The iPhone is tracking you. So what!

So, there’s a lot of buzz about the iPhone constantly monitoring our location. How much data is being collected? Where’s it going? Should I put on my tinfoil hat now?

Short answer, no. Don’t freak out. There is an alarming amount of data about your movements being collected, but as far as I can tell, it’s not going anywhere, and it’s not terribly accurate either. If you’re still incredibly worried and super paranoid, then do what you should have been doing all along, and check the “Encrypt iPhone backups” box in iTunes, and all will be well with thee. But, if you’re curious for more specifics about the data, read on!

The database file that your phone (or iPod, or iPad, for that matter) stores this information in is unencrypted and uses an open-source standard database to keep everything organized. With a little extraction from the depths of the scrambled folder names, you can open it in any SQLite enabled database editor.

There are two tables I’ve been digging through, the WifiLocation table and the CellLocation table. The CellLocation table for my phone weighs in at about 5,200 records, puny in comparison to the WifiLocation table, on my phone holding a massive 151,500 records. It seems that iOS routinely dumps these into the database in groups, with some 1,600 records dumped at once, but other timestamps being only .02 seconds apart. Each record contains a timestamp, the number of seconds since Jan 1, 2001, some information about the cell tower or Wi-Fi hotspot being used, an accuracy and confidence rating, and of course, latitude, longitude and altitude.

But what’s this data being USED for? Steve Jobs says that it’s not. I would tend to agree with him. But that still begs the question, why’s it there? If it is being used, I would guess it has something to do with Wi-Fi and cell radio based Location Services. If any of you have used an older iPod Touch or even a Wi-Fi iPad, the location capabilities on Wi-Fi alone are scary accurate. The MAC address of the access point is stored in the database, just like the MCC and MNC for the cell networks, meaning that it can tie the location to the physical router or tower it’s connected to, even if the network name changes.

Now that’s all fine and dandy, but how do we know the data isn’t going anywhere? Well, we don’t. There’s no evidence that the information in this database ever leaves your phone other than for this backup we’ve pulled it out of, but there’s no way to be sure. Experiments also show that disabling Location Services on your device doesn’t stop this log from being updated. Sure, it would be easy enough for law enforcement to confiscate your computer and trace your every step. Finding out about all those times you went to that spa up the street for some “me time,” (we won’t tell) would be cake, but truthfully, someone could also modify the database and place you somewhere you weren’t, and there wouldn’t be any way of knowing. Plus, the location is nothing more than a best guess. iPhone’s battery life would suffer greatly if it was constantly powering up the GPS radio.

For me, what it all boils down to is sheer paranoia. I’m not terribly concerned that my iPhone may be recording my commute to work, even if it does prove to my boss that it wasn’t traffic that made me late. Bottom line is, carrying a device with that many sensors and radios means there’s going to be some way to track you — that’s kind of the point. If you’re the tinfoil hat type, I’m not sure why you’d have an iPhone, or any cell phone for that matter. I mean, come on. Everyone knows phones are traceable, you just have to stay on the line for 60 seconds. Haven’t you ever seen The Bourne Identity?

I'm a full-time web developer, part-time hacker and a closet Apple Fanboy. I switched from Windows about 5 years ago, and I only look back when distant relatives need tech support. If I don't have an Apple product on my person, you can safely assume the world will shortly come to an end.