Apple, Google, and Microsoft are taking renewed heat over smartphone location tracking, but the topic is fraught with misunderstanding. Keep these points in mind.
(click image for larger view)
Slideshow: Verizon iPhone 4 Teardown
iPhone users in South Korea have filed a lawsuit against Apple over the company's location-tracking practices. This is the latest of several lawsuits filed against smartphone makers in recent months over the issue of location tracking. Microsoft and Google have also come under fire for their handling of users' location data.
While mobile users are understandably worried about the security of their personal location data, not all fears are equally warranted. Here are five things every user should know about their smartphone's location tracking.
1. You can turn it off.
Many users complain that their smartphones are tracking their location without their knowledge or consent. This is generally a myth, given that both iOS and Android prompt users repeatedly about allowing the device to use their location data. By default, iOS has geolocation enabled, whereas Android typically requires the user to turn it on. But both platforms allow users to turn off location services entirely. Android gives users more granular control over which type of location tracking to enable, which has saved the company from some legal woes on this front. Users who worry about the security of their location data can solve the problem on their own phone by turning off location services, provided they're willing to give up the benefits of location-aware apps.
2. Nobody's scrutinizing your movements.
There's something infectious about the paranoia that a large company might be watching your movements from day to day, but it's a decidedly implausible idea. In reality, out of the millions of smartphone users whose data makes its way onto Apple and Google servers, spotting you in the data stream and tracking your movements specifically would serve little practical purpose for these companies. In Apple's case, it turns out the phone is just storing the locations of cell towers and hotspots.
That's not to say that location data can't be associated with your profiles with either company. Certainly Google has enough information about you to customize search results and advertising, and there's no reason the company couldn't use your location history in this way. But Google has strongly denied doing this via Android's built-in location services, stating that even the unique identifier sent to Google's servers is not associated with a particular device. Apple, meanwhile, claims to use customer location data only for the purpose of maintaining its database of Wi-Fi hotspots and cell towers.
3. It's often unencrypted.
While Apple and Google state clearly that they're not digging into your personal location data, both companies have been scolded by international authorities for failing to encrypt location data on the device. The threat here is that anyone who gets their hands on your lost or stolen phone could potentially discover your location history and use it for nefarious ends. However, because the location data doesn't pinpoint your actual location with much accuracy, you'd be in more danger from other data you've entered into the device manually (such as your address and phone number in the address book) than from the contents of your location history.
4. Not all of the location data is yours.
Some bloggers have added to the paranoia about smartphone location tracking by stoking fears about the amount of data stored on iOS devices. While it's true that the iOS location cache can contain up to a year of past data, Apple has pointed out that not all of the stored data is actually that of the handset's owner. Instead, the device downloads a subset of Apple's larger location database to help speed up location tracking. Apple acknowledges that the excessive amount of data stored on the device is the result of a bug, and plans to fix that issue in a future update.
5. "Anonymous" doesn't always mean anonymous.
Google attaches a unique identifier to the location data it sends from an Android phone to its servers, and that number is not directly linked to the user's identity. So in principle, the company is anonymizing user data. However, if someone really wants to find a needle in that haystack of data, they very likely can. "Deanonymizing" techniques are becoming increasingly sophisticated, and the more personal data you release into the cloud, the easier it is to spot you in the data stream. So if location security is of prime importance to your business, your users, or your sense of personal privacy, opting entirely out may be your best bet.
Attend Enterprise 2.0 Santa Clara, Nov. 14-17, 2011, and learn how to drive business value with collaboration, with an emphasis on how real customers are using social software to enable more productive workforces and to be more responsive and engaged with customers and business partners. Register today and save 30% off conference passes, or get a free expo pass with priority code CPHCES02. Find out more and register.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.