Security

iPhone keeps a database of all your movements

4 Comments

I recently wrote about a German politician who successfully fought to get location data from his mobile provider.

A commenter said mobile devices have to be in constant contact with the provider, so there is bound to be location data. Fair enough, but my hope was to focus on why data is stored and why users are not made aware so they can opt-in or out.

Perhaps the following example will be more clear, as it removes the network and service-model entirely. Last year it was publicly disclosed that the Apple iPhone keeps a record of movement in a local database.

iPhoneTracker is an application that can read the database of locations stored on your iPhone as well as the backups made with iTunes.

You should see something like this:

-rw-r–r– 00000000 00000000 28082176 1297319654 1297319654 1282888290 (4096c9ec676f2847dc283405900e284a7c815836)RootDomain::Library/Caches/locationd/consolidated.db

That text in brackets just before ‘RootDomain::’ is the name of the actual file on disk that holds the location data. Since it’s an SQLite database file, you can use any standard SQLite browser, I’m using this Firefox plugin:

https://addons.mozilla.org/en-US/firefox/addon/sqlite-manager/

Open up the file, choose the ‘CellLocation’ table, and you can browse the tens of thousands of points that it has collected. The most interesting data is the latitude, longitude location and the timestamp. The timestamp shows the time in seconds since January 1st 2001.

Apple is not a provider, and there is no (yet) known use of this information. Yet their mobile devices by default store a detailed database of your locations. They even back it up, so you can monitor any Apple iPhone user’s movements just by reviewing their iTunes sync data.

Why is Apple collecting this information?

It’s unclear. One guess might be that they have new features in mind that require a history of your location, but that’s pure speculation. The fact that it’s transferred across devices when you restore or migrate is evidence the data-gathering isn’t accidental.

[…]

By passively logging your location without your permission, Apple have made it possible for anyone from a jealous spouse to a private investigator to get a detailed picture of your movements.

I guess the advantage over the German politician is that you don’t have to sue Apple to see your data. The disadvantage is that the privacy laws directed at providers do not apply. You have been tracking yourself, but just didn’t know it.

Apple conveniently left it in plain-text format for anyone (e.g. a provider) to read and sell. Some of it might be askew because it is using tower triangulation instead of GPS but I would wager they could easily upgrade the accuracy.

I recommend anyone with an iPhone (or iPad) download the application and create their own “What six months of your life looks like to Apple” web page. Even more fun could be to write an application that pollutes the database with exotic location data to show an iPhone going on virtual vacations.

Updated to add: Apple’s name for the location tracking file is “consolidated.db”, the same name as a radical anti-fascist industrial band from the late 1980s. Hat tip to Jeremy Allaire for mentioning them to me. Ha, how far Apple has come since then, when we used to consider ourselves so alternative and secure on a Mac. I’m sure it’s total coincidence; that and the fact that disposableheroesofhiphoprisy.db was far too obvious.

4 thoughts on “iPhone keeps a database of all your movements”

  1. “In at least three separate cases, the US government has attempted unsuccessfully to obtain court order to require the cellular providers to provide them information about the location of a cellular customer gleaned from the triangulation of the signals they have received.”

  3. Paul, thanks for your comment and the link. Alex Levinson seems to try and deflect the main point, but I don’t find it very convincing. He states:

    Apple is not collecting this data.

    Yet the majority of his research and his post involves his research on the collection of location data by Apple’s iOS. I think he’s getting hung-up on a semantic difference. Here are my responses:

    1) Collection of data does not have to mean remote collection. Alex states:

    This is data on the device that you as the customer purchased and unless they can show concrete evidence supporting this claim – network traffic analysis of connections to Apple servers – I rebut this claim in full.

    He rebuts a claim that the data is sent to Apple servers. That’s a straw man. Neither I (the whole point of this post is local collection) nor any of the others discussing this issue are fixated on connections to Apple servers. To clarify, the data is still collected locally by Apple on the device, irregardless of a connection back to Apple.

    2) Anyone who says that you are collecting the data yourself, not a company, creates a strange legal test. The court order requirement cited by The Reg in the comment above is curiously altered if we buy into the argument that you are the one collecting the data even though you do not know you are collecting the data — you become stuck with a legal definition of possession, custody and control while you unwittingly grant access to others for review.

    That doesn’t really make sense, given the 15,000 word TOS (terms of service) by Apple. It has been held up by some to show that users knowingly agreed to location data collection. On the flip side, the language of the TOS says that it is Apple or their partners who reserve the right to collect the location data.

    Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. […] For example, we may share geographic location with application providers when you opt in to their location services.

    So the argument that Apple does not (or will not) collect data is invalidated by the language of their TOS.

    3) I agree this is not new news. We could say the same thing about the German politician’s lawsuit. Everyone has known forever that phones are location-based service devices and there is location-based data involved. The big splash/news is related to clever visualizations with interactive maps. Visualization for the non-technical viewer is what differentiates these news stories from the past.

    As far as I can tell Alex did not provide location visualization in his writing or presentations and he was writing for a smaller technical audience. He must feel at least a little glad/appreciative that a wider audience is now paying attention.

    For further details on how a phone manufacturer’s tracking TOS may fun afoul of privacy laws see the recent article in the Wall Street Journal. They say Federal prosecutors in New Jersey are investigating phone application manufacturers for illegally obtaining and distributing personal information. Veracode offers this analysis of the case based on the popular Pandora application running on an Android device:

    So what does this mean to the end user? It means your personal information is being transmitted to advertising agencies in mass quantities. As more and more “free” applications attempt to monetize their offerings, we will likely see more of your personal information being shuttled out to marketing and advertising data aggregation firms. The application developers may not even be aware of the privacy violations they are introducing by using third party advertising libraries. They may merely think they are getting $x per ad impression, not that the ad library is leaking significant information about the user.

    In isolation some of this data is uninteresting, but when compiled into a single unifying picture, it can provide significant insight into a persons life. Consider for a moment that your current location is being tracked while you are at your home, office, or significant other’s house. Couple that with your gender and age and then with your geolocated IP address. When all that is placed into a single basket, it’s pretty easy to determine who someone is, what they do for a living, who they associate with, and any number of other traits about them. I don’t know about you, but that feels a little Orwellian to me.

    Yes, although they say the data is “compiled”. I think they meant to say Consolidated

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.