Apple finally responds to Locationgate, but is it enough?

Apple finally responds to Locationgate, but is it enough?

Summary: Apple issued a statement today in response to Location-gate. The PR nightmare began when a secret tracking database was discovered, unencrypted, on all iOS 4 devices.


Apple issued a statement today in response to Locationgate. The PR nightmare began when a "database of Wi-Fi hotspots and cell towers around your current location" (a.k.a. Consolidated.db) was discovered on iOS 4 devices -- and the computers they're backed up to.

The controversy reached a fevered pitch when researchers released a freeware application that plots the (approximate) location of any iPhone or iPad on a map -- over the course of a year.

People were understandably upset.

Here's the full text of Apple's response:

Apple would like to respond to the questions we have recently received about the gathering and use of location information by our devices.

1. Why is Apple tracking the location of my iPhone? Apple is not tracking the location of your iPhone. Apple has never done so and has no plans to ever do so.

2. Then why is everyone so concerned about this? Providing mobile users with fast and accurate location information while preserving their security and privacy has raised some very complex technical issues which are hard to communicate in a soundbite. Users are confused, partly because the creators of this new technology (including Apple) have not provided enough education about these issues to date.

3. Why is my iPhone logging my location? The iPhone is not logging your location. Rather, it’s maintaining a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than one hundred miles away from your iPhone, to help your iPhone rapidly and accurately calculate its location when requested. Calculating a phone’s location using just GPS satellite data can take up to several minutes. iPhone can reduce this time to just a few seconds by using Wi-Fi hotspot and cell tower data to quickly find GPS satellites, and even triangulate its location using just Wi-Fi hotspot and cell tower data when GPS is not available (such as indoors or in basements). These calculations are performed live on the iPhone using a crowd-sourced database of Wi-Fi hotspot and cell tower data that is generated by tens of millions of iPhones sending the geo-tagged locations of nearby Wi-Fi hotspots and cell towers in an anonymous and encrypted form to Apple.

4. Is this crowd-sourced database stored on the iPhone? The entire crowd-sourced database is too big to store on an iPhone, so we download an appropriate subset (cache) onto each iPhone. This cache is protected but not encrypted, and is backed up in iTunes whenever you back up your iPhone. The backup is encrypted or not, depending on the user settings in iTunes. The location data that researchers are seeing on the iPhone is not the past or present location of the iPhone, but rather the locations of Wi-Fi hotspots and cell towers surrounding the iPhone’s location, which can be more than one hundred miles away from the iPhone. We plan to cease backing up this cache in a software update coming soon (see Software Update section below).

5. Can Apple locate me based on my geo-tagged Wi-Fi hotspot and cell tower data? No. This data is sent to Apple in an anonymous and encrypted form. Apple cannot identify the source of this data.

6. People have identified up to a year’s worth of location data being stored on the iPhone. Why does my iPhone need so much data in order to assist it in finding my location today? This data is not the iPhone’s location data—it is a subset (cache) of the crowd-sourced Wi-Fi hotspot and cell tower database which is downloaded from Apple into the iPhone to assist the iPhone in rapidly and accurately calculating location. The reason the iPhone stores so much data is a bug we uncovered and plan to fix shortly (see Software Update section below). We don’t think the iPhone needs to store more than seven days of this data.

7. When I turn off Location Services, why does my iPhone sometimes continue updating its Wi-Fi and cell tower data from Apple’s crowd-sourced database? It shouldn’t. This is a bug, which we plan to fix shortly (see Software Update section below).

8. What other location data is Apple collecting from the iPhone besides crowd-sourced Wi-Fi hotspot and cell tower data? Apple is now collecting anonymous traffic data to build a crowd-sourced traffic database with the goal of providing iPhone users an improved traffic service in the next couple of years.

9. Does Apple currently provide any data collected from iPhones to third parties? We provide anonymous crash logs from users that have opted in to third-party developers to help them debug their apps. Our iAds advertising system can use location as a factor in targeting ads. Location is not shared with any third party or ad unless the user explicitly approves giving the current location to the current ad (for example, to request the ad locate the Target store nearest them).

10. Does Apple believe that personal information security and privacy are important? Yes, we strongly do. For example, iPhone was the first to ask users to give their permission for each and every app that wanted to use location. Apple will continue to be one of the leaders in strengthening personal information security and privacy.

Software Update Sometime in the next few weeks Apple will release a free iOS software update that:

  • reduces the size of the crowd-sourced Wi-Fi hotspot and cell tower database cached on the iPhone,
  • ceases backing up this cache, and
  • deletes this cache entirely when Location Services is turned off.

In the next major iOS software release the cache will also be encrypted on the iPhone.

Larry Dignan wonders if it was really a bug, and asks if Google is really any better (or worse).

What's your take?


Topic: Apple

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • RE: Apple finally responds to Locationgate, but is it enough?

    It's not a bug. It's by design. Apple designed it that way.
    • Yes, by all evidence Apple designed the software to work that way, since it

      @Dev-Head: ... is the most effective way for cashing and gathering of crowd-sourced database for Assisted part of Assisted-GPS technology.

      That design had nothing malicious in mind (Apple does not track anyone, the data is anonymous indeed), but the matter of confidentiality of users was poorly thought. This was the mistake, <b>not the software bugs</b>.

      They can not admit publicly that it is design mistake since it is harder to explain technically why the design works currently the way it works (though I understand that, common people not), and because, as any other company, Apple maintains that privacy is the first thing they ever care for in whatever they are doing.
      <b>However, as well as with Google numerously in the past, it was not the case with Apple this time.</b>
      • RE: Apple finally responds to Locationgate, but is it enough?

        @denisrs May be you should check this link!5796266/apple-redefines-location-to-justify-stalking
  • Message has been deleted.

  • RE: Apple finally responds to Locationgate, but is it enough?

    The whole event is FUD. Apple does not need to track its users. There are certainly location based services which can be useful and desirable, but Apple gives you the option of participating. If the logged data is going to be eliminated, it is a non-issue.<br><br>This is in complete contrast, all you Android fan-boys, to Google. They make all their money through targeting advertising, and target their advertising based on spying continuously on their users. Why give them a pass? They are much more invasive in their spying. Apple is not a danger to privacy. Google is the biggest danger of all.
  • Bug?

    It is plausible to think of Apple's woes as bugs, if we remember that "bugs" are not restricted to software code. Missed or undocumented requirements, which is probably what happened here, can be considered software bugs or, more properly, defects.
  • It's not enough

    I think Apple should of mentioned something about their devices recording this information before releasing ios 4.
  • RE: Apple finally responds to Locationgate, but is it enough?

    Well done! Thank you very much for professional templates and community edition
    <a href="" title="seslichat">sesli chat</a> <a href="" title="seslisohbet">sesli sohbet</a>
  • RE: Apple finally responds to Locationgate, but is it enough?

    It's scary if there are devices which could track your location, it would be like a <a href="">spy camera video</a>. You are being spied without your knowledge. I think Apple did this as a mistake and not on purpose. I don't think they would want to lose their customers. That would seem like a painful <a href="<br>">acl injury</a> to the company. I hope this incident doesn't happen with iOS 5 because if it does, a lot of users might be switching or <a href="">moving companies </a>.