Smartphone makers are presenting users with a dilemma over privacy and location services.
By Christopher Williams
According to Steve Jobs, Apple’s mercurial chief executive, the controversy of the last two weeks over the way the iPhone has been quietly logging users’ movements was the result of a software “bug” and public misunderstanding.
But the attention garnered by the issue means that despite the deployment of Mr Jobs’ famed “reality distortion field” – the facetious term given in technology circles to his uncanny ability to deflect criticism – many more smartphone owners understand that the device in their pocket can act as a double agent. As well as delivering information to them, it can collect information about them.
Mr Jobs was responding to the work of two British researchers, Alisdair Allen and Pete Warden. Tinkering with their iPhones’ mapping capabilities, they found a log file that contained coordinates based on which mobile phone masts are nearest, along with time stamps, allowing them to plot their own movements going back a year.
Such a record, stored on both the iPhone and its associated computer, would be invaluable to a jealous spouse or a snooping employer. It was quickly found the data was also being sent back to Apple.
In the privacy firestorm that broke out as soon as Mr Allen and Mr Warden reported their findings on the web, it emerged that specialist digital forensics textbooks had already documented the location log and advised investigators on how to exploit it.
Attention quickly turned to other popular smartphone operating systems.
Sure enough, Google Android devices were found to be sniffing out WiFi networks as their owners wander the streets and storing their locations, albeit for a shorter period than the iPhone.
Android handsets also report the data back to Google, and crucially transmit a unique identifier, so the database effectively knows where each user has been and when. From this it would be a simple matter to work out where one lives or works.
Similarly, it emerged that Microsoft Windows Phone 7 handsets send back packages of WiFi and mobile mast location data to headquarters. They do not store a log on the device, but do include a unique device identifier in their frequent dispatches.
Many ordinary users greeted these revelations with shock, but as evidenced by the textbooks that predated the controversy, police and intelligence agencies were way ahead of them.
British police are now trained to seek out smartphones immediately when they seize belongings. In the past, fingerprints might have been the first forensic priority but today it is the digital traces everyone leaves that investigators seek first. There are few things more helpful to a detective than a complete record of a suspect’s movements – and most smartphones can provide exactly that.
Nevertheless, the main reason why the smartphone firms are collecting WiFi and mobile mast locations centrally is benign. A device using GPS alone can take several minutes to pinpoint its location reliably, but one with access to a database of local wireless networks can do it in seconds. Mapping functions or apps that find you a good restaurant nearby are faster and more accurate as a result.
While Apple insists its records are anonymised, according to Professor Ross Anderson, of the University of Cambridge Computer Laboratory, that doesn’t mean individuals cannot be tracked by a determined snooper.
“Anyone who knows where you were at a few definite times in the past can identify your location history from among all the millions of other people’s, and then work out where you were at, say, evenings and weekends,” he explains.
As well as the threat to privacy from location data, campaigners also worry about how it could be exploited commercially. Knowledge of where you’ve been could be very valuable to, say, an advertiser hoping to target you with tailored offers or perhaps more disturbingly, an insurance company checking where you park your car.
The question of whether users are giving full consent for their location to be tracked and used is central to the debate. Few read complex and legalistic smartphone privacy policies, and Apple admitted that it had logged the location of even those who had opted out, blaming a “bug”.
For Steve Jobs the issue is simple however: hand over your location data or severely limit your iPhone’s capabilities.
“If people don’t want to participate in things, they will be able to turn location services off,” he told journalists this week.