The statement is in a question-answer format that frames the questions with a characteristic Apple viewpoint. Apple flatly denies that it is either tracking or logging users' locations, though the statement doesn't explain the difference, if there is one, between those two terms.
Instead, Apple is simply "maintaining a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than 100 miles away from your iPhone, to help your iPhone rapidly and accurately calculate its location when requested."
Nevertheless, Apple promises two free software updates to iOS to address specific issues. In the "next few weeks," an update will:
* reduce the size of the crowd-sourced Wi-Fi hotspot and cell tower database cached on the iPhone
* stop backing up this cache
* delete this cache entirely when Location Services is turned off (currently, when users shut off the phone, it sometimes keeps updating the Wi-Fi and cell tower data, an activity that Apple says is caused by a software bug)
Secondly, the next major iOS software release will encrypt the iPhone's cache of Wi-Fi hotspots and cell tower locations. Today, Apple says this cache, a subset of the entire location database, is "protected by not encrypted" on the phone. The backup, via iTunes, on a Mac or PC can be encrypted if the user selects the option for encrypted backups.
The Apple document is available online in full.
The statement begins with the question "Why is Apple tracking the location of my iPhone?" The answer repeats Apple's consistent position that the company "is not tracking the location of your iPhone. Apple has never done so and has no plans to ever do so." (A point Apple CEO Steve Jobs reportedly made as well in an email exchange with a customer earlier this week.)
The second question is: "Then why is everyone so concerned about this?"
Apple's answer is that "users are confused, partly because the creators of this new technology (including Apple) have not provided enough education about these issues to date."
"Providing mobile users with fast and accurate location information while preserving their security and privacy has raised some very complex technical issues which are hard to communicate in a soundbite."
The company "is not logging your location," according to the statement. Instead, the iPhone is maintaining a Wi-Fi hotspot/cell tower location database. The reason for doing so is to let the phone calculate your location faster with this additional data, than it can do by relying on GPS satellite data alone. (A recently published Apple patent application seems to describe the underlying technology.)
GPS positioning can take up to several minutes, but with the Wi-Fi hotspot and cell tower data this can be reduced to a "few seconds," according to Apple.
"These calculations are performed live on the iPhone using a crowd-sourced database of Wi-Fi hotspot and cell tower data that is generated by tens of millions of iPhones sending the geo-tagged locations of nearby Wi-Fi hotspots and cell towers in an anonymous and encrypted form to Apple."
This database is far too big to be stored entirely on the iPhone, so Apple downloads to your specific phone just a subset of relevant location. "This cache is protected but not encrypted, and is backed up in iTunes whenever you back up your iPhone. The backup is encrypted or not, depending on the user settings in iTunes."
The maps of "iPhone locations" that have been created by various researchers are misleading, according to Apple. What the maps actually show is not the positions of the iPhone, but the positions of the Wi-Fi radios and cell towers surrounding it.
These geo-tagged hotspots and towers can not be used to locate an iPhone, because "this data is sent to Apple in an anonymous and encrypted form. Apple cannot identify the source of this data."
Apple acknowledges that some people looking into the location data issue have found that up to a year's worth of data is being stored on the iPhone. "The reason the iPhone stores so much data is a bug we uncovered and plan to fix shortly (see Software Update section below)," according to the document. "We don't think the iPhone needs to store more than seven days of this data."
The statement reveals that Apple is currently collecting "anonymous traffic data" to build a second "crowd-sourced database" that will be used to create "an improved traffic service in the next couple of years" for iPhone users.
Finally, Apple reiterated how it uses iPhone-collected data with regard to third parties: anonymous crash logs, from users who have granted approval for this, go to third-party developers for debugging apps; Apple's iAds system can use location data to target advertisements; location data is only provided to a third party or ad when the user explicitly approves "giving the current location to the current ad."
Finally, in response to the question "Does Apple believe that personal information security and privacy are important?" the company gives the unsurprising answer, "Yes, we strongly do."
John Cox covers wireless networking and mobile computing for Network World.
Blog RSS feed: http://www.networkworld.com/community/blog/2989/feed
Read more about anti-malware in Network World's Anti-malware section.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.