Location and Privacy

Yesterday a story about Apple’s unauthorised logging of timestamped location data on iPhones running iOS 4.x versions of the system software was published in several articles in technical and mainstream media worldwide. This is important, not only because of the ubiquity of location-based services available to consumers worldwide and the significance of location in safeguarding the privacy of individuals, but also because of the differences in legislation in different regions, the lack of transparency in the organisations that do gather data and the complete ignorance of those users whose data is being collected both with respect to the fact itself and the uses that they undergo.

When we first introduced AthensBook, in early 2009, we went through the ‘hassle’ of researching (with the assistance of a small legal team that advise us on legal issues) the whole topic of privacy and location in Greece and the European Union. We also observed what manufacturers, be it hardware or system software, do. To our surprise we realised the following:

  • Manufacturers implicitly (and, in some cases, explicitly) ask for the users’ permission to use their location for one reason or another. Google, in its Android operating system, for example, asks for the user’s consent when he or she tries to enable Wifi/Cell-ID-based positioning. The message states that the service will anonymously gather data even when no applications make use of location services. This is Google’s way of maintaining and improving its cell triangulation and BSSID databases, important features of most modern smartphones that vastly accelerate the process positioning and, along with A-GPS, provide extremely accurate location data that would be impossible with off-line GPS devices of that size and power profile. There is no guarantee on what the company will do with the data, of course.
  • People have no idea that this is happening, in most cases. We’ve had Android users ask us about the data AthensBook gathers from its users and seeming very concerned about their location being ‘sent’ to a remote server. Those same people were totally oblivious of the kind of data Google is gathering from their devices all the time, despite the fact that they agreed to it when they enabled location services on their phone.
  • People are most likely to trust large corporations and be wary of smaller startups making use of location data, even if the latter have a published, clear and transparent privacy policy and terms of use.
  • Even within the EU there are varying levels of legislative control over how location is classified and what can application service providers can do with it.

There seems to be widespread ignorance among the population about what their devices can do, what the companies that manufacture and sell them do with their data and what applications do. It is easy to agree to a long text titled ‘Terms of Use’ or ‘Privacy Policy’ without reading it, but most of the time people are totally clueless about their rights and whether they have voluntarily gave them up when they agreed to use Google’s or Apple’s latest and greatest gadget.

Apple’s behaviour with iOS is not unique (or very extreme, as long as the data never left the phone), yet the way it has been portrayed in the media has caused a furore in some circles. Senator Al Franken of the United States Senate publicly asked the company a number of questions. Among them the Senator asks: “Why is this data not encrypted? What steps will Apple take to encrypt the data?” and “How precise is this location data? Can it track the users location to 50 m, 100 m, etc.?”.

I was surprised to read those questions as they had little to do with the issuem or rather are assuming that we have accepted what seems to me as the main issue here, which is whether Apple has the right to log for long periods of time location data on our devices without ever asking for it*. We shouldn’t be asking Apple to take any steps to encrypt the data or details about the frequency, accuracy, periodicity and location data source, before Apple provided a good reason for storing and maintaining this data in the first place. That they did so without asking for the user’s permission should be the number one question — and perhaps a good reason for many people to take Apple to court if the company has no justification for it. That they stored the data unencrypted on the device is certainly important, but secondary. The Senator’s questions, while on the whole reasonable, mislead the reader by shifting the issue to the implementation details of Apple’s data-gathering, whereas the issue is much more fundamental: It is a privacy issue, a rights issue, an issue of the company respecting its users and its customers by asking them before it stored their location over time. Why, you may ask? Doesn’t the device already contain so much personal data? Why should the company ask to ‘store’ (not transmit) location data on the device? And you would probably have a point, if it weren’t for the fact that location is dealt separately from other ‘personal data’ in many jurisdictions; something that I am sure Apple’s knows (the company probably never expected anyone to dig into the consolidated.db file) as does Google (which specifically asks the user for their consent, even though what it does is much worse than what Apple has been reported to do: they send the location data — periodically — to their servers).

We have been researching many ways we could use our aggregated, anonymous user data, both to improve our service and to provide additional features. For example, our recommendations engine makes heavy use of the historic usage data that has been gathered through AthensBook and ThessBook. Our real-time traffic information might one day be augmented through what the industry calls, Floating Car Data, in our case location data retrieved from our users and subsequently processed to reach meaningful conclusions about the traffic conditions on the road network.

There are so many applications for which location data is a prerequisite. And there is nothing wrong with using location data as long as it is done legally and with the users’ consent. What I am concerned about, primarily as a user and secondly as an entrepreneur offering services that depend on location data, is how some companies may take it too far, ignore and violate the laws of many jurisdictions where they operate — the internet and the various smartphone ‘software stores’ have long rendered local and regional borders into a formality that does not typically restrict the availability of software — and in the process dæmonise ‘location’, scaring the population and the legislators into tighter control, a longer bureaucratic process and worse services for everyone. And that would be a shame.

* There may very well be legitimate technical and/or legal reasons for doing so. Forensics is one, for example. Yet, if my government (unlikely) or the US Government (more likely) want to log my location on my phone and be able to use it, if need be, then I should know about it and have accepted it, at least as far as the law goes.

3 Responses to “Location and Privacy”

  1. vrypan says:

    Even though most users were concerned about “Apple tracking them”, IMHO, the most important implication of the story was that other people could easily track you too.

    A good example: an illegal love affair. You are sure your home computer has no traces of your affair. You just use it to do business and sync your iTunes songs to your iPhone. Right? Wrong. In there, are all your moves, available to your spouse -all he/she have to do is run a script.

  2. cosmix says:

    Indeed. However, let’s not get carried away here. If your spouse knew about consolidated.db, if she knew about scripting, extracting and processing the location information off your iTunes account (which probably resides on your home computer in iTunes which should be encrypted (iTunes) and protected (file permissions on your user account), then she’d probably be able to find your location with other means.

    The main issue here is not that the device stored location history — this proved to be a bug and Apple stated they’ll fix it in the future. It is that they were doing so without explicitly letting the user know, contrary to active legislation etc. Everything else, including spousal tracking, is a sideshow I think.

{Ping,Track}backs

Have your say.

Write in the language of the post. Comments are meant to encourage on-topic discussion. For general comments, observations, complaints (e.g. about the site), you can use the form found in the Contact page. Make sure you've read the Terms of Use before commenting.

Comments Feed for this post Comments Feed for this entry.

DigitalOcean. Affordable, Fast, SSD VPS