Focusing public attention on emerging privacy and civil liberties issues

Location Privacy: Apple iPhone / iPad

On April 20, 2011, Alasdair Allan and Pete Warden announced that they had discovered that the Apple iPhone and the Apple 3G iPad were regularly recording the devices' locations into a hidden file. The data gathering, they claimed, was "clearly intentional."

Top News

  • House Subcommittee Considers Geolocation Privacy: The House Subcommittee on Crime, Terrorism, Homeland Security, and Investigations today heard testimony today on proposed Geolocation Privacy safeguards for the collection and use of location data generated by cellphones and other devices. As EPIC recently noted in a letter to the House Judiciary committee, and testimony before the Maryland House of Delegates and Texas House of Representatives on similar bills, ECPA does not protect location records; courts are divided on whether such records are protected by the Fourth Amendment. For more information, see EPIC: Locational Privacy. (Apr. 26, 2013)
  • EPIC Testifies in Austin on Texas Location Privacy Bill: EPIC's Appellate Advocacy Counsel Alan Butler testified before the Texas State Assembly on a privacy bill for telephone location data. The House bill, would establish a warrant requirement for location data and a comprehensive reporting requirement, similar to the federal wiretap reports. Mr. Butler discussed the need for clear rules governing location surveillance that satisfy Fourth Amendment standards, as well as the importance of public reporting and accountability. He also testified at a Senate Committee hearing on the proposal. EPIC recently submitted amicus briefs in State v. Earls and In re U.S. (5th Cir.) regarding location privacy. For more information, see EPIC: Locational Privacy. (Mar. 28, 2013)
  • EPIC Highlights Need for Broad Reform of Federal Privacy Law: In response to a request from the House Judiciary Committee, EPIC has recommended a comprehensive review of the federal communications privacy law. Congress will begin hearings this week on ECPA Part 1: Lawful Access to Stored Content. EPIC's letter to the Committee noted the recent settlement by the state Attorneys General with Google in the Street View matter and the reluctance of federal officials to pursue a similar investigation. EPIC also noted growing confusion in the lower courts about the application of the federal privacy law. Finally, EPIC pointed out that the current law provides inadequate protection for private location records. For more information, see EPIC: Electronic Communications Privacy Act and EPIC: Locational Privacy. (Mar. 18, 2013)
  • EPIC Testifies Before Maryland Legislature on Location Privacy: EPIC Appellate Advocacy Counsel Alan Butler testified before the Maryland House Judiciary Committee on H.B. 887, a location privacy bill that will establish a search warrant requirement for the collection of private location information. Mr. Butler discussed the current state of location tracking and privacy under the state and federal constitutions. The Maryland bill will require a warrant for location tracking and an annual report on electronic surveillance reports, similar to the federal wiretap reports. EPIC recently submitted amicus briefs in State v. Earls and In re US regarding location privacy. For more information, see EPIC: Locational Privacy and EPIC: State v. Earls. (Feb. 28, 2013)
  • California Attorney General Releases Mobile App Privacy Guidelines: California Attorney General Kamala Harris has issued a report describing best practices for mobile application privacy. The report, "Privacy on the Go," recommends that app developers implement safeguards such as privacy-by-design and notice, but stops short of setting forth a comprehensive set of Fair Information Practices. The report follows a law that requires all service providers doing business in California, such as mobile app developers, to have a privacy policy available to consumers. The report also occurs while the White House's privacy multistakeholder process is attempting to develop a voluntary code of conduct for mobile app transparency. For more information, see EPIC: Mobile and Location Privacy. (Jan. 10, 2013)
  • Senate Judiciary Committee Approves Location Privacy Bill: The Location Privacy Act of 2011, sponsored by Senator Al Franken has been reported favorably by the Senate Judiciary Committee. The bill requires affirmative consent for the collection and disclosure of location information, an important protection for cell phone users and users of location-based services. EPIC previously recommended similar protections for location data and filed comments with the Federal Communications Commission advocating location privacy safeguards under the Communications Act. For more information, see EPIC: Locational Privacy and EPIC: Electronic Communications Privacy Act. (Dec. 14, 2012)
  • Senate Committee to Consider Location Privacy Bill: The Senate Judiciary Committee is set to consider S. 1223, the Location privacy Act of 2011, sponsored by Senator Al Franken. The bill would establish important privacy protections for cellphone users and require affirmative consent for the collection or disclosure of location data by service providers. EPIC previously recommended new protections for location data as part of the update of federal law. EPIC also filed comments with the Federal Communications Commission supporting guidelines for the protection of location data under the federal Communications Act. For more information, see EPIC: Locational Privacy and EPIC: Electronic Communications Privacy Act. (Dec. 6, 2012)
  • Massachusetts High Court Allows Limited Warrantless Search of Cellphone Call Logs: The Supreme Judicial Court of Massachusetts has ruled that no search warrant is required to check the recent call list of a flip phone seized during a lawful arrest. However, the Court in Commonwealth v. Phifer emphasized that the ruling is narrow and fact-specific. Different facts, a more invasive search, or a more complex phone could result in a different outcome, said the Massachusetts high court. In the case, police witnessed a drug deal, arrested the dealer, and then checked the phone's call log for evidence of recent drug sales. The Massachusetts Court analogized searching the phone in these circumstances to searching a container that could contain contraband. The Supreme Judicial Court issued a similar ruling in a contemporaneous companion case, Commonwealth v. Berry. In a previous Massachusetts case in which EPIC filed a "friend of the court" brief, the Supreme Judicial Court ruled that sensitive data obtained from GPS tracking requires a search warrant. For more information, see EPIC: Locational Privacy and EPIC: Commonwealth v. Connolly. (Dec. 6, 2012)
  • GAO Recommends New Safeguards for Locational Data: "Additional Federal Actions Could Help Protect Consumer Privacy," a report from the Government Accountability Office, essentially says that users of mobile devices have no idea what information about them is collected or how it is used. The report explains that the privacy problems are getting worse as industry groups have failed to establish meaningful safeguards and the NTIA's "multistakeholder process" is going nowhere. Several members of Congress have introduced legislation to protect mobile data, much as communications information is routinely protected by law. Senator Al Franken is the sponsor of Location Privacy Protection Act of 2011, which would "close current loopholes in federal law by requiring any company that may obtain a customer's location information from his or her smartphone or other mobile device to get the customer's express consent before" collecting location data or sharing it with third parties. For more information, see EPIC: Locational Privacy and EPIC: Location Privacy: Apple iPhone/iPad. (Oct. 15, 2012)
  • Rep. Markey Introduces Mobile Privacy Act: Representative Edward Markey (D-MA) introduced "The Mobile Device Privacy Act," a bill that would require companies disclose the existence of monitoring software to consumers and obtain consent before using this software to collect personal information. The bill, H.R. 6337, would also direct the Federal Trade Commission and the Federal Communications Commission to develop rules implementing the act’s provisions. Recently, EPIC filed comments with the FCC urging the Commission to require mobile carriers to implement comprehensive fair information practices. For more information, see EPIC: Customer Proprietary Network Information and EPIC: Location Privacy. (Sep. 12, 2012)

Background

On April 20, 2011, two data scientists, Alasdair Allan and Pete Warden, conducted a discussion at Where 2.0, an annual conference on location-aware technology and business. Allan and Warden announced that they had discovered that the Apple iPhone and the Apple 3G iPad were regularly recording the devices' locations into a hidden file, explaining how they made the discovery, what they thought the collection implied, and how users would be able to view their own data.

Following the announcement, several journalists and researchers delved further into an issue, and much speculation occurred about if the data was being transmitted to Apple and if the tracking was exclusive to the iPhone / iPad, or if it also was occurring on other smartphones, including android-based hardware.

Apple has made many statements in support of locational privacy in the past. With the release of OS4, on April 8, 2010, Scott Forstall, the Senior Vice President for iPhone Software, stated: "For all these location things, we take privacy very, very seriously. Ever since we added the first API's for location, we would put up a panel whenever an application wanted to use your location - and the user would have to approve this. We're taking privacy several steps further - in iPhone OS 4." In clarification, Forstall explained exactly what steps would be taken to protect location privacy:

  • "First, we're adding an indicator right on the status bar to let you know if any application is asking for your location. Be it a foreground application or one of the background applications - so you could know if something is tracking your location."
  • "Next - we're adding fine grain settings - so you could see all of the application that would like to use your location and the user can enable or disable location, per application."
  • "And on top of all of this, if any application has asked for your location in the last 24 hours, we'll add an indicator right next to that app - so you could know that it's asked for your location."
  • "So we're being completely transparent on the usage of location and we're letting user set, on an app-by-app basis, the ability for apps to use location."

