04.21.11

Steve Jobs, Come Clean!

Sen. Al Franken wants to know why Apple's iPhone has been spying on users with its location-tracking software. So far, Apple and its CEO have nothing to say, Dan Lyons reports.

U.S. Sen. Al Franken is seeking answers from Apple after a pair of researchers this week discovered that Apple’s iPhone and iPad 3G have been keeping track of everywhere their owners go.

“Obviously there are things about location tracking that can be useful,” Franken said in an interview with The Daily Beast. “It can be very useful for Apple to share this data with people who want to advertise. There’s a business model around that. But this situation seems out of balance.”

Franken has written a letter to Apple CEO Steve Jobs seeking an explanation for behavior that the Democratic senator says “raises serious privacy concerns.” (A copy of his letter is here.)

But so far, Franken says, he hasn’t heard back from Jobs or anyone else at Apple. Indeed, though the story has been capturing headlines, Apple so far has not said anything. My own email and phone call to Apple PR have gone unreturned.

The problem, in Franken’s view, is that tucked away inside the iPhone is a little database that keeps track of everywhere you go. The phone knows where you are based on which cell towers you’re using. As Franken points out in his letter to Jobs, it’s conceivable that someone could create a virus that would pull this data from people’s devices. Worse, the data isn’t even encrypted. It’s just sitting there, waiting to be read.

“There’s a certain amount of privacy that you might be willing to give up, but you should know that you are giving it up.”

What this means is that anyone who gains access to your device, or who can get at the computer that you use to sync your iPhone or iPad, can figure out where you’ve been.

“You might have a domestic violence situation where someone who’s having problems with a partner, and that partner has access to your laptop, well, this is not good,” Franken says. “Also, 13 percent of users of iPads and iPhones are kids. Someone malicious could get this information, and again, this is not good.”

Thursday night, The Wall Street Journal reported that Google's Android phones also collect location data. Both Apple and Google receive regular transmissions from phones telling the companies where the phones are located, the Journal reported.

Franken, who was recently named chairman of a new Senate subcommittee on Privacy, Technology and the Law, says, “There’s a chance I might do a hearing on this. I’ve been looking at issues around mobile phones and privacy, and this seems to come under that.”

What seems to have people most freaked out is that Apple has been gathering data surreptitiously, without asking permission or even letting people know about it. Franken says users should have the chance to “opt in” to having the data remain unencrypted.

It may be that Apple is collecting location data in order to send targeted advertising to users. That may be fine, but “there are balances that need to be struck,” Franken says, and what Apple is doing “seems way out of balance.”

On the one hand, advertising revenue lets tech companies provide free services over the Internet. But on the other hand, users need control over how their data is used.

“There’s a certain amount of privacy that you might be willing to give up, but you should know that you are giving it up,” Franken says.

In his letter to Jobs, Franken asks a number of questions, including whether Apple also collects location data from laptops, how frequently the data is captured, and with whom Apple has shared the information.

Piling on with Franken, U.S. Rep. Ed Markey also has penned a letter to Jobs seeking an explanation for the location-tracking software.

Though Apple has not made any official comments, the company on Thursday seemed to be floating a trial balloon by leaking information to a blogger known to be friendly to the company. John Gruber, whose blog is called Daring Fireball, wrote that his “little-birdie-informed understanding” of the situation is that the location data is being stored “either due to a bug, or, more likely, an oversight.” Gruber also wrote, “I’d wager this gets fixed in the next iOS update.”

It’s hard to believe that this could all be just a bug, or a mistake, especially since other researchers have come forward this week saying they’ve known about Apple’s location-tracking software since last year. If they’ve known about it, then surely Apple has too.

One researcher, Alex Levinson, says he discovered Apple’s location-tracking database last year and even published an academic paper about it. He says he has worked with law enforcement agencies to “harvest” data from Apple devices.

I asked Franken whether he believes the location-tracking practice might be the result of a software bug. “I think Apple would be in a position to answer that,” he says.

Thing is, Apple tends to be a pretty secretive, closed-off place, and its natural instinct in situations like this is to stonewall and spin. That’s usually enough to satisfy Apple fans, who tend to believe that Apple can do no wrong.

Franken and his colleagues in Congress, however, will be a tougher crowd to please.

Editor's note: An earlier version of this story incorrectly stated that Sen. Franken supports users being