Over the past week or so there's been a furore about location tracking in iOS. While it initially appeared to be a fresh discovery of machiavellian intrusion, the story's a bit more complicated than that.
The mainstream media caught wind of this story as a result of a blog post by Alasdair Allan and Pete Warden on April 20. They released an open-source app for grabbing the data from iTunes's iOS device backup files and displaying it on a map. It's a very neat hack, but it's really just taking a simple SQLite database called "consolidated.db" and doing some trivial queries on it.
Alex Levinson points out that this is not new information, though. Allan and Warden do get credit for producing pictures, though: without which the mainstream media would never understand or care.
Levinson also makes some other points, but I'm not sure I'm in complete agreement. For a start, the location data can be remarkably precise. The general belief is that the device is either storing the cell locations rather than the device locations -- a subtle but important distinction -- or it's storing the estimation of the device location based on the known cell location. I'm not sure. However, I've done what pretty much every geek has done this week and imported and converted the data into KML and a variety of other formats, and I've found (in the "CellLocationLocal" table) a row that is apparently the deduced location of an Orange UK Cell Tower (MCC 234, MNC 33, LAC 3103) in my front garden. (Suffice to say, it's not there.)
Will Clarke points out a response from Apple to an inquiry by Reps. Edward Markey (D-Mass.) and Joe Barton (R-Texas). I do vaguely remember something about this new location strategy last year, although I'm not sure whether it was from this or some of the developer information. At the time, I dismissed it, without considering the deeper ramifications.
To understand what's going on, you have to know a little history.
The original iPhone didn't have a GPS chip. Location services used two sources of information from the vicinity: finding nearby WiFi networks and nearby cell towers, and looking up their location with a service run by Skyhook and a separate service run by Google. Skyhook initially seeded their database by basically wardriving the USA, Europe and Japan, and then also accepted submissions from users. Google, presumably, picked up their data using their own wardrive, piggybacked on their Street View cars (and we know how that turned out for them!)
The system worked adequately for looking up nearby restaurants and the like, but not for navigation. iPhone 3G and above include a GPS chip, but even so, WiFi and GSM location is quicker, more power efficient, and better performing indoors and in urban environments. However, it requires Internet coverage to do the lookup. Caching is obviously an option, though.
When iOS 3.2 came out, the situation changed slightly: rather than using third-party databases -- one of which was run by their friend-turned-archenemy Google -- they chose to replace the lookup service with their own.
Here's the clever bit, though. Rather than wardriving the planet, they realised that they had about 40 million data collection devices already in the field: the iPhone itself. So now it's all done by crowdsourcing: the lookup goes both ways now. When your iPhone uses Apple to lookup the known location of WiFi and GSM sources, it can also supply its own GPS data back to Apple for future lookups by other users. F-Secure reports that the batches occur twice a day.
Technically, this is a fantastic idea. Unlike a wardriven service like Skyhook, this one is continually refreshed and expanded. It makes perfect sense. It's a very neat trick.
However, it's mindboggling that Apple thought this was something they could get away with without a clear opt-in by users. I'm sure in some countries, it's even a criminal act. I suspect Germany is one of those countries.
That's not to say that it's a secret: Apple did disclose the service in the updated Terms and Conditions of iOS which I'm sure everyone read(!), the Apple Privacy Policy and a misleading opt-in dialogue box talking about "anonymous diagnostic and usage information". However, it's not reasonable to expect every user to fully understand the connotations of what's going on. At no point does it say anything as obvious as "Oh, by the way, this means your device is continuously tracking its location."
So, why is this happening? It's not just the crowdsourcing, as that doesn't need to be stored once it's been done. Is it caching? It makes sense to cache the location data to an extent, but failing to clear the cache is a bit silly.
Of course, another possibility is that Steve Jobs is -- in fact -- The Dark Knight himself.
This would explain the leave of absence, I guess.
Forgetting the inevitable lawsuits and legal inquiries, did it not occur to Apple that there would be an almighty shitstorm if/when this became public knowledge? If they'd made a big deal of it and had Steve Jobs actually rave in a keynote about how their location database was constantly updated with your assistance, this wouldn't have been a big deal: a few contrarians and Android fans would have whined about it and how they'd never buy Apple again, but on the whole, it would have died down. There certainly would have been far less opportunity for legislators to bollock Apple for it.
This is Apple: a company that has meetings arguing over individual pixels on their UI designs, and yet it didn't occur to anyone to ask whether this whole scheme was morally right, legally right or diplomatically right? It didn't occur to them that it would actively turn customers against them? Are they really that boneheaded?
For me, the question is, do I care? I don't really care whether people will know roughly where I've been, and looking at previously-undiscovered maps of my Orlando vacation (Kennedy Space Center and Walt Disney World), a trip to Ahmedabad and my various jaunts around the UK has been pretty cool. I can, however, understand why others are upset about this, but I think it's mainly due to the surprise and lack of choice, rather than the actual tracking itself: if you knew it was happening, would it really be such a problem?
In the meantime, I'm wondering how this can be used positively. It would be really nice if the data could be interpolated and smoothed to the extent that it could be used as a poor man's track for geotagging photos, for example. That, or an amazing art project.