[LACNIC/Seguridad] Apple Q&A on Location Data

[Fernando Gont]

FYI

Fuente: http://www.apple.com/pr/library/2011/04/27location_qa.html

Apple Q&A on Location Data

Apple would like to respond to the questions we have recently received
about the gathering and use of location information by our devices.

1. Why is Apple tracking the location of my iPhone?
Apple is not tracking the location of your iPhone. Apple has never done
so and has no plans to ever do so.

2. Then why is everyone so concerned about this?
Providing mobile users with fast and accurate location information while
preserving their security and privacy has raised some very complex
technical issues which are hard to communicate in a soundbite. Users are
confused, partly because the creators of this new technology (including
Apple) have not provided enough education about these issues to date.

3. Why is my iPhone logging my location?
The iPhone is not logging your location. Rather, it’s maintaining a
database of Wi-Fi hotspots and cell towers around your current location,
some of which may be located more than one hundred miles away from your
iPhone, to help your iPhone rapidly and accurately calculate its
location when requested. Calculating a phone’s location using just GPS
satellite data can take up to several minutes. iPhone can reduce this
time to just a few seconds by using Wi-Fi hotspot and cell tower data to
quickly find GPS satellites, and even triangulate its location using
just Wi-Fi hotspot and cell tower data when GPS is not available (such
as indoors or in basements). These calculations are performed live on
the iPhone using a crowd-sourced database of Wi-Fi hotspot and cell
tower data that is generated by tens of millions of iPhones sending the
geo-tagged locations of nearby Wi-Fi hotspots and cell towers in an
anonymous and encrypted form to Apple.

4. Is this crowd-sourced database stored on the iPhone?
The entire crowd-sourced database is too big to store on an iPhone, so
we download an appropriate subset (cache) onto each iPhone. This cache
is protected but not encrypted, and is backed up in iTunes whenever you
back up your iPhone. The backup is encrypted or not, depending on the
user settings in iTunes. The location data that researchers are seeing
on the iPhone is not the past or present location of the iPhone, but
rather the locations of Wi-Fi hotspots and cell towers surrounding the
iPhone’s location, which can be more than one hundred miles away from
the iPhone. We plan to cease backing up this cache in a software update
coming soon (see Software Update section below).

5. Can Apple locate me based on my geo-tagged Wi-Fi hotspot and cell
tower data?
No. This data is sent to Apple in an anonymous and encrypted form. Apple
cannot identify the source of this data.

6. People have identified up to a year’s worth of location data being
stored on the iPhone. Why does my iPhone need so much data in order to
assist it in finding my location today?
This data is not the iPhone’s location data—it is a subset (cache) of
the crowd-sourced Wi-Fi hotspot and cell tower database which is
downloaded from Apple into the iPhone to assist the iPhone in rapidly
and accurately calculating location. The reason the iPhone stores so
much data is a bug we uncovered and plan to fix shortly (see Software
Update section below). We don’t think the iPhone needs to store more
than seven days of this data.

7. When I turn off Location Services, why does my iPhone sometimes
continue updating its Wi-Fi and cell tower data from Apple’s
crowd-sourced database?
It shouldn’t. This is a bug, which we plan to fix shortly (see Software
Update section below).

8. What other location data is Apple collecting from the iPhone besides
crowd-sourced Wi-Fi hotspot and cell tower data?
Apple is now collecting anonymous traffic data to build a crowd-sourced
traffic database with the goal of providing iPhone users an improved
traffic service in the next couple of years.

9. Does Apple currently provide any data collected from iPhones to third
parties?
We provide anonymous crash logs from users that have opted in to
third-party developers to help them debug their apps. Our iAds
advertising system can use location as a factor in targeting ads.
Location is not shared with any third party or ad unless the user
explicitly approves giving the current location to the current ad (for
example, to request the ad locate the Target store nearest them).

10. Does Apple believe that personal information security and privacy
are important?
Yes, we strongly do. For example, iPhone was the first to ask users to
give their permission for each and every app that wanted to use
location. Apple will continue to be one of the leaders in strengthening
personal information security and privacy.

Software Update
Sometime in the next few weeks Apple will release a free iOS software
update that:

    * reduces the size of the crowd-sourced Wi-Fi hotspot and cell tower
database cached on the iPhone,
    * ceases backing up this cache, and
    * deletes this cache entirely when Location Services is turned off.

In the next major iOS software release the cache will also be encrypted
on the iPhone.

Press Contacts:
Natalie Harrison
Apple
harri en apple.com
(408) 862-0565

Natalie Kerris
Apple
nat en apple.com
(408) 974-6877
-- 
Fernando Gont
e-mail: fernando en gont.com.ar || fgont en acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1