One week after the world learned that iPhones and 3G iPads were tracking their movements over the past year, Apple released a much-needed explanation about why the devices were logging users’ travel habits over the previous year — and, under the default setting, backing that data up on users’ computers without encryption, potentially exposing sensitive data to thieves, stalkers, and law enforcement.
In the explanation, Apple says it was not tracking users, merely storing the locations of the WiFi hotspots and cellular towers to which their devices connected over the past year in order to speed up the device’s GPS functionality, which is a crucial aspect of many promising apps. In addition, Apple claims that it (and, by extension, not researchers) uncovered the “bug” that caused this location data to be stored for an entire year.
This explanation will lay to rest some fears about why this data was being tracked. However, some might contest the way Apple blames user confusion and unintentional software bugs for the issue, which has arguable set location-reliant apps back a step by freaking everyone out:
1. The main reason people are so worried out about having their approximate locations over the previous year stored in unencrypted form on their phones and computers, according to Apple, is that “users are confused” by “very complex technical issues” surrounding the delivery of fast location-based services while protecting privacy. Granted, Apple owns up to not having educated consumers about this stuff, but it’s not just a matter of perception. Sensitive data was gathered and potentially exposed without users’ knowledge.
2. Apple’s devices were recording and backing up this location information for an entire year, which Apple says was due to “a bug we uncovered and plan to fix shortly” (our emphasis). Surely, it’s pure coincidence that Apple and the rest of the world discovered this bug at approximately the same time, in iOS 4 software that was released last June, right? Doubtful.
3. Apple says another bug caused it to record this information even with location services were turned off, and that it plans to fix that bug in the next version of iOS so that the entire cache of locations gets deleted every time the user turns off location services. As with the year-long location record, it’s a mystery why this “bug” would still exist in the iPhone at this advanced stage of the game.
4. Apple doesn’t overtly accept blame for storing this location log in unencrypted form on the phone, or on the computer, possibly for legal reasons, but says it plans to encrypt the location log and cease backing the data up to computers entirely in the next version of iOS, which it says will arrive in the next few weeks.
Aside from those objections, however, Apple’s explanation provides some well-deserved clarity about what is going on here.