iPhone and Android phone home

Over the past days there was some consternation over the fact that first iPhone and then Google’s Android actually locate the whereabouts of the cell phone’s owner and store this data. This lead to some discussion on and off-line.

Some points of view
Without referring to specific articles or blogs I can summarize that there was outrage because of the fact that most people did not know about this handling of data. This surprises me somewhat as a lot of the cool apps people use only work if it is known where the app user actually is.

From a law enforcement agency point of view it was brought forward that it doesn’t matter where the LEA gets the information on location from, the cell phone company, the app owner or the cell phone manufacturer. I say it does and for these reasons.

EU privacy law and location data storage
From an EU privacy point of view the case could be very different, as the storing and handling of data are restricted by legislation. I will not claim to being a privacy expert, but collecting privacy sensitive data beyond the original reason, i.e. knowing where to refer a mobile call to, without explicit consent of the consumer could be in violation of the law. It’s said that Android is sending this sort of data to Google for commercial use, so without consent this is clearly a violation.

What also appears to be different, is that it is not only the closest mast that locates the costumer, it is pin pointing his exact position between several masts. This has nothing to do with the original intent of locating a customer for a call. A clear invasion of privacy, I’d say.

In the original intent of use, the phone company can give an LEA an approximate presence, in a circle around a single mast. Through Android or iPhone it may be a fixed position. This is a major difference. So if this data is illegally obtained, e.g. is Apple or Google allowed to store this location data?, can it ever stand up in court when used?

Apple is not tracking end users
Here’s a link to an article by Alex Levinson claiming that his research shows that:

a. this is not a new discovery;
b. Apple does not track the location:
c. the tracking is only for making the phone and apps perform (better).

If this is true, then it leaves Android and Google.

Update on 27 April: Apple press release

A press release from Apple explains what this is all about. Apple states: ‘there is no individual storing of location data at Apple, this data is only sent to Apple anonymously and that there have been some bugs discovered that will be amended in the coming weeks’. Let’s assume that the fracas was useful in a way, as the bugs are dealt with soon.

What about law enforcement?
So, we are left with the claim of law enforcement that they have been using triangulated location data for some time. Where did this data come from then if not at Apple?

Wout de Natris, De Natris Consult

Leiderdorp, 27 April 2011


About Wout de Natris

As a consultant I specialise in establishing new and different relationships between industry, governments and law enforcement where internet safety and the fight against cyber crime are concerned. This makes me a bridge builder. Hence the blogs name. In this blog I intend to stress the need for interaction, cooperation and exchange of information in order to change the mentioned relationships. On offer: a comprehensive training on all non-technical aspects of spam enforcement and a cyber awareness presentation for companies and institutions
This entry was posted in Cyber arrests, Cyber ethics, Mobile, News flash, Privacy and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s