Many iPhone users are concerned over the recent revelation about the storage of location tracking data in a digital file on their phones.
Privacy advocates, reports the San Jose Mercury News' Troy Wolverton, "warned that the file -- and its use -- has profound implications for owners of Apple handheld products."
The reporter quotes Jeff Chester, executive director of a consumer privacy advocacy group, as saying "Apple has unwittingly or knowingly become complicit in a wide range of mobile surveillance."
However, tech pundits including The New York Times' David Pogue declared the revelation old news to geeks. In a post titled "Your iPhone Is Tracking You. So What?" Pogue said he was personally unconcerned by the disclosure since users should know "the phone companies know everywhere they go; all cellphones track your movements. The only difference here is that the information is stored on your computer instead of the cellphone company's."
But Pogue, whose tech column is a must-read for personal technology news, misses several real-world and legal implications for users with lesser degrees of technological savvy.
Pogue dissociates himself from the paranoid class, which, irrationally, in his opinion, wants to maintain a semblance of privacy without having to store personal information in a basement safe. But there are some mentally balanced people who have concerns, as antiquated as they may be, about personal, informational privacy. Among the concerned, you can count the United States Congress and a handful of people who have already sued. To old-school privacy lovers, the "only difference here" in the iPhone revelation may be of great importance, and especially if they consider the wide-ranging powers of law enforcement discussed below.
Two Operating Systems, Two Styles of Surveillance
The two methods by which your phone can snitch about your whereabouts correspond to the divide between two of the most prevalent cellphone operating systems: Apple's iOS and Google's Android. It is true, as Pogue points out, that the Google/Android operating system reports its location to the Google mothership every few seconds. Back at the Google server farm (aka the Cloud), the information is stored on a server controlled by, and accessible only to, Google. Instead of storing the information on the mothership alone, the iPhone stores past location information on the phone itself, at least until you get it off the phone by downloading it to a desktop or laptop computer via iTunes.
As CNET reports, Google has been quite silent about how long it hangs on to the reported data. In the blogosphere, the technorati are seeking answers from Google and Apple about their methods, and the rationales behind those methods, for dealing with location information derived from cellphone GPS applications as well as from the traditional constant contact that cellphones maintain with cellphone towers.
Google's pre-emptive defense is that (a) it holds the reported data for only a short time before purging it, and (b) the data it receives is anonymized so that it cannot be used to identify a customer. This last assertion belies the issue: Google is tracking your phone's location, for example, at 3 a.m. When tracked to the same location several mornings in a row, that is a pretty big clue as to your home address and identity. ("Honey, I was home all night but I got a room at the Holiday Inn for my iPhone.")
That explanation aside, the most important privacy protection lies in the hope Google will cough up the unpurged data it briefly retained only if forced to do so by a lawful process such as a judge-issued search warrant or subpoena. For this simple reason -- centralized retention of data out of the immediate grasp of snoops, thieves or suspicious spouses -- Google's server-based data collection practice is better able to protect privacy than Apple's device-based storage. Unlike Google's practice (and perhaps counter-intuitively), the iPhone's retention of a "local" copy of the information creates the greatest danger to personal privacy.
The most likely threat to private data stored in an iPhone is loss or theft of the phone. A suspicious spouse or boyfriend, a passenger on the subway or a sticky-fingered health club employee can gain access to an iPhone's stored location history after obtaining accidental or larcenous possession of your phone. Ironically, the researchers who announced the discovery of the location data file on the iPhone potentially monetized their discovery by creating an app that enables any curious, intrusive person to download the phone's data in a few moments, no "hacking" credentials required. Your wife or your business competition wants to know when and where you have been going to "meetings"? No problem. There's an app for that.
Law Enforcement: Risks That Cannot Be Controlled by Diligence
Some may look at personal loss risks ("Hold on to your phone and don't leave it unattended") and business or marriage partner risks ("Get a good lawyer to quash the subpoena") as acceptable, something over which they have control. As with decisions to not buy casualty insurance, some people are willing to risk the loss or theft of an iPhone.
But for iPhone users who feel impervious to such everyday threats, a little-recognized threat lurks around the corner: law enforcement and legal investigators. In business disputes or divorce litigation, for example, lawyers may subpoena the phone's contents as so-called "discovery" that can help make a case against the iPhone user.
Some people -- from tea party members to civil libertarians -- are genuinely concerned about governmental intrusion into the informational privacy of citizens. Aside from such political anxieties, youths and minorities in both rural areas and inner cities live lives that are frequently interrupted by police officers who are aggressive in their pursuit of persons they see as wrongdoers.
The public, innocent and not so innocent, is generally quite naive about just how law enforcement personnel (and lawyers in litigation) ply their trade, to their own advantage.
Aggressive enforcement of traffic laws is seldom shown as a valuable tool on the television police procedurals and on COPS, situations in which the police know cameras are running. But officers who develop an interest in a person's conduct typically use the state vehicle code as their most important investigative tool. The traffic laws empower police officers, upon seeing the most minute of driving violations or regulatory lapses, to initiate coercive detentions of people in cars.
Police officers are trained -- and given the constitutional latitude -- to simply "ask" to examine items in your possession. Such a request could include your iPhone as easily as it could your license and registration. The iPhone's location information (or other contacts, photos and text messages) can be downloaded in the time it takes to run a warrant check as the officer sits in his patrol car behind you.
Such police practices are not paranoid speculation. They have been happening in one state for some time. In Michigan, the state police use the same devices that cellphone retail stores use to download contacts and data from an old phone for transfer to a new one. The ACLU has demanded more information from the Michigan State Police about officers' use of such devices during traffic stops.
These portable devices can be used to "secretly extract personal information from cell phones during routine stops," ACLU staff lawyer Mark Fancher wrote to Col. Kriste Etue, director of the Michigan State Police, on April 13. The devices, sold by Cellebrite, can reportedly bypass security passwords and download text messages, photos, video and GPS data from most brands of cell phones.
On April 20, the Michigan State Police issued a statement denying it uses the handheld devices to download personal information from motorists they pull over. The devices are used only after a search warrant has been obtained or if a mobile phone owner provides consent.
Given that the U.S. Supreme Court, in its Atwater v. City of Lago Vista decision in 2001, approved custodial arrests for violations as minor as not wearing a seat belt, are you confident you would not cooperate when an officer stops you for a traffic law violation and asks if he can also examine your cellphone while he runs a warrant check back in his patrol car?
A police officer's most frequently employed method of investigation is simply to ask consent. People consent to police examination of their personal property for a variety of reasons, most often because they believe that the intrusion will not result in discovery of evidence or a crime or because of the fear that refusing to consent will cause the officer to arrest and take them to jail.
To almost everyone -- the innocent and the present or past wrongdoer -- the path of least resistance seems, under the pressure of confrontation, to be the best strategic response to a police request to examine a car or personal property. That is the hope, at least up until the moment the officer discovers those not-to-be-shared photos of your girlfriend, a text message from a drug-using associate, or contact information about someone who, unbeknown to you, is under suspicion.
Discoveries of relationships with "persons of interest" may come at roadside, or later back at the station when the downloaded data is examined more closely. The evidence at hand from your iPhone that it was at an accident location or near a crime scene at a particular time can be critical to a police investigation.
Of course it is possible the phone was at some location and you were not. Good luck with that argument with your wife, a jury or a judge.
Smartphone Best Practices for Anyone Concerned About Privacy
1. Choose Android over an iPhone and cross your fingers that Google purges the data before the police or a lawyer serves Google with a warrant or subpoena; while not perfect, the Android privacy protections of server-stored data in the Cloud are better than the local device storage of the iPhone.
2. If you are an iPhone user, "Just Say No" to a police officer who "asks" your consent to examine the device. An arrest is unlikely to ensue, and your privacy is legally fortified if one does.
3. And whatever you do, don't carry the iPhone on your person; if you do, it can be seized if you are arrested and its digital files can be searched. This last precaution, however, is only for California residents. In People v. Diaz, the California Supreme Court recently upheld the power of police officers to search smartphones seized during an arrest. In Ohio, however, such searches of smartphones were found to be unconstitutional in that state's high court decision, Ohio v. Smith.
A bill, SB 914, has been introduced by State Senator Mark Leno in the California legislature to reverse the California Supreme Court's decision in Diaz and prohibit police from downloading information stored on seized phones until they obtain a search warrant from a judge authorizing the intrusion. But in the unlikely event that such legislation signed into law, iPhone users who belong to the "paranoid class" may want to put their iPhones on "silent" and transport them in a vehicle's trunk, glove box or in an attaché case. If a police officer does not know you have a container of digitized private information that might hold evidence, you will not be asked to consent to it being searched.
And there is this collateral benefit of carrying it in a hidden place beyond your reach: You won't be tempted to use it in violation of the "no texting (or talking) while driving" laws.