Apple to address iPhone tracking concerns with patch

Hot on the heels of yesterday’s lawsuit filing (not to mention all the media commotion), Apple has announced an impending iOS software update meant to tweak the tracking behavior of its devices. The software update will be out some time within the next few weeks. Apple says this update encrypts the location data cache on the iPhone itself and:

• reduces the size of the crowd-sourced Wi-Fi hotspot and cell tower database cached on the iPhone,

• ceases backing up this cache, and

• deletes this cache entirely when Location Services is turned off.

That ought to alleviate most folks’ concerns, I would think. Since the aforementioned lawsuit concerns iOS devices’ past and current behavior, however, I somehow doubt the plaintiffs are considering dropping the case.

As well as announcing the iOS update, Apple has also gone into a little bit of detail about what exactly is tracked and logged—and why—in the current software. In a nutshell, the company says it doesn’t track users’ locations and has never done so; users are merely "confused" because it has "not provided enough education about these issues to date." Here’s what’s really happening, in the company’s words:

The iPhone is not logging your location. Rather, it’s maintaining a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than one hundred miles away from your iPhone, to help your iPhone rapidly and accurately calculate its location when requested. Calculating a phone’s location using just GPS satellite data can take up to several minutes. iPhone can reduce this time to just a few seconds by using Wi-Fi hotspot and cell tower data to quickly find GPS satellites, and even triangulate its location using just Wi-Fi hotspot and cell tower data when GPS is not available (such as indoors or in basements). These calculations are performed live on the iPhone using a crowd-sourced database of Wi-Fi hotspot and cell tower data that is generated by tens of millions of iPhones sending the geo-tagged locations of nearby Wi-Fi hotspots and cell towers in an anonymous and encrypted form to Apple.

This wasn’t all about education, as the company goes on to admit. iPhones aren’t supposed to store months upon months of location data, nor are they meant to continue updating Wi-Fi and cell tower data when Location Services are switched off. Those are alleged bugs. Apple claims only about a week’s worth of location data should be stored, and that the upcoming iOS patch will address the problem (in addition to encrypting the stored data).

It’s nice to see Apple buckle to users’ protests so promptly, though all the media FUD about location tracking probably made some sort of policy change inevitable. Implementing sensible privacy policies and educating users about exactly what their devices track seems like something every major software or hardware vendor should be doing these days.

Comments closed
    • lilbuddhaman
    • 9 years ago

    Seen last night’s South Park ?

    Pretty much that. Except they didn’t make Jobs dying of cancer like he is in real life.

    • MadManOriginal
    • 9 years ago

    Yeah this is horsecrap. A ‘bug’ that’s been around for some 300 days? And they didn’t notice the huge amount of data coming in when they collect the info, or saw the size of the caches? Sounds like some b.s. to me and it makes me glad someone is keeping ‘them; (not just Apple) honest. However I suspect that if such a thing were to recur in the future it would be done much more sneakily. Encrypted, spread around, or just collected more frequently so (for the paranoid) ‘they’ would still have all the same info over time you just wouldn’t know it.

    • green
    • 9 years ago

    can someone with an iphone tell me at what point the phone connects to this crowd sourced database apple has collected and assists in calculating your position?

    as in, is there an app that’s doing this or is it simply part of ios to connect to apple when accurate gps infomation isn’t available?

    i mean overall, it mean your ios device is contacting apple, sending your devices’ unique identifier, and requesting information to get a more accurate fix on your ‘location’. now unless apple is destroying these requests as they come in, or they are tracking you (though just haven’t stiched together the pieces) or they haven’t realised what they’ve said.

    while a-gps has been around for some time now (back in 2005 a network carrier where i am had an opt-in service to let your friends track where you are based on the 3g towers alone), i don’t see

    also anyone find it funny that the apparent ‘cache’ of locations has been persistent and doesn’t get deleted?

      • Namarrgon
      • 9 years ago

      Not just persistent, but it gets backed up too. I’ve never seen a ‘cache’ get backed up before.

      Then there’s the accurate-to-the-minute timestamps too – a location lookup cache shouldn’t need those either. All you’d need for cache trimming (if they did that) would be the nearest month, or better, just cut the LRU entries occasionally.

      I don’t think Apple’s quietly tracking us here (the cell networks already do that), but I don’t think they’re telling the full story either. Still, their suggested “fixes” are welcome.

    • ShadowTiger
    • 9 years ago

    I don’t think it was a bug, I think it was an oversight. I think that they just never bothered to consider what the number of days should be exactly.

    The location services off not working is definitely a bug though… but you would think this would come out in testing. Obviously their testing routine is not robust enough if they want to be worthy of military contracts.

      • thesmileman
      • 9 years ago

      Too bad they already have tons of military contracts.

        • indeego
        • 9 years ago

        Too bad having a military contract isn’t a measure at all of actual security/privacy.

      • NeelyCam
      • 9 years ago

      I think it was pure evilness, but they got caught and started lying about it.

        • Deanjo
        • 9 years ago

        This is Apple, not Intel.

      • designerfx
      • 9 years ago

      dude, you’re such an apple fanboi, you make up an excuse in the face of fact.

      First they said “we don’t do this, but android does”
      Then they said “oh, we did do this, it’s a mistake”
      then they said “oh, government made us do it via emergency location tracking for 911 services”
      then they said “oh, the users are just confused”
      Oh, and guess what? This feature was patented by apple. [url<]http://gawker.com/#!5795442/apple-patent-reveals-extensive-stalking-plans[/url<] on that. This was a patent submitted *last month* to take advantage of this tracking. none of this addresses the fact that they have been tracking locations without user's consent. Know why there's no hubbub about this on android? Because android asks you "DO YOU WANT TO ALLOW LOCATION ACCESS" on first boot of the phone or upon any root/wipe. So while it was buried in a EULA for apple, this is a big deal. This is not a bug, or they wouldn't have danced doublespeak going "we didn't do it" followed by "oops".

    • charles_chang
    • 9 years ago

    But he just said he wasn’t tracking users…

      • ludi
      • 9 years ago

      The good news is, they weren’t tracking users.

      The bad news is, they were “accidentally” obtaining detailed tracking information for the phone handsets, which tend to stay in close proximity to the users.

      But they weren’t tracking the users! Honest!

    • cwditter
    • 9 years ago

    And by “patch” you mean a whole new install of iOS because Apple doesn’t believe in incremental patches……

      • NeelyCam
      • 9 years ago

      Maybe it’ll just “re-define” how the sizes of the files are measured.. much like the antenna “patch” refined what one bar and five bars mean.

      • Deanjo
      • 9 years ago

      Have you looked at a Windows service pack lately? They are usually larger then the original installation media.

        • A_Pickle
        • 9 years ago

        It’s a little different when you’re talking about a desktop and/or a laptop wired or wirelessly connected to a home broadband connection. You’re talking about a 3G smartphone downloading GB of data for a damn patch.

        • BobbinThreadbare
        • 9 years ago

        Right, and the only updates to Windows are service packs.

    • data8504
    • 9 years ago

    A spelling error in the title? That’s a rarity for TR… 😉

      • DancinJack
      • 9 years ago

      Rectified. In less than 10 minutes. Let’s forgive Cyril.

        • dpaus
        • 9 years ago

        Embarrassed a bit, think I he was.

          • sweatshopking
          • 9 years ago

          it’s ok. he’s french. I can’t spell anything in english, and it’s my first language!

            • indeego
            • 9 years ago

            [b<]E[/b<]nglish. Just sayin'.

            • axeman
            • 9 years ago

            a-n-y-t-h-i-n-g

            Looks right to me!

Pin It on Pinterest

Share This