Last week Apple responded to many of the questions and queries that have deluged them after a couple of researchers for O’Reilly Media “discovered” a file called “consolidated.db” on iOS devices. Since, I posted my thoughts on this issue, I thought that I should post a follow up regarding Apple’s comments on the issue. Because I am going to be commenting only on snippets of the interview, here is a link to the full transcript of the Mobilized interview.
Jobs: I think we do two things. Number one is we get consent from users if we are going to use location, or we never use location. That’s what we do. It’s very straightforward.
This is something that I noted. Apple was the first company in the industry to require user consent for location data. Additionally, iOS allows for the most granular approach with regard to location data. Even if a user allows location information to be leveraged for one app (even Apple’s own services), users can restrict location access to any other app.
Jobs commented on this as well:
Jobs: We think so, and that’s why we were the first to institute a procedure that cannot be worked around by applications where if any application wants access to location data, it has to ask the user first. It has to get the user’s permission on a per-application basis.
There were two parts of the interview that I found most interesting:
- Why this type of information is gathered in the first place.
- Why so much information was held on the iPhone itself.
Before I get to those points, I have to comment that because of this issue it was fascinating to learn more about how GPS really works. If you have not had that opportunity, take a couple of minutes to read Glenn Fleishman’s great non-technical primer on GPS and AGPS (assistedGPS). Even having used GPS for a number of years, to learn the long satellite acquisition times leveraging current equipment (up to about 12 minutes typically) was an eye opener. In a way, one can view the consolidated.db file as another elegant solution that Apple created to address a problem.
So, what is gathered?
From the “report”, the information as outlined provides the appearance that the iPhone is tracking every move an individual makes. However, the reality of the matter is that the phone is just reaching out and noting all wifi hotspots and cell towers as it goes merrily along. (simply have someone drive you around and see how many wifi hotspots popup on your phone… stunning)
We build a crowdsourced database of Wi-Fi and cell tower hot spots, but those can be over 100 miles away from where you are. Those are not telling you anything abut your location. That’s what people saw on the phone and mistook it for location.
These locations are then stripped of identifying information and eventually crowd-sourced for everyone’s benefit to from the locations. For those who didn’t take a minute to read the GPS Primer I noted above, the reason phones like the iPhone, Android-based phones, Windows 7 Phones, and others NEED this information is to speed the time of acquisition for getting a GPS lock on satellites for any of the apps (including GPS) that rely on location for one reason or another… Without this information, it could take up to 12 minutes or more to get a GPS lock. However, with this information the iPhone calculates its location and approximates the locations of the satellites to be able to find them and grab a fix all within 15-45 seconds… Too nice really.
Why was so much information held on the iPhone?
While Apple stated this was a “bug”, however in the interview, Scott Forstall, Apple SVP related this:
What we do is we cache a subset of that. We picked a size, around 2MB, which is less than half a song. It turns out it was fairly large and could hold items for a long time.
So, overall it was not a bug, but a choice of setting a specific size for the database as opposed to a timeframe. It is funny though… about 25 years ago my father got our first “hardcard” harddrive. It was 20MB. I remember thinking that it was the only storage that we would ever need… we could never possibly fill that much space up… Today, 2MB (10% of that colossal “hardcard“) seems to be so small that we assume very little data can actually fit in there.
Asides: I also, liked the small “dig” at the jailbreak community Forstall made:
We had that protected on the system. It had root protection and was sandboxed from any other application. But if someone hacks their phone and jailbreaks it, they can get to this and misunderstand the point of that.
In other words: So, stop screwing with our devices and software and this would never have been an issue…
Finally, here is the overall scoop on this issue. even thought there is data in the consolidated.db file on the iPhones, it really needs to be there for them to actually function the way we all like them to (almost thinking for us). The data is not just from YOUR specific phone, but tens of thousands of iPhones pulling information and sourcing it to a big group.
It’s all anonymous and cannot be traced back to any individual phone or person. But we need to be even more careful about what files are on the phone, even if they are protected.
However, Apple understands that privacy is key for everyone even if we very often choose to give it away on Foursquare, twitter, Facebook, etc.. On Wednesday May 4, 2011, Apple released an update 4.3.3 that in some ways takes care of the glaring aspects to this issue:
- Reduces the size of the cache
- No longer backs the cache up to iTunes
- Deletes the cache entirely when Location Services is turned off