April 21, 2011

iPhone Location Tracking Brouhaha in Perspective + Personal Status Note

Before I proceed to the main topic of this posting, I'd like to apologize to everyone who has sent me email over the last several days that has been unacknowledged and unanswered, and for the sudden cessation of all activity on my main mailing lists -- PRIVACY Forum - People For Internet Responsibility - Network Neutrality Squad -- the IDONS Forums, as well as on my blog, Twitter, and Google Buzz. I am not purposely ignoring you, and I'll try to explain a bit more after the iPhone tracking discussion that begins ... now.

I've probably received more email on the recent "revelations" concerning location "tracking" data being stored on various iOS (iPhone, iPad) devices (and thence apparently backed up routinely to connected computers) than for nearly any other topic in recent memory. Some articles that provide background on this are here and here.

I will not now delve into the question of "who discovered what when" or the specific precision and granularity of the data collected (e.g. cell site triangulation/location vs. GPS) -- except to note that especially in urban regions, the area covered by a single cell sector or microcell can be very small and yield quite precise location information even without user GPS data. The applicability of the Apple/iOS Terms of Service (ToS) to the collection of the location data in question I'll let the lawyers tangle over.

Some observers (many of whom seem to be rather hardcore Apple "fanboys"), appear to be attempting to minimize the seriousness of this situation, suggesting that it really isn't a big deal since Apple reportedly isn't routinely sending the collected location data to their own servers -- some apologists even parroting the tired and dangerous meme that "if you aren't doing anything wrong you have nothing to fear from such data being gathered."

There's also considerable speculation regarding the whys and wherefores behind Apple's deploying this data mechanism.

None of this substantively changes the bottom line.

This isn't rocket science. The collection of this data on these devices, especially in unencrypted form, is incredibly dangerous, stupid, and disrespectful of Apple's customers.

In an age when U.S. Customs and now even local police departments are claiming the right to use specialized equipment to drain smartphones and laptops of their stored data without any kind of warrants or court orders, the presence of such comprehensive location data in these devices represents a treasure trove for everything from completely unreasonable law enforcement "fishing expeditions" to aggressive and nosy divorce attorneys.

There's just no way to justify what Apple is doing with iOS in this regard. It's impossible to imagine legitimate mitigating excuses.

That something like this could slip through Apple's "privacy standards" process is mysterious and extremely troubling.

Overall, this one isn't even a close call. Apple is dead wrong.

- - -

As I noted above, normal activity on my various venues has been disrupted, including my ability to respond to emails in a predictably timely fashion. This may continue indefinitely or even worsen, and while I will try to keep the associated servers running, I cannot guarantee that this will be possible unless current circumstances change for the better. I have never felt it appropriate to "monetize" any of these efforts, and though I've always operated on extremely limited resources, I've done my best to keep things going in the hope that some good was ultimately being accomplished.

Unfortunately, a series of recent unexpected events has made it impossible for me to maintain the status quo under these conditions. Hope springs eternal for improvements in the situation, but as of now nothing is on the horizon.

So I'd like to use this opportunity to thank everyone who has taken the time to read my sometimes eclectic missives over the many years (whether you've agreed with my various points of view or not!) and a special thank you to those who have actively participated by sending me emails, messages, postings, and various fodder for my analytical and other musings, lists, and forums.

Also, some of you know about a pair of white papers that I've been preparing, one regarding government and private micromanagement and censorship of Google and other search engines, the other discussing N-dimensional "constellation" analysis of user tracking preferences vs. "do-not-track" risks (can this stuff get any geekier?). While I hope to complete these for distribution, like everything else right now they will have to wait until and unless the overall situation takes a turn for the better.

That's really all I want to say publicly about this. Mail to lauren@vortex.com should continue working for the time being at least, though responses may be significantly delayed. My regular contact phone number of (818) 225-2800 continues to be valid for now.

I just don't know how often I'll be posting going forward. I'll do what I can. But again, my thanks to you all, my apologies for the inconvenience, and my best wishes to you and yours. Take care.

Be seeing you.

--Lauren--

Posted by Lauren at April 21, 2011 01:04 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein