A “secret” file discovered on the iPhone, which records location details and timings, can be viewed via simple software and Channel 4 News has learned it is possible the data is being sent to Apple.
The discovery of a “secret” file on the iPhone – which records and stores a mobile user’s locations and timings – is raising questions about security, privacy and what the data could be used for in the future.
Two researchers have built an open-source application called iPhone Tracker where you can see for yourself what is on the file, hidden inside your handset. The information is also copied to your computer when you “sync” with iTunes.
The users should always be in control. Manufacturers and developers who forget this risk losing the trust of the public in the long term. Matt Brian
In an open letter to Apple CEO Steve Jobs, Privacy International‘s director Simon Davies has asked for the file’s purpose to be made clear, saying: “Location is highly sensitive because it can indicate where someone’s home is, where they work, what church or political rally they attend. In the wrong hands this information can be very dangerous.”
(Above: details of Channel 4 News Technology Correspondent Benjamin Cohen‘s movements, as recorded by his iPhone)
Matt Brian, mobile editor of The Next Web, told Channel 4 News “the file does secretly collect location data”.
He explained: “The file resides either on the iPhone/iPad or a user’s computer and would only show the device’s location on a map at a given point in time, no additional information is stored.
“I guess that as gadgets incorporate more powerful technology, the risk that sensitive information can be exposed does increase. However, in this case, data has not been exposed and the location functionality is needed to power built-in apps including Google Maps and the camera to tag geolocational data [the ability to pinpoint the location of your photos is a popular iPhone feature].”
The idea that something so apparently useful would not be buried deep… takes the wind out of some of the Apple is the evil empire stuff. Andy Dickinson
Mr Brian said: “Apple calls this function ‘Core Location’ and developers are able to access this to create their own applications to tag geographical data to media and locations.
“Most [non Apple] gadgets will not willingly expose information, it requires quite a bit of digging to gain access to such data [not in Apple’s case, it’s an easily accessible file that isn’t hidden], but you can argue that data should not be made available in any form, even if individuals do try to obtain it,” he added.
“Facebook and other social media services invite us to share more of our lives than before, the users should always be in control. Manufacturers and developers who forget this risk losing the trust of the public in the long term.”
Assistant editor of Wired magazine Tom Cheshire told Channel 4 News: “Attempts to take privacy back in the digital age have stalled through lack of interest. Most people worry about this with Facebook and oversharing there, but that’s not much of a problem: people have to share actively, even if they sometimes may not be sure who they’re sharing with.
“But with mobiles, people don’t realise the data they’re surrendering merely by having a phone on them, data of the most personal sort: location etc.”
It appears the “secret” file has been active since Apple’s iOS update in June 2010. It contains longitude and latitude information along with time stamps, which can be seen in map form (above) simply by plugging a mobile phone into iTunes and downloading the iPhone tracker software.
The fear is that this data could be accessed when a phone is stolen or, perhaps, by someone wanting to “spy” on a partner’s movements. In extreme cases, it is possible the data could compromise iPhone owners in location-sensitive careers such as the military.
It is not clear if the location database the researchers found and the “batched” location information Apple records on the device are the same file. But it does seem very likely.
It would seem that such data could be useful in future for advertising purposes.
For example, says Tom Cheshire, “when you visit a city, you could be reminded of your previous visit – photos you took and the people you met”.
Digital Media expert Andy Dickinson told Channel 4 News: “The idea that something so apparently useful would not be buried deep in Apple proprietary stuff does underline the benign motivation for gathering the content and take the wind out of some of the Apple is the evil empire stuff.”
(Above: excerpt from an Apple document sent to the House of Representatives in 2010.)
Whatever the data’s future purpose, critics say it is unfair that mobile owners were not made fully aware of the file. However Apple does refer to “location-based services” in its iTunes software terms and conditions, saying that “Apple and our partners and licensees may collect, use, and share precise location data”. As with the document sent by Apple’s Bruce Sewell to the US House of Representatives in 2010, the firm ensures that any such data will only be used “anonymously”.
But Vanessa Barnett, a technology lawyer from Berwin Leighton Paisner, told Channel 4 News there is more than a grey area in this regard.
She said: “Yes, of course there is an argument that iPhone users have consented: there is a generic phrase in the T+Cs.
“However, the law requires that consent be freely given, specific and informed. If instead of the generic statement in the T+Cs it said ‘we may build a location data file on your iphone, which is not encrypted and any app can access it’ it is likely that many users would not so happily consent.
“This does not meet the current guidance on privacy in the UK, where consent is viewed not in terms of legal technicalities but in terms of whether individuals fully appreciate what they are consenting to.”
Speaking at a conference in June 2010, Steve Jobs told delegates that “privacy means people know what they are signing up for in plain English”.
He added: “Some people want to share more data. Ask them. Ask them every time. Let them know precisely what you are going to do with their data.”
Channel 4 News contacted Apple but the firm declined to comment.
Twitter comments: are you worried your iPhone is tracking you?
@Makeda_Evans What's the purpose for collecting that data? #BigBrother
@MsGenealogist Er, yes, I'd be concerned. iPod Touch as well? Or just iPhone?
@WebbPix yes - very bad news for journos. or protestors in countries with anti protest/dissent position. v bad
@jmescissorhands it doesn't bother me in the slightest x but I would like to be able to see this file x
@richmbrady Not really. I log in, location wise, to a dozen apps anyway. Is it any worse than CCTV or card companies logging purchases?
@asanders what's worrying is the secrecy, not being able to opt out. apple make developers ask permission to use location.
@jjosborne Anyone who freaks out because their location-aware phone has a record of where they've been shouldn't be allowed to have one.
@fromepudding if I had a more exciting life then maybe!