Those Snoopy iPhones

By Los Angeles Times | Editorial

24 April 11

Apple could quiet the rumblings by confirming that it's not surreptitiously tracking iPhone and iPad users and that app developers aren't doing so either.

he most talked-about feature of Apple's iPhones and iPads these days isn't a clever new software application. It's a hidden digital record on every device of the locations where it has been used - a numerical travelogue that effectively traces its owner's movements by noting the times and places it has been used.

The "consolidated.db" file has been discussed by security researchers for months, but it didn't receive widespread attention until the O'Reilly Radar technology blog published an expose April 20. Within a day, two members of Congress had dashed off letters to Apple demanding more information, including an explanation of why the data were being collected and stored in unencrypted form. And now several European countries are launching their own investigations.

Apple has remained mum, as it often does when its motives are questioned. But the issue here isn't what the company might do with the file. Alex Levinson, a computer forensics researcher who uncovered the file last year, says he's seen no evidence that Apple or application developers can extract it from iPhones or iPads. The only exception, Levinson believes, would be if the user hacked the device to install apps not approved by Apple. "Jailbreaking" an iPhone or iPad undermines its built-in protections, raising the chance of a malicious app copying data from consolidated.db and transmitting it to someone else.

The data can be examined, however, by anyone who takes physical possession of the device - a jealous lover, a thief, an attorney with a subpoena. The O'Reilly researchers greatly simplified the task by creating a program that culls the latitude and longitude information, then displays it on a map.

As privacy threats go, this one seems pretty mild. The data don't show the precise locations where the device was used; instead, they compile the GPS coordinates of the cellphone towers and Wi-Fi access points the phone has been connected to. Unless you frequent the local red light district or lie to your spouse about the "errands" you run, there's not much in consolidated.db to get worked up about.

Granted, the data may be useful to the police, who have already started poring over suspects' phones for clues. But for law-abiding citizens, consolidated.db is likely to be less revealing than the text messages and emails stored on their devices. And although there doesn't seem to be a way for users to stop the location data from being logged, it's easy enough for them to program the device to scramble the information whenever it's removed to prevent it from being read by anyone else.

So why all the fuss? Some of it stems from the suspicion that the devices are transmitting the logs back to Apple, which they don't appear to be doing. But another reason is the mystery around why the information is being recorded in the first place.

The critical distinction here is between what a device reveals about itself in real time and what records may be kept of those activities. Smartphones routinely check their current location and share that information with websites and mobile-phone networks in order to deliver all sorts of useful services, from route and traffic information to coupons and restaurant recommendations. It's harder to imagine, however, why a device needs to know where you were yesterday or a month ago - or why it needs to know the precise time you were there. Levinson speculates that consolidated.db helps reduce battery use by enabling the device to calculate where it is based on where it's been, rather than using its cellular and Wi-Fi antennas. But that's pure speculation, and it doesn't explain why the log isn't encrypted automatically.

Apple could quiet the rumblings by confirming that it's not surreptitiously tracking its customers and that app developers aren't doing so either. It would also help if the company allowed users to erase the location information periodically, just as they can delete their Web browsing histories and other stored information. Meanwhile, lawmakers should ask all smartphone makers whether their products are compiling hidden travelogues and, if so, what users can do to keep them secret.