The widely–reported furore over location tracking in smartphones (first with the iPhone, then with the Android platform) has yet again highlighted the apparent contradiction between certain people’s constant need to publicise what they are doing and where they are doing it, whilst also maintaining the absolute right to privacy throughout.
I find this rather strange. Perhaps being a technology geek, I am very much aware of the technical infrastructure (and constant stream of personal data) required to support the services that we use every day. I therefore make a conscious and informed choice when I allow these services to access my information or publish my location. In fact, I am happy to publish my iPhone location data below, as I am aware of the perceived risks:
But with Apple today finally breaking radio silence and clarifying how and why they are storing the geo-tagged Wi-Fi hotspot and cell tower data, it all boils down to this: it’s a bug.
Hmmmmm. Being a computer scientist, I have written a fair amount of buggy code in my time, but it is rare when it prompts the question “feature or bug?“. Normally, I would ascribe things like this to cock-up before conspiracy, but it is seems more likely to be about potential revenue generation rather than anything more sinister such as government tracking (as I would question the value of timestamped location data from inaccurate cell tower data).
I think that being able to access my own data is pretty cool, but the collection process should be more explicit and transparent to all types of users: clearly explained and not buried in the 15,200 word iTunes terms and conditions. You should also be able to easily purge the data and it should (at the very least) be encrypted/hashed. You can encrypt your iPhone backup, but this option is not enabled by default.
So, does Apple apologising for forgetting to set an expiry on your data that it collects resolve the issue? Not really. This is a worrying trend from companies such as Microsoft, Google, Apple, et al., who are acting as if personal data is a resource that can be harvested at will. Of course you are free to not use their products or services, but it is vital for this data collection to be open and explicitly opt-in. After recent events, I wouldn’t be surprised if Apple receive a number of Subject Access Requests over the coming weeks in the UK. A positive outcome from all of this would be a wider public debate on the storage and use of personal data.
FYI: your smartphone already knows more about you then you may think.