Last week, Security researchers revealed that iPhone and iPad 3G regularly tracks the location of your iOS device and records the co-ordinates along with timestamp in a hidden file.
Bloomberg has reported that the controversy, which is being dubbed Locationgate has landed Apple into trouble as they are now being investigated by privacy regulators in South Korea, France, Italy and Germany.
The Korea Communications Commission asked Apple how often information is collected and saved, and whether users have a choice over whether it is saved or deleted, the commission said in an e-mailed statement today. Apple must explain why such data is saved on devices and if it’s stored on the company’s servers.[..]
[..] Apple has been investigated by French, German and Italian privacy regulators since analysts reported the company’s devices track and store data about the movements of iPhone and iPad users.
Meanwhile, in the US, Senator Al Franken has written an open letter to Apple’s CEO Steve Jobs stating that the Locationgate episode has raised the following questions:
1. Why does Apple collect and compile this location data? Why did Apple choose to initiate tracking this data in its iOS 4 operating system?
2. Does Apple collect and compile this location data for laptops?
3. How is this data generated? (GPS, cell tower triangulation, Wi-Fi triangulation, etc.)
4. How frequently is a user’s location recorded? What triggers the creation of a record of someone’s location?
5. How precise is this location data? Can it track the users location to 50 m, 100 m, etc.?
6. Why is this data not encrypted? What steps will Apple take to encrypt the data?
7. Why were Apple consumers never affirmatively informed of the collection and retention of their location data in this manner? Why did Apple not seek affirmative consent before doing so?
9. To whom, if anyone, including Apple, has this data been disclosed? When and why were these disclosures made?
You can read the entire letter here.
As reported earlier, John Gruber of Daring Fireball has mentioned that according to his source the issue is a bug:
consolidated.db acts as a cache for location data, and that historical data should be getting culled but isn’t, either due to a bug or, more likely, an oversight. I.e. someone wrote the code to cache location data but never wrote code to cull non-recent entries from the cache, so that a database that’s meant to serve as a cache of your recent location data is instead a persistent log of your location history. I’d wager this gets fixed in the next iOS update.
Though Apple has not issued an official statement so far, it seems likely that Apple will release an iOS software update (iOS 4.3.3) to address this issue.
In the meantime, if you’re worried about someone accessing the hidden file with your location information then you can encrypt the iPhone backups through iTunes to prevent it (click on your device within iTunes and then check “Encrypt iPhone Backup” under the “Options” area).
Do you think this is blown out of proportion? Please share your views in the comments section below.