Your iPhone Is Secretly Tracking Everywhere You Go

This is a map of everywhere I've been for nearly the last year. Everywhere. I didn't carry around a special tracking device. The FBI isn't sending goons in unmarked vans to track me. All I did was use an iPhone. And if you have an iPhone, you're being tracked right now, too, whether you like it or not.

It turns out that all our iPhones are keeping a record of everywhere you've been since June. This data is stored on your phone (or iPad) and computer, easily available to anyone who gets their hands on it.

And now, we're wondering whether the same goes for our other smartphones. The opt-in wording of phone location service agreements is pretty nebulous (as agreements tend to be). When starting up a fresh Android, you're prompted to agree to the following: "Allow Google's location service to collect anonymous data. Collection will occur even when no applications are running." We asked Google what exactly this meant, and they refused to answer on the record whether this "anonymous" location data is logged persistently, a la iPhone. But, importantly, unlike the iPhone, it appears to be totally opt-in for users. We've also reached out to Apple, BlackBerry-maker RIM, and Microsoft for similar clarifications, but haven't gotten a response yet.

We know that AT&T and other mobile phone providers can always store this data, for any mobile phone. And law enforcement can get to it when they need to. But I don't want this information bouncing around on my computer and in pocket, too, for no good reason, with no way to opt out. That's just not right.

The privacy startle, apparently enabled by this winter's iOS 4 release, was discovered by two security researchers, one of whom claims he was an Apple employee for five years. They're equally puzzled and disturbed by the location collection: "By passively logging your location without your permission, Apple have made it possible for anyone from a jealous spouse to a private investigator to get a detailed picture of your movements," they explain. All it would take to crack the information out of your iOS device is an easy jailbreak. On your computer, the information can be opened as easily as JPEG using the mapping software that the security experts have made for download - try it yourself.

The data itself is jarringly accurate. Even though it appears to rely on tower triangulation rather than GPS pinpointing (meaning you're not safe with location services switched off), the map I was able to generate with mapping software the security duo released visualises my life since the day I bought my iPhone 4 in July. Everywhere I've been. Bus trips home. Train trips to visit family. Holidays. Places I'd forgotten I'd even gone. Zoom in on that giant blotch over New York, and you can see my travels, block by block. My entire personal and professional life - documented by a phone I didn't know was also a full-time location logging device. It's all accessible - where I've been, and when. (The animated software doesn't show location linked to any duration of less than a week, so it can't be used to snoop that closely. But the actual underlying database is timed to the second.) I don't really have anything to hide, which is why I don't mind sharing my map above. But at least let me turn this tracker off.

For now, there is no fix. The only way to remove it from your computer is to wipe your back up files from your computer. But then you have no back ups to restore your phone in case you lose it. And every time you sync your computer, though, it'll create a new file. And if you do lose your phone, all your tracking data goes with it, right into the hands of whoever found it. And if you upgrade your phone to the next iPhone, the location tracking history goes with it.

Until Apple stops doing this, or explains why they are doing it, I don't feel safe. I feel weird having all this data that I don't want recorded on my iPhone, and so do others. Maybe they're doing it for the government. Maybe they're doing it because they're forced to. So far, the researchers have found no proof that the information is being transmitted to remote servers hosted by Apple or the feds. Right now There's no evidence of that at all - that's the good news. But that's still a lot of information on our phones about where we've been, whether or not we want it. [Pete Warden via The Guardian]

Update: Security expert Kevin Mitnick says he's "Quite shocked and disturbed" by the revelation, noting that the logged data could be of great interest to a variety of entities - prying spouses, private investigators, and, he reckons, the government. He speculates that the existence of the log itself "could have been at the request of the government", as such data "can't be used for advertisements. It seems to me more to be a governmental request." He added, "I like to know what my device is doing." And, that the phone's logging of data was in this case like "carrying around a bug and a tracker at the same time".

Update 2: Google has declined to comment on the regard as to the exact nature of their locational data collection.


Comments

    This is fantastic... just had a month in Europe, interested to see how it tracked my trip. Seems to be only available for MacOS though unfortunately.

    And, no i couldnt care less about the security.

      Yeah. I've gotta say I'm really not that concerned either. I don't make bombs, deal drugs, cheat on my wife etc etc... not too worried about prying eyes... Besides, who the hell has time to wade through millions of users location data anyhow? I suppose it would be useful to track one particular individual - but then there would actually be a reason for that, wouldn't there? What are you people concerned about if they are (genuinely) worried by this? They've probably been watching too many Bruckheimer or Bond films...

        Just before the outbreak of WWII a nationial census was conducted in Germany, it asked amongst other things what your nationality was and how many firearms you had.
        Of course, the people who had nothing to hide answered honestly. Upon taking over, the first thing the Nazi party did was round up all the firearms, so there could be no armed resistance. And what do you think they did with those who answered they were Jewish? Information is power and is open to abuse in any number of ways.

