Slashdot Mirror
Steve Jobs: 'We Don't Track Anyone'
fysdt writes "There has obviously been a lot of discussion about last week's disclosure that iOS devices are maintaining an easily-accessible database tracking the movements of users dating back to the introduction of iOS 4 a year ago. The issue has garnered the attention of US elected officials and has played fairly heavily in the mainstream press. One MacRumors reader emailed Apple CEO Steve Jobs asking for clarification on the issue while hinting about a switch to Android if adequate explanations are not forthcoming. Jobs reportedly responded, turning the tables by claiming both that Apple does not track users and that Android does, while referring to the information about iOS shared in the media as 'false.'"
Apple has now been hit with a class-action lawsuit over the location-tracking issue.
Not one specific person, anyway. More like "everyone". See the difference?
Is it even important whether Google does it or not? It's still wrong.
...and we can see you're holding it wrong
And you're wearing the same T-shirt 2 days running
That statement was actually written more than a year ago.
He thinks your attention span is so low that ... hey look a puppy.
Then why did they come out with a statement last week saying they *had* to track users to give them the best experience? I'm not buying what Steve's selling.
They didn't. Last June they said something to the effect of, "If users opt-in to location services, they are opting in us collecting that information. This is the only way for this system to work." This came up last week in the hubbub about the tower data being stored in perpetuity on the phone. But these are completely separate issues.
AFAIK, there is no evidence that the tower data is being transmitted anywhere, so it is reasonable for Apple to say that they don't track anyone. They made a device that privately stores this data. I don't think anyone thinks that the way this data is being stored is the right way to do it, but just because the device stores that data, that doesn't mean that Apple is "tracking" you.
There aint no pancake so thin it doesn't have two sides.
The other guy also truncates the record to a reasonable size, something like 250 entries total (between cell and wifi). Honestly, keeping a cache of the last one or two hundred locations seems reasonable to improve performance. Keeping a cache of the last several thousand locations seems like... well, like a lawsuit waiting to happen if nothing else.
It has meanwhile been debunked that this file tracks the location of the iPhone. It draws a map of locations of cell towers. The positions in this file are not the position of the iPhone when the user used a location app, the positions are the locations of the cell towers the iPhone saw in this moment. This is pretty clear now. The cell tower ID is the UNIQUE ID of the database, there are only clusters of tower locations saved at the same time with locations miles apart and NONE of these are the actual position of your phone.
Some real world testing: http://www.willclarke.net/?p=247
And yes, this also paints a rough picture of where you used location services, because only the stations around the places where you used location services are in this database. But: The stations are miles around your real position and since there is no signal strength info saved triangulation is not possible. I have found stations recorded that were up to ten miles away from my true position and hardly any stations nearer than half a mile (you'd need to stand right under a cell tower and use Google Maps there to have the position of the iPhone and the tower match by accident, so this happens almost never and the data shows exactly that).
So: The iPhone builds a local database with a network topography map and never throws it away. If it would throw that info away it would need to ask external databases (of Google or SkyHook) instead to learn the coordinates of the towers that it sees. By doing so it would neccessarily TELL these providers where it is.
Basically you have the choice of your phone tracking you (very roughly) in an internal database or have someone else providing an external database and by this tracking your phone. The iPhone does the first, Android does the latter (and Android even sends the Unique Device ID along). Believe it or not, but technically Jobs is right. The iPhone tracks you in an internal database, but with Android Google tracks your phone in external databases.
I don't expect many people to understand that though. Even with much explaining to basically neutral people hardly more than 5 of ten understand how positioning works and what it implies. Or what a "Unique Device ID" is.
Just as an example: Android sends along the Unique Device ID and the Carrier User ID when sending you location data to AdMob customers. iOS (iAd) sends a random ID that is generated twice daily on the iPhone. What's more wrong?
And I'm really curious how you want to have fast positioning without knowing the positions of cell towers. Either the phone saves the positions in an internal database (as the iPhone does) or it has to ask external databases every time. And if your phone asks Google's or SkyHook's servers where the cell towers are that it sees, Google/SkyHook then know where you are. You have basically the choice of your phone tracking you in an internal database or have others track your phone in their database. This is somewhat similar to local storage for documents or storing it in the cloud: In the first case someone stealing your phone can get at your documents. Put them into the cloud and someone else already has them.
I just can't believe that "nerds" are complaining that the iPhone tries to lessen the dependence on external services by building an internal database of cell tower locations. Yeah, if someone steals your iPhone he can see roughly where you have been at least once. But then he also has your address book and your call and SMS history and your browser history and all other data on it. So remote wipe it immediately and be done with it.
"And then you proceed to not back up your claim with any actual data."
"The difference is I'll bet from an Android app I could read that cache and from iOS you cannot."
Well, I wish you had backed up your claim with actual data, as you say.
Author of the tool that reads android's location file says: "You will need root access to the device to read this directory." Which means you can't do that with an app. ;)
To make things even funnier, its *almost* the other way around. From your desktop, any app could read your iphone's location data from any of your iTunes backups.
Hey guys, you know that profitable thing you think we've been doing? You know, the one that causes bad press. We're totally not doing it.
-Guy that's being accused
Help fight spam
If you're talking about information being sent to Apple then it's a "no". But if you define it as recorded locally, then "yes".
We know the information is being sent to Apple, and we know the official reasons "why" too: for advertising purposes, and to build a competing location database for Skyhook. Essentially, iPhone users are being used to "war drive" for Wi-Fi points and provide GPS coordinates for them.
But, hey, don't take my word for it. Use Apple's instead:
To provide location-based services on Apple products, Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services.
Yes, they say it's anonymous in this part of the privacy policy. Unfortunately earlier they explain that it's sent along with a "unique device ID" so while they're correct that it's anonymous by the dictionary definition (your name is not attached) they most certainly can track a single device.
(Oh, and the "for advertising purposes" is higher up in the policy: "We may collect information such as ... unique device identifier, location, ... where an Apple product is used so that we can better understand customer behavior and improve our products, services, and advertising.")
You are in a maze of twisty little relative jumps, all alike.
You are exactly Correct.
This article specifies what Andorid keeps and why these are kept.
Last 50 cell towers, and last 200 wifi routers seen (not necessarily connected to). It does not keep a running computation of your exact position, and it truncates what it does keep. And it does not transfer this data to google in any identifiable way. (Google does crowd source traffic data from cell phones using Google Maps)
In a big city/urban area, you might truncate you cell towers seen list in a couple hours, as you commute past dozens of towers each day.
Of course once you fire up search (either on Android or IOS) you are transmitting that info to the search engine, (google or bing) if you enable local searching capability.
Sig Battery depleted. Reverting to safe mode.
You mean besides the link to Apple's privacy policy, where they explicitly tell you that they collect a "unique device identifier" and "location" as "non-personal information -- data in a form that does not permit direct association with any specific individual?"
Or the part of the policy where they "collect, use, and share precise location data ... to provide and improve location-based products and services?"
Really, I can't think of a better source than Apple themselves. But if you'd rather, how about Wired's "Gadget Lab" blog?
You are in a maze of twisty little relative jumps, all alike.
You will need root access to the device to read this directory." Which means you can't do that with an app.
Unless your Android device is rooted, which is common. Which means you can. Oops! Your bad.
No, apps run on a rooted Android device don't run as root.
They mean anonymous as in it isn't directly tied to your name.
It turns out they even explicitly explain this. Not quite as clearly, of course, but, from the Apple Privacy Policy again:
We also collect non-personal information -- data in a form that does not permit direct association with any specific individual. We may collect, use, transfer, and disclose non-personal information for any purpose. The following are some examples of non-personal information that we collect and how we may use it:
* We may collect information such as occupation, language, zip code, area code, unique device identifier, location, and the time zone where an Apple product is used...
So, yeah - the unique device ID is gathered along with your location, and this is considered "non personal information" - a.k.a. anonymous information.
So I suppose what Jobs is saying is, technically, true: Apple isn't tracking you. They're just tracking your phone.
You are in a maze of twisty little relative jumps, all alike.
We know the information is being sent to Apple
You're conflating two different issues.
Contrary to what you said, we do not know that this information is being sent to Apple. We do know that some data is sent, of course. If I say "Allow" for sharing my location info with random app X, then random advertiser Y that has an ad in app X will have access to my data as well, since X gets it and shares it with Y. All of those are opt-in at the time they occur, are limited to a single app, and occur for a specific purpose. They're also obvious and are what those passages you cite are talking about. They're not in question.
What is in question is whether or not this data, which is always on, is always updating, and is comprehensive for a number of months is being sent back and used. As best as I can figure, all signs seem to be pointing to it not being used. Running down the list of reasons backing up that idea:
1) Steve Jobs has actively denied that it is being used that way. See summary above.
2) It makes no sense to store it locally forever, since sending it immediately is easier, safer, and closes the window for publicity nightmares like this one.
3) Apple has always placed the greatest importance on the customer experience, and this harms it.
4) Apple has been proactive in protecting the privacy of their customers, including recently, since it improves the user experience (e.g. see the publisher-hated App Store policy change regarding subscription data).
Essentially, we have no basis for believing that this information is being sent to Apple, aside from the general distrust that we all place in large companies (which they've rightly earned). The only plausible explanation I've heard so far is that this is simply a cache that was poorly coded and grew larger than expected. That is, it's no different than what Android has, except broken.