Sen. Al Franken, D-Minn., and Rep. Edward Markey, D-Mass.,sent separate letters late last week to Apple CEO Steve Jobs asking him to supply details about how and why iPhones and iPads compile and store detailed time-stamped logs of each user's location.
And Markey on Saturday called for a formal congressional investigation of both Apple and Google. "Unprotected personal location information could be a treasure trove for troublemakers," says Markey.
The letters to Jobs came after two British researchers, Alasdair Allan and Pete Warden, revealed their discovery of a location-logging mechanism quietly introduced by Apple for iPhones and iPads in early- to mid-2010.
On Friday, Google came under scrutiny. The Guardian disclosed the existence of a similar location-logging feature on Android phones, a discovery made by a Swiss researcher, Magnus Eriksson; and the Wall Street Journal verified evidence gathered by Los Angeles-based researcher Samy Kamkar, showing how most Android phones worldwide have been actively sending GPS location coordinates, as well as the coordinates of any nearby WiFi networks, back to Google for at least the past six months.
Apple did not respond to interview requests. Google's senior manager of public affais, Chris Gaither, said the company is not doing interviews. Instead, the search giant issued a brief statement confirming that location data is being transmitted back to Google servers but asserting that it refrains from tracing such data to specific individuals.
Meanwhile, the tech and privacy communities are abuzz with discussions. One big risk for Apple patrons is ifyour iPhone or iPad is lost or stolen, says IDC applications development analyst Al Hilwa. "It makes it super easy to come up with schemes to spy on users, such as people spying on spouses or bosses spying on employees," says Hilwa.
Apple and Google are in an intense competition to dominate one of tech's hottest new sectors: services pivoting around knowing the precise location of the consumer. Revenue derived from so-called location-based services are expected to swell to $8.3 billion by 2014, up from $2.6 billion in 2010, according to tech industry research firm, Gartner.
Allan, the British researcher, last week stumbled upon a file stored on the hard drive of his MacBook laptop containing 29,000 time-stamped locations—a log of everywhere he had traveled in the previous 300 days. The file originated on his iPhone and was automatically copied to his laptop when he synced the two devices.
Alan's research partner, Warden, created a software application that plots the time-stamped location data on an interactive map. The application is simple to download and free to use by any Mac owner. Warden is working on a version for people who sync iPhones to Windows PCs.
"We don't know exactly what triggers the logging," says Warden. "We see logging happening with intervals as frequent as every couple of minutes to much longer, and we don't know what the pattern is."
It is not clear whether Apple intends to somehow make this data available to location-based marketeers. Location data is being increasingly used to personalize online ads, to help parents keep track of their teens, and to help prevent mobile payment scams, says Chenxi Wang, cybersecurity analyst at Forrester Research.
"None of these scenarios justify storing a year's worth of location data," says Wang. "It continues to surprise me how companies always elect the privacy-invasive features as default."
Kankar, the Los Angeles researcher, says he has discovered that all recently purchased Android phones are set up to continually report specific GPS coordinates as well as the coordinates of WiFi networks in nearby homes and businesses back to Google.
He says Google can correlate timing and frequency of phone usage to pinpoint an Android owner's home address. "If your phone is at the same location during night hours, they know where you live," says Kankar. "If your phone location is on the move, they can guess that you're in a car and even calculate how fast your car is moving."
Kankar says Android handsets also continually track coordinates of any nearby WiFi systems, even those that are encrypted. "If you have an Android phone, Google knows where you are," says Kankar. "Even if you don't own an Android phone, but your neighbor does, Google can triangulate who you are by tracking your wireless network."
The only way to disable such tracking by your Android phone is to disable the GPS and Wireless functions, he says.
But most people, especially those under 30, aren't apt to disable cutting-edge features, says Fran Maier, president of TRUSTe, which certifies website privacy programs.
On Wednesday, TRUSTe plans to release survey results showing 44% of 18- to 20-year-olds say they feel secure and in control when using their mobile devices. "Privacy is a big deal now, even among younger people," says Maier. "But they believe they're smarter and more adept at managing their information than older people."
Even so, Sen. Franken notes in his letter to Jobs that "there are numerous ways" location data "can be abused by criminals and bad actors." And Rep. Markey asks Jobs if he is concerned about how the "wide array of precise location data logged by these devices can be used to track minors, exposing them to potential harm."
Tech analysts and privacy experts say Google is likely to face similar questions. "There appears to be this enormous industry operating behind closed doors with business models premised on the collection of massive amounts of detailed information," says Hilwa. "Only governmental regulatory bodies can inject sanity back into this state of affairs."
No comments:
Post a Comment