Privacy Alert: Your iPhone Knows Where You Go, and Tracks it Too

The operating software on your iPad and iPhone contains a hidden feature that tracks your every move and logs it into a file that can be synced and stored on your PC or Mac and made available to anyone with access. How worried are you?

The operating software on your iPad and iPhone contains a hidden feature that tracks your every move and logs it into a file that can be synced and stored on your PC or Mac and made available to anyone with access.  How worried are you?

The revelation on Wednesday by British researchers that Apple’s iOS 4 software automatically, intentionally and regularly records users’ location into a hidden file quickly sent shock waves among consumers, Apple devotees and even Congress.

As explained by The Guardian, which first broke the story:

“Security researchers have discovered that Apple’s iPhone keeps track of where you go – and saves every detail of it to a secret file on the device which is then copied to the owner’s computer when the two are synchronised.

The file contains the latitude and longitude of the phone’s recorded coordinates along with a timestamp, meaning that anyone who stole the phone or the computer could discover details about the owner’s movements using a simple program.”

The researchers themselves, Alasdair Allan and Pete Warden, published their findings on O’Reilly Radar before presenting them at the Where 2.0 conference in San Francisco.

“Apple has made it possible for almost anybody – a jealous spouse, a private detective – with access to your phone or computer to get detailed information about where you’ve been,” said Warden, who also noted the “data-gathering isn’t accidental.”

Researchers say the recording of the data may have started in June 2010, with the release of the iOS 4 software update.

Beyond the obvious invasion of privacy concerns, why should consumers be worried?  Warden explains that too:

“The most immediate problem is that this data is stored in an easily-readable form on your machine. Any other program you run or user with access to your machine can look through it.

The more fundamental problem is that Apple are collecting this information at all. Cell-phone providers collect similar data almost inevitably as part of their operations, but it’s kept behind their firewall. It normally requires a court order to gain access to it, whereas this is available to anyone who can get their hands on your phone or computer.

By passively logging your location without your permission, Apple have made it possible for anyone from a jealous spouse to a private investigator to get a detailed picture of your movements.”

Meanwhile, Apple has so far declined to comment on why the file is created or whether it can be disabled.

And that silence, not surprisingly, is not sitting well with the Federal Communications Commission (FCC), or Congress.

An FCC official told Politico the agency is “looking into the matter,” while key Members of Congress with in both the House and the Senate with control over privacy and tech issues took a more direct approach towards Apple.

Sen. Al Franken (D-Minn.), head of the Senate Judiciary Committee’s new privacy panel, sent a letter to Apple CEO Steve Jobs late Wednesday asking the company why the hidden feature was even included in the iOS software.

And Rep. Jay Inslee (D-Wash.), a member of the House Energy and Commerce Committee, confronted Apple in a statement and pledged to draft “comprehensive online privacy legislation” that would keep the heat on the issue, and Apple.

“I intend to ask Apple and the federal agencies charged with oversight some very direct questions to understand the frequency and extent of this data collection and the use, protection and sharing of this sensitive information,” Inslee wrote.  “This episode, and many others, illustrates the need for enhanced government oversight of data collection activities.”

Keeping the focus on Apple, and other tech companies, is a route the researchers would likely recommend.

In a video posted along with their study’s findings, Allan and Warden say there’s “no immediate harm” from the availability of users’ data, but caution that “why this data is stored and how Apple intends to use it — or not — are important questions that need to be explored.”

They also say there is “even more data that we have yet to look at in depth,” with Allen himself discovering “ hundreds of thousands of wireless access points” that his own iPhone had been in range of.

Along with their startling findings, the researchers also released a software program that iPhone users can download to look at their own data.

They also recommend iPhone and iPad users take immediate action by encrypting their backups on iTunes. (Within iTunes, click on your device and then check “Encrypt iPhone Backup” under “Options.”).

Tell us what you think iPhone and iPad users.  Is the new researcher a deal-breaker?