There’s been a considerable amount of hullabaloo about how Apple's iPhone stores a record of the travels of its owner and on the system they use for synchronization. The data, according to Thomas Claburn’s story iPhone Software Tracks Location Of Users, is latitude and longitude coordinates and their corresponding timestamps. The data is stored in an unencrypted file on the computer and the iPhone.
I have a hard time getting worked up about this. First, location data is crucial for popular services such as “Find My iPhone,” and the many, many applications that depend on accurate location data to work. That’s the only way they can find the best sushi restaurant close to you, report your location to your favorite social media, or know the nearest theater with the movie you want to see. You get the idea.
Of course, these applications have logs. All of your computing devices pretty much log everything you do.
Second, many companies have this type of data. Many newer car models track everywhere the owner goes. Your credit card company, bank, and debit card provider knows everywhere you travel and everything you buy--unless you are one of the few who pay for everything in cash. Also, let’s not overlook the fact that mobile phone network providers have all of this data, and many of them hold it for unknown lengths of time.
And, it appears, phones based on the Android operating system do the same thing, essentially. The location information is stored in files named cache.cell and cache.wifi.
These are locally stored files, and if any data is sent to Apple--best I’ve been able to determine--the data is anonymized and used to build a location database of Wi-Fi hotspots.
And, the fact is, Apple has already responded to government inquiries about its location tracking abilities.
The fact that Apple has already answered these questions didn't stop Senator Al Franken from sending a letter to Steve Jobs, asking about "serious privacy concerns."
"I read with concern a recent report by security researchers that Apple's iOS 4 operating system is secretly compiling its customers' location data in a file stored on iPhones, 3G iPads, and every computer that users used to "sync" their devices."
And all of this over a locally stored database file, while real Fourth Amendment concerns, such as exactly what the state of Michigan is doing with their mobile phone forensic devices during traffic stops, doesn't get a quarter of the same outrage:
The Michigan State Police have a high-tech mobile forensics device that can be used to extract information from cell phones belonging to motorists stopped for minor traffic violations. The American Civil Liberties Union (ACLU) of Michigan last Wednesday demanded that state officials stop stonewalling freedom of information requests for information on the program.
Should Apple encrypt the files? Yes? Should the logs probably be cleared in a shorter period of time than a year? I think so. Is this as big of a deal as it's been made out to be? I don’t think so.
If this concerns you, encrypt your iPhone and encrypt your iPhone backups within iTunes.