Apple Lays Out Location Collection Policies

itwbennett writes "In a 13-page reply (PDF) to questions from Congressmen Ed Markey of Massachusetts and Joe Barton of Texas, Apple said iPhones running OS 3.2 or iOS 4 collect GPS data and encrypt it before sending it back to Apple every 12 hours via Wi-Fi. Attached to the GPS data is a random identification number generated by the phone every 24 hours. The information is not associated with a particular customer and Apple uses the data to analyze traffic patterns and density, it said. Apple collects such data from customers who have approved the use of location-based capabilities on the phone and who actually use an application that requires GPS."

Intelligence test

[Concern]

Wow, a new ID every 24 hours, huh? Am I supposed to be impressed? What do you think, are they deliberately creating "anonymizing" measures they can circumvent, or are they just retarded?

Let's just assume it actually works as they say and there isn't some easy way to link the random ID the real phone. Say, by web server logs. Duh.

If I get 24 hours, I get where you woke up this morning and where you'll go to bed tonight. I almost certainly know where you live, and then I know where you were all day. The lat/long itself during stationary periods especially at night is an identifier.

If you guys are comfortable letting Apple or anyone else have this, it's just because your brain hasn't digested what it means yet. Don't worry, wait for the first few scandals. It will take a few years - maybe long enough for every asshole company to start doing this. But it will get easier to understand.

This response by apple is an intelligence test for Congress and for the American public. Sharpen your pencils, let's see if you pass...

Re:Intelligence test

[oodaloop]

Um, they already know where I live. That would be the address where my phone bill arrives. It's also the billing address of the credit card I used to sign up with iTunes. But holy shit, now they know the same thing with GPS! It's like 1984 or something! AAAGGHHHH!!!

Re:Intelligence test

[PseudonymousBraveguy]

They know where you live, but now they also know (and STORE) where you work, where you hang out after work, and to which medical institutions you may go to regulary.

Re:Intelligence test

[openfrog]

You have missed the point.

Having your address in a client database in one thing, collecting your whereabouts is an entirely different one. Thus the claim by Apple and their studied reply to congressman Markey that they dutifully anonymise such information. The grandparent points out that this claim is entirely invalid, and you have done nothing to disprove him.

The grandparent interestingly posits this as an intelligence test for Congress and the American public. Despite your brashness, you seem to have failed it.

Re:Turn the tables!

[morgan_greywolf]

I just read a story about exactly why Apple would want to collect that data. Seems there's been a bit of a tug-of-war between Apple and AT&T on that very subject and it looks like iPhone customers are caught in the middle of it.

Missing the point

[dachshund]

Um, they already know where I live. That would be the address where my phone bill arrives. It's also the billing address of the credit card I used to sign up with iTunes. But holy shit, now they know the same thing with GPS! It's like 1984 or something! AAAGGHHHH!!!

You seem to be missing the point. Apple specifically indicated to Congress that they anonymize location data by assigning a unique random ID every 24 hours. Presumably the goal is to disassociate your location information from the details that Apple already knows, i.e., your name and home address. That way Apple can claim they're not collecting data that would actively violate a user's privacy. More specifically, the theory is to prevent Apple (or someone malicious who obtains the database) from associating "a phone at some series of locations throughout the day" with "John K. Oodaloop at 4945 Spring Place". If this anonymization actually works, then customers can rest easy that they're not carrying an active tracking device with them all day that's recording their movements into a long-lived and possibly ill-secured database.

Clearly this is what Apple would like Congress to believe, anyway, and that's why they're "anonymizing" the data in the first place.

The grandparent poster is pointing out that Apple's anonymization really stinks, and that with some very minimal data mining you should be able to easily de-anonymize it and link those phone movements with the phone's owner. As you point out, Apple already has your billing address (which is likely to be your home or work), so this de-anonymization should be especially trivial. Therefore one can't really credit Apple with anything significant when they say they anonymize your data.

In my mind the fear is /not/ that Apple will track me and sell ads (hey, non-stupid advertising would be an improvement). It's that this data will never ever go away, and will eventually find its way into the hands of third parties who aren't so interested in my well being. For example, it might wind up someday being sold to third party "marketing" agencies, and then eventually to firms that do credit reporting, private investigation, background checks, etc. Mobile phone companies already seem perfectly content to sell my call logs this way, so this isn't without precedent. Or else it will be written to a hard drive that might someday be carelessly thrown away without being properly wiped (after all, the data is "anonymized", so why worry?). While my movements are generally pretty uninteresting, I don't love the idea that by carrying an iPhone I'll be constantly leaving a trail of potentially long-lived breadcrumbs that may never, ever go away.

And no, this isn't limited to Apple. Once it becomes accepted practice, you can be more or less certain that any device with an Internet connection and GPS (which will be a lot of devices in the future!) will be doing the same thing.