Apple iPhone becomes lightning rod for public's privacy fears

The big flap in the past few weeks about the Apple iPhone feature that tracks where the phones’ owners have been says more about the public’s enthusiastic yet uncomfortable embrace of new technologies than it does about one company’s privacy and security practices. However, many say Apple hardly deserves a free pass for its part in the controversy.

As the creator of the market’s category-defining smart phone, the company is a victim of its own success as it becomes a lightning rod for the public’s anxiety about the specter of smart phones being used for Big Brother-like tracking of their movements.

But even as Apple CEO Steve Jobs conceded that his industry bears some blame for the public’s fears, many say his statements and his company’s shifty-worded response to the iPhone security gaffe only ratcheted up the confusion and mistrust.

Apple officials will get a chance for a do-over when they head to Washington for a May 10 hearing on protecting mobile privacy. Sen. Al Franken (D-Minn.), chairman of the Senate Judiciary Committee's Privacy, Technology and the Law Subcommittee, has also asked Google, which has had some privacy controversies of its own, to participate in the hearing.

Apple’s troubles started April 20 after a couple of researchers published a blog post detailing how devices running Apple’s iOS 4 operating system, which includes iPhones and 3G iPads, regularly record time stamps and location data in an unprotected file that is stored on the portable devices and backed up to other computers.

Public reaction to the discovery played out in the blogosphere and mainstream press for a week before Apple officials responded.

“As new technology comes into the society, there is a period of adjustment and education,” Jobs told Ina Fried of the Wall Street Journal’s All Things Digital website. “We haven’t — as an industry — done a very good job educating people, I think, as to some of the more subtle things going on here. As such, [people] jumped to a lot of wrong conclusions in the last week.”

In Apple’s official explanation, the company said it has never tracked the location of users’ phones and has only loaded subsets of a "crowdsourced database" about Wi-Fi hot spots and cell towers near a phone’s current location as a way to help the phone more quickly and accurately calculate its location when requested.

Regardless, the recording of as much as a year’s worth of location check-ins in an unsecured file is a major security flaw, and Apple’s explanation didn’t help matters, writes Larry Magid for the San Jose Mercury News.

“Calling it a ‘crowdsourced database’ doesn't change the fact that people can use this file to figure out approximately where you've been,” Magid writes. “It seems that Apple could have explained all this without resorting to what amounts to doublespeak.”

Apple promised to fix the security issues in an upcoming release, including the flaw that allows location data to be collected even after users shut off their devices’ Location Services feature.

So just how worried are people about the idea of being tracked via their smart phones? Answers vary because assessing the real risks can be difficult, and much of it comes down to personal decisions.

Location-aware applications are popular — for example, for finding nearby restaurants or meeting up with friends who are in the same area. But they require users to voluntarily identify their whereabouts. Cellular network carriers have always stored phone users' location data on their presumably secure servers, and others must obtain a court order to access that information.

However, Tom Gibson, in a comment posted on All Things Digital, said the people who are concerned only about location tracking are missing the point.

“Are you only interested in the privacy of your phone's location and nothing else on your phone such as your family contacts (phone numbers, birthdays), notes that may or may not contain passwords, browser history and bookmarks, e-mails?” Gibson asks. “Do you encrypt all the files on your personal computer to protect them? It seems that people haven't thought this through very much.”

About the Author

John Zyskowski is a senior editor of Federal Computer Week. Follow him on Twitter: @ZyskowskiWriter.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.