In April 2010, Apple changed its Privacy Policies regarding locational data. At the time, Representative Edward Markey (D-Mass) and Representative Joe Barton (R-TX), sent a letter to Apple's Steve Jobs asking for an explanation for the change in policy and how the changes would effect compliance with the Telecommunications Act (47 U.S.C. § 222). In a lengthy response, Apple explained that the change was meant to address Apple's location-based services. Apple assured that customer's location-based GPS information that Apple collected from mobile devices would be "stored in a database accessible only by Apple."

Apple's Privacy Policy, as of the date of the discovery, included two explicit statements about location data:

  • "[Apple] may collect information such as occupation, language, zip code, area code, unique device identifier, location, and the time zone where an Apple product is used so that we can better understand customer behavior and improve our products, services, and advertising."
  • "To provide location-based services on Apple products, Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services."
Apple also carries a TRUSTe Privacy Seal:

    Apple Inc. has been awarded TRUSTe’s Privacy Seal signifying that this Privacy Policy and practices have been reviewed by TRUSTe for compliance with TRUSTe’s program requirements including transparency, accountability, and choice regarding the collection and use of your personal information.

On April 21, 2011, Representative Edward J. Markey (D-Mass), sent a letter to Steve Jobs, the CEO of Apple, Inc. Rep. Markey voiced concern for the "consequences of this feature for individuals' privacy," and proposed the following questions:

  • Is it accurate that Apple iPhone keeps track of where iPhone users go, saving this information to a file on the device that is then copied to the owner's computer when the two are synchronized?
  • Did Apple intentionally develop this functionality in order to log the locations of users?
  • How does Apple collect this customer location information?

  • Does Apple use this information for any purpose?
  • Has Apple used this location information for any commercial purpose?

  • Is it possible for customers to disable this feature? 

  • Given the widespread usage of iPhones and iPads by individuals under the age of 18, is Apple concerned that the wide array of precise location data logged by these devices can be used to track minors, exposing them to potential harm?

In a similar letter, sent on April 21, 2011, from Senator Franken (D-Minn), the following questions were proposed:

  • Why does Apple collect and compile this location data? Why did Apple choose to initiate tracking this data in its iOS 4 operating system?
  • Does Apple collect and compile this location data for laptops?
  • How is this data generated? (GPS, cell tower triangulation, WiFi triangulation, etc.)
  • How frequently is a user's location recorded? What triggers the creation of a record of someone's location?
  • How precise is this location data? Can it track a user's location to 50 meters, 100 meter, etc.?
  • Why is this data not encrypted? What steps will Apple take to encrypt this data?
  • Why were Apple consumers never affiamtely informed of the collection and retention of their location data in this manner? Why did Apple not seek affirmative consent before doing so?
  • Does Apple believe that this conduct is permissible under the terms of its privacy policty? See Apple Privacy Policy at "Location-based Services" (accessed on April 20, 2011), available at www.apple.com/privacy.
  • To whom, if anyone, including Apple, has this data been disclosed. When and why were these disclosures made?

Sen. Franken stated that, "The existence of this information stored in an unencrypted format-raises serious privacy concerns."

On April 20, 2011 Representative Jay Inslee (D-WA) issued an official statement on the issue, indicating that he would press the company for answers and noting that "current law fails to ensure consumers are protected from privacy violations." On April 22, 2011, Rep. Inslee wrote to Chairman Leibowitz, chairman of the Federal Trade Commission, calling for the Commission's "prompt attention to this important matter."

As of April 22, 2011, the Italian Data Protection Authority has opened an investigation into the matter. In addition, the Bavarian Agency for the Supervision of Data Protection (Germany) and the French Data Protection Authority had stated an intent to look deeper into the matter. On April 26, 2011, South Korea's Communications Commission also questioned Apple about location data stored on iPhone and iPad devices.

On April 22, 2011, two individuals filed a class action lawsuit against Apple in the Middle District of Florida. Allegations include violations of the Computer Fraud and Abuse Act, Fraud, Misrepresentation, and several state claims, among others.

On April 25, 2011, the Illinois Attorney General asked for a meeting with Apple to discuss privacy concerns on mobile devices.

Apple finally responded to the allegations on April 27, 2011 in a carefully worded press release. Responding to pressure from privacy groups, Apple announced three changes to iOS4:

  • Locational data storage will be limited to one week
  • Locational data will no longer be transferred to a user's computer
  • Users will be able to delete all locational data collection on the device
  • All locational data stored on a the device will be encrypted
Apple further pledged that the company has "no plans to ever" track users.

Additional Resources

Latest News