Wednesday, April 20, 2011

iOS4 tracking location data

As reported here, it turns out iOS4 is tracking and storing user location data. This data is on your phone and is backed up to machines with which you sync your iOS devices. While it doesn't appear that the data is ever accessed by Apple or 3rd parties, this raises significant privacy concerns. Plenty of people are commenting on that, so I won't belabor the point here.

Instead, I'll focus on a counterpoint.

When customers use Oracle Adaptive Access Manager to perform risk/anomaly detection and fraud prevention, often they incorporate IP/Geolocation data to help identify anomalous behavior (why are you performing a transaction from Ouagadougou when normally you log in from San Francisco?) or obvious breaches to the laws of physics (10 minutes ago you and your device were in San Francisco, now you and your device appear to be in Tenerife).

Most IP/Geolocation data is very specific to laptop/desktop types of devices. As more services are accessed using smartphones and tablets (or other non-user devices for that matter) data that helps security infrastructure understand where a user is currently - like, I don't know, say by triangulating that user's device location from nearby cell towers - could prove significantly useful in preventing fraud and therefore protecting people from criminals.

Protecting people from criminals is a good thing, right?

Apple hasn't said why they are collecting the data or how they intend/expect it to be used. That's a smart bunch of people over there, so perhaps they've already thought through the use cases above and that's why the data is there.

Or, this could also turn out to be a serious Big Brother move. What's all that I've been seeing this week about Skynet coming online and destroying humanity?

I'm gonna go download an app to find out where I've been.

No comments: