First a correction: Apple is downloading some kind of data from the iPhone and iPad, unlike what I stated previously (see below about guessing). But, they say it isn’t the phone’s location, but the location of cell towers and public WiFi basestations. Apple also says that the data is sent anonymously, and doesn’t include identification information for the device. Their last claim is that it’s a bug, and that they are going to fix it. I get a chuckle out of the bit of spin they put on this, by calling it “building a crowdsourced database” for this data, and that the data local to the phone is a cached subset of that database.
Apple needs to fix two things. First, there’s the current bug. There are a few things that they need to address in this fix.
- Double, triple and quadruple check that the data is actually anonymous, and that they haven’t overlooked something that would in fact allow them to identify the device.
- Make sure that any local data on the device is encrypted, even if it is technically anonymous and public. It is data about the device (and ultimately its user), no matter how coarse the actual data might be.
- Provide a way for the user to remove the cached data, and make sure it actually is removed. The data should also be cleared if the phone is reset to its factory settings.
- If the user turns off location services, then the data should not be updated at all. Ever. The cache itself doesn’t need to be cleared, because turning of location services may be a temporary thing. But the data should remain unchanged when the services are off.
Apple’s bigger, long-term problem is their design and QA process. I’m not convinced that there was a serious review of the risks associated with the feature, I’m also not convinced that the feature was properly reviewed or tested when it was being built, and it appears that Apple’s QA didn’t test to see if the feature actually worked properly before it was released. The review (from start to finish) needed to include non-technical people to review the implications and potential perception from users and the general public. It does not appear that this was done.
It doesn’t take a genius to realize that this type of thing could be misunderstood and misinterpreted by a lay person. This isn’t changing the look-and-feel of an on-screen control. This is data that, while on the surface looks anonymous and innocuous, is perceived by people as important and sensitive. Given Apple’s place in the world right now, you can expect an overreaction from people. You can expect uninformed opinion and guesses as to what the data means, what it can be used for, and how it is used, both to attack and defend Apple. In the absence of information, people will either guess or make stuff up to fill in the gaps, using their imagination if required to make a complete story. I will admit that I was guilty of that. The fact that other devices, like their car, have been tracking and storing data that is, in some cases, more sensitive and potentially incriminating, won’t enter into the equation. Apple and the iPhone, for better or worse, enjoys a highly visible and very influential role in mobile computing, and there are people will use events like this to further their own agendas and for self-promotion.
The fact that Google, RIM, Microsoft and HP have been largely silent on this issue is somewhat telling. One conclusion, based on their silence, is that they are also doing something similar, and don’t want to admit it. RIM, Microsoft and HP (via the Palm acquisition) may have been doing this for quite some time now. This issue may not be as new as it appears. Who knows, though. Without information from them, we don’t know for sure. I suspect they won’t be saying anything unless someone digs around on their devices or they have to appear in front of some kind of government inquiry. Speaking up, if they are doing it, may be in their best interests, since then they could appear apologetic and contrite, rather than having to look like they are “hiding something” when questioned later. They also shouldn’t assume that their silence means that people assume they aren’t capturing this data. See above: people will make stuff up to fill in the gaps.
If what Apple says is true, and that the data stored is, in essence, publicly available data, some of which is cached in the phone, then this really shouldn’t be viewed as a big deal. It is disturbing, and a bit upsetting, that a bug like this made it through. It isn’t enough for me to consider dumping my iPhone and iPad in outrage, but it is cause for concern about Apple’s dedication to quality. Again, this isn’t a trivial feature in terms of perception, this is a Big Deal in many people’s minds, and should have been treated with more care and attention accordingly.