Blog Post

Apple Tracks and Logs iPhone and iPad Location Data in iOS 4

At the Where 2.0 location services conference Wednesday, Alasdair Allan and Pete Warden will be announcing the discovery that your iPhone (s aapl) or 3G-capable iPad has been regularly recording your device’s location since the introduction of iOS 4. The iOS devices store a list of the device’s location and time stamps for when the location information was gathered, and does it all using a file that can be easily read by just about anyone.

The file that does the tracking is called “consolidated.db,” which contains latitude and longitude coordinates attached to a timestamp. It’s not clear exactly what triggers your device to record a location, since the recording appears to vary considerably in terms of frequency. Allan and Warden suspect that the logging may be triggered by travelling between cell towers, which aid in location determination, or by activity on the phone, like using apps. It isn’t clear why Apple began storing this info in iOS 4, but Allan and Warden are convinced the effort is intentional.

Back in March, a German politician working with German newspaper Die Zeit sued Deutsche Telekom to get access to his own location data from his mobile phone, and put together a visualization of where he’d been for six months. Carriers do have this data, but it requires a court order to get it from them. Using the iOS 4 location tracking file (which is stored on any computer where you’ve synced your device) and a free, open source application developed by Allan and Warden, anyone can now do the same in about two minutes with virtually no technical expertise.

Allen and Warden warn that the info can be easily accessed on the device itself, in addition being in backups on computers you’ve synced with. Users who want to protect themselves can encrypt their backups through iTunes, but that doesn’t stop information on the device itself from being accessible. We’ve reached out to Apple about the issue and will let you know if they provide any additional info about how to ensure your data remains private.

As you can tell from the screenshot of my location data included in this article, I’m not particularly concerned about this data being out there, but I tend to lean towards the open and trusting end of the scale when it comes to information sharing. Then again, that probably makes me a prime candidate for things like Please Rob Me, and many others will likely not be so comfortable knowing their iPhone or iPad has a relatively accurate record of their whereabouts over the past year or so. Is this disturbing to you, or just a neat visualization trick you can show your friends?

16 Responses to “Apple Tracks and Logs iPhone and iPad Location Data in iOS 4”

  1. Permission. It’s important.
    One has to presume that the original file(s) can be accessed by iPhone apps. This is targeted marketeer’s dream and a privacy advocate’s nightmare. I guess my iPhone4 is going up for sale.

  2. I don’t mind as long as it stays on my devices. I imagine this might be of some use in a future version of iOS (like when iGroups – or whatever are they going to call it – is introduced, for example). Or for some new developer API for iOS 5? Anyway, if it is for some future features, I am sure apps won’t be able to access it without asking. Apple should ensure the information is stored safer, though.

  3. Isn’t this a blatant violation of European privacy laws? Oh, wait, laws don’t apply to Apple because they’re magical. And unicorns fly out of Steve Jobs’ butt.

    This is a huge problem for business travelers, who would probably not want their competition to know that they’ve just visited Customer A, Customer B, and Customer X, for example.

    And anyone who thinks he has nothing to hide must be blissfully unaware of the penchant governments have for finding scapegoats, for the sake of reassuring the public, when actual criminals can’t be located and captured. All you need to do is be close by when a terrorist attack goes down (or a bank robbery, or a jewelry store holdup, etc.) and you’e a prime candidate to be hauled in for question as one of the “usual suspects.”

  4. It doesn’t bother me. But, like you, I don’t have any secrets to hide. I can see it being a problem (maybe in a good way!) for someone cheating on their spouse, or buying drugs on the street or something. It could be a major problem for someone who has legitimate secrets related to where and when they go places, such as secret service agents or people who are being stalked.

  5. Hey, but this is fairly old news. And one thing you “forgot” to mention is, what the folks who discovered this clearly point out: “There’s no evidence that it’s being transmitted beyond your device and any machines you sync it with.” You might want to add this pretty important detail to your post.