feature that tracks where the phones’ owners have been says more about the public’s enthusiastic yet uncomfortable embrace of new technologies than it does about one company’s privacy and security practices. However, many say Apple hardly deserves a free pass for its part in the controversy.
As the creator of the market’s category-defining smart phone, the company is a victim of its own success as it becomes a lightning rod for the public’s anxiety about the specter of smart phones being used for Big Brother-like tracking of their movements.
But even as Apple CEO Steve Jobs conceded that his industry bears some blame for the public’s fears, many say his statements and his company’s shifty-worded response to the iPhone security gaffe only ratcheted up the confusion and mistrust.
Apple officials will get a chance for a do-over when they head to Washington for a May 10 hearing on protecting mobile privacy. Sen. Al Franken (D-Minn.), chairman of the Senate Judiciary Committee's Privacy, Technology and the Law Subcommittee, has also asked Google, which has had some privacy controversies of its own, to participate in the hearing.
Apple’s troubles started April 20 after a couple of researchers published a blog post detailing how devices running Apple’s iOS 4 operating system, which includes iPhones and 3G iPads, regularly record time stamps and location data in an unprotected file that is stored on the portable devices and backed up to other computers.
Public reaction to the discovery played out in the blogosphere and mainstream press for a week before Apple officials responded.
“As new technology comes into the society, there is a period of adjustment and education,” Jobs told Ina Fried of the Wall Street Journal’s All Things Digital website. “We haven’t — as an industry — done a very good job educating people, I think, as to some of the more subtle things going on here. As such, [people] jumped to a lot of wrong conclusions in the last week.”
In Apple’s official explanation, the company said it has never tracked the location of users’ phones and has only loaded subsets of a "crowdsourced database" about Wi-Fi hot spots and cell towers near a phone’s current location as a way to help the phone more quickly and accurately calculate its location when requested.
Regardless, the recording of as much as a year’s worth of location check-ins in an unsecured file is a major security flaw, and Apple’s explanation didn’t help matters, writes Larry Magid for the San Jose Mercury News.
“Calling it a ‘crowdsourced database’ doesn't change the fact that people can use this file to figure out approximately where you've been,” Magid writes. “It seems that Apple could have explained all this without resorting to what amounts to doublespeak.”
Apple promised to fix the security issues in an upcoming release, including the flaw that allows location data to be collected even after users shut off their devices’ Location Services feature.
So just how worried are people about the idea of being tracked via their smart phones? Answers vary because assessing the real risks can be difficult, and much of it comes down to personal decisions.
Location-aware applications are popular — for example, for finding nearby restaurants or meeting up with friends who are in the same area. But they require users to voluntarily identify their whereabouts. Cellular network carriers have always stored phone users' location data on their presumably secure servers, and others must obtain a court order to access that information.
However, Tom Gibson, in a comment posted on All Things Digital, said the people who are concerned only about location tracking are missing the point.
“Are you only interested in the privacy of your phone's location and nothing else on your phone such as your family contacts (phone numbers, birthdays), notes that may or may not contain passwords, browser history and bookmarks, e-mails?” Gibson asks. “Do you encrypt all the files on your personal computer to protect them? It seems that people haven't thought this through very much.”
John Zyskowski is a senior editor of Federal Computer Week. Follow him on Twitter: @ZyskowskiWriter.