Slashdot Mirror
Apple Lays Out Location Collection Policies
itwbennett writes "In a 13-page reply (PDF) to questions from Congressmen Ed Markey of Massachusetts and Joe Barton of Texas, Apple said iPhones running OS 3.2 or iOS 4 collect GPS data and encrypt it before sending it back to Apple every 12 hours via Wi-Fi. Attached to the GPS data is a random identification number generated by the phone every 24 hours. The information is not associated with a particular customer and Apple uses the data to analyze traffic patterns and density, it said. Apple collects such data from customers who have approved the use of location-based capabilities on the phone and who actually use an application that requires GPS."
Wow, a new ID every 24 hours, huh? Am I supposed to be impressed? What do you think, are they deliberately creating "anonymizing" measures they can circumvent, or are they just retarded?
Let's just assume it actually works as they say and there isn't some easy way to link the random ID the real phone. Say, by web server logs. Duh.
If I get 24 hours, I get where you woke up this morning and where you'll go to bed tonight. I almost certainly know where you live, and then I know where you were all day. The lat/long itself during stationary periods especially at night is an identifier.
If you guys are comfortable letting Apple or anyone else have this, it's just because your brain hasn't digested what it means yet. Don't worry, wait for the first few scandals. It will take a few years - maybe long enough for every asshole company to start doing this. But it will get easier to understand.
This response by apple is an intelligence test for Congress and for the American public. Sharpen your pencils, let's see if you pass...
Tired of Political Trolls? Opt Out!
Apple collects such data from customers who have approved the use of location-based capabilities on the phone and who actually use an application that requires GPS."
So basically there is a 13 page document that someone should read when prior to initially powering on the GPS?
Most folks and if I'm honest, myself included would not assume that my using and navigation program would have in any way constituted my intention to let Jobs know where I am and what I am doing.
What's interesting to me is how much this company lies to people and yet so many folks defend them. Take this situation for example, is it true that Apple has buried a "technically" accurate description of that they are doing in their T&C's? Most assuredly. It is also assuredly true that it's written in such a way that the laymen would be oblivious to the fact.
Based on that, there will be many out there who say, Jobs didn't then and fuck you if you ever call him a liar!" To these people I must ask, where do you come from?
I was raised to know that deliberately trying to deceive a person for group of people, whether I use technically accurate information or not, is still lying. I recon these are the same folks who discipline their children with a harsh time-out and no PS3 for 6 hours.
Still, it is indicative of our culture.
I just read a story about exactly why Apple would want to collect that data. Seems there's been a bit of a tug-of-war between Apple and AT&T on that very subject and it looks like iPhone customers are caught in the middle of it.
My blog
Um, they already know where I live. That would be the address where my phone bill arrives. It's also the billing address of the credit card I used to sign up with iTunes. But holy shit, now they know the same thing with GPS! It's like 1984 or something! AAAGGHHHH!!!
You seem to be missing the point. Apple specifically indicated to Congress that they anonymize location data by assigning a unique random ID every 24 hours. Presumably the goal is to disassociate your location information from the details that Apple already knows, i.e., your name and home address. That way Apple can claim they're not collecting data that would actively violate a user's privacy. More specifically, the theory is to prevent Apple (or someone malicious who obtains the database) from associating "a phone at some series of locations throughout the day" with "John K. Oodaloop at 4945 Spring Place". If this anonymization actually works, then customers can rest easy that they're not carrying an active tracking device with them all day that's recording their movements into a long-lived and possibly ill-secured database.
Clearly this is what Apple would like Congress to believe, anyway, and that's why they're "anonymizing" the data in the first place.
The grandparent poster is pointing out that Apple's anonymization really stinks, and that with some very minimal data mining you should be able to easily de-anonymize it and link those phone movements with the phone's owner. As you point out, Apple already has your billing address (which is likely to be your home or work), so this de-anonymization should be especially trivial. Therefore one can't really credit Apple with anything significant when they say they anonymize your data.
In my mind the fear is /not/ that Apple will track me and sell ads (hey, non-stupid advertising would be an improvement). It's that this data will never ever go away, and will eventually find its way into the hands of third parties who aren't so interested in my well being. For example, it might wind up someday being sold to third party "marketing" agencies, and then eventually to firms that do credit reporting, private investigation, background checks, etc. Mobile phone companies already seem perfectly content to sell my call logs this way, so this isn't without precedent. Or else it will be written to a hard drive that might someday be carelessly thrown away without being properly wiped (after all, the data is "anonymized", so why worry?). While my movements are generally pretty uninteresting, I don't love the idea that by carrying an iPhone I'll be constantly leaving a trail of potentially long-lived breadcrumbs that may never, ever go away.
And no, this isn't limited to Apple. Once it becomes accepted practice, you can be more or less certain that any device with an Internet connection and GPS (which will be a lot of devices in the future!) will be doing the same thing.