Apple iPhone becomes lightning rod for public's privacy fears

The big flap in the past few weeks about the Apple iPhone feature that tracks where the phones’ owners have been says more about the public’s enthusiastic yet uncomfortable embrace of new technologies than it does about one company’s privacy and security practices. However, many say Apple hardly deserves a free pass for its part in the controversy.

As the creator of the market’s category-defining smart phone, the company is a victim of its own success as it becomes a lightning rod for the public’s anxiety about the specter of smart phones being used for Big Brother-like tracking of their movements.

But even as Apple CEO Steve Jobs conceded that his industry bears some blame for the public’s fears, many say his statements and his company’s shifty-worded response to the iPhone security gaffe only ratcheted up the confusion and mistrust.

Apple officials will get a chance for a do-over when they head to Washington for a May 10 hearing on protecting mobile privacy. Sen. Al Franken (D-Minn.), chairman of the Senate Judiciary Committee's Privacy, Technology and the Law Subcommittee, has also asked Google, which has had some privacy controversies of its own, to participate in the hearing.

Apple’s troubles started April 20 after a couple of researchers published a blog post detailing how devices running Apple’s iOS 4 operating system, which includes iPhones and 3G iPads, regularly record time stamps and location data in an unprotected file that is stored on the portable devices and backed up to other computers.

Public reaction to the discovery played out in the blogosphere and mainstream press for a week before Apple officials responded.

“As new technology comes into the society, there is a period of adjustment and education,” Jobs told Ina Fried of the Wall Street Journal’s All Things Digital website. “We haven’t — as an industry — done a very good job educating people, I think, as to some of the more subtle things going on here. As such, [people] jumped to a lot of wrong conclusions in the last week.”

In Apple’s official explanation, the company said it has never tracked the location of users’ phones and has only loaded subsets of a "crowdsourced database" about Wi-Fi hot spots and cell towers near a phone’s current location as a way to help the phone more quickly and accurately calculate its location when requested.

Regardless, the recording of as much as a year’s worth of location check-ins in an unsecured file is a major security flaw, and Apple’s explanation didn’t help matters, writes Larry Magid for the San Jose Mercury News.

“Calling it a ‘crowdsourced database’ doesn't change the fact that people can use this file to figure out approximately where you've been,” Magid writes. “It seems that Apple could have explained all this without resorting to what amounts to doublespeak.”

Apple promised to fix the security issues in an upcoming release, including the flaw that allows location data to be collected even after users shut off their devices’ Location Services feature.

So just how worried are people about the idea of being tracked via their smart phones? Answers vary because assessing the real risks can be difficult, and much of it comes down to personal decisions.

Location-aware applications are popular — for example, for finding nearby restaurants or meeting up with friends who are in the same area. But they require users to voluntarily identify their whereabouts. Cellular network carriers have always stored phone users' location data on their presumably secure servers, and others must obtain a court order to access that information.

However, Tom Gibson, in a comment posted on All Things Digital, said the people who are concerned only about location tracking are missing the point.

“Are you only interested in the privacy of your phone's location and nothing else on your phone such as your family contacts (phone numbers, birthdays), notes that may or may not contain passwords, browser history and bookmarks, e-mails?” Gibson asks. “Do you encrypt all the files on your personal computer to protect them? It seems that people haven't thought this through very much.”

About the Author

John Zyskowski is a senior editor of Federal Computer Week. Follow him on Twitter: @ZyskowskiWriter.

Featured

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.