    I think the point to be made here is that if we let this slip and don't take action against this sort of tracking we open the door to a more monitored life.
    You can say you don't mind this privacy breach but the next may be way more invasive.
    All I can say is I don't like an Orwellian world.

      +1 to all of this. No, I don't have stuff to hide, and no, I don't travel much either. All my data would be pretty useless and boring. But damn, this I don't like. Having a cache of your locations for all time - that you can't destroy - just irks me a little.

    Your iPhone is most definitely not secretly tracking you. You agreed to it when upgrading your ios device to 4.0 last year. It was all in the t&c.

      Oh yeah, I remember that bit. The team of lawyers I have on standby to analyse each of the ten fifty page EULAs I have to agree to each day just installing trivial software, brought it to my attention. I just didn't consider merely carry the phone was an Apple provided "location based service".

    I like technology when it helps to be more productive have more fun, etc. But I don't like the idea of carrying a tracking device especially when you don't know about it and are not let with the choice to turn it off.
    Where I go is my business, not the manufacturer business.

      I think you are right. We should at least have to choice to opt out of that tracking.
      Now it's a choice where to own an Apple product and be tracked or not own one.

    WOW, weren't Apple users supposed to be anti-establishment? Now they openly condone tracking users every move. What's next?

    All the people who aren't worried about the govt tacking them, worry about this: imagine your phone is stolen. The phone thief would be able to quickly work out where you live and work, find out when you're at work and rob your house while you're not home.

    It would be an easy and lucrative scam.

    For those of you not worried about being tracked, because you do not get up to mischief, would you still mind if a person followed your every movement of the day? I think not. This is the same concept. I don't do anything wrong but i don't feel the need to share my every movement with 'anyone who cares to look'. Think about it.

    http://markey.house.gov/docs/applemarkeybarton7-12-10.pdf

    Page 6. This so called 'secret tracking' is used to cache the locations of towers.

    The only wrongdoing here is that the database wasn't encrypted.

    I never used to worry about this sort of stuff either until I worked in IT in a bank and saw what data they gathered, how they used it and shared it around, and how poorly it was secured. The allure of money will always corrupt whatever good intentions and controls that were initially in place.

    Now I don't give any personal info to anyone without a good reason.

    Get a child addicted to something... and you have a means of controlling it.

    Make something taste sweet and the child will swallow it... at least once... no matter how harmful it may be.

    I'm not anti or pro anything.. I'm an ordinary person living an ordinary life that I have learnt to love and respect.. and I saw this coming a mile away.

    David said it best with an example of one of mankind's worst hatreds towards itself. It's all peaches and cream today, but (and as much as I hate sounding pessimistic) who knows what tomorrow will bring and how what you do today can be used against you.

    All I'm saying is learn to read between the lines. Turn off the TV, switch off the computer, turn off your mobiles, and watch what happens.. you amazingly start to see a bigger picture of the world around you.

    I guess I lied. I am against mindless consumerism. I'm against the idea of keeping up with the Jones' and I'm against living a life where I can't enjoy peace and quiet on my own terms without knowing that something or someone is keeping track.. that feeling of constantly being 'connected'.

    "But it's convenient." I hear you say. Well, so is chopping off your feet so you no longer have to go shoe shopping. Wake up people. $2500 for a laptop which you can buy for $1200 by another brand. A carry-able touchscreen display that you can view the web on and do this and that... a product best described [in the Herald Sun prior to launch] as "The product everyone wants, but nobody needs." You know the one.. the bigger version of that thing you already carry in your pocket.

    Gotta hand it to them, Apple are definitely the king of marketing! But as for this article, it brings me back to one of my first opening lines..

    Make something taste sweet and the child will swallow it... at least once... no matter how harmful it may be.

    I guess I'm VERY against mindless consumerism.. but hey.. it helps me be pro life :)

    Happy Easter all!

    Haha, freedom from porn evidently also means freedom from privacy.

    The "you agreed to it in the EULA" does not really cut it.

    A matter before the courts was where an employee did something on the PC's and later reprimanded for it. As stated it was in the 'agreement' on the screen prior to using the hardware, but he was told or rather guided to just proceed and not to worry about the T&C's.

    What some may or may not realise is that we have entered that age of digital 'slavery' since the invention of the Credit Card.

    The more information gathered on us the better it is for authorities, eg. give by David re WWII.

    The new free Work Health check is another method of obtaining data and NO ONE is jumping up and down over this.

    ConsciousConsumer did a great summary.

    Interestingly, I've just downloaded the program and had a look, and there are several places in Sydney and elsewhere I have never been - so clearly not accurate.

Join the discussion!

Trending Stories Right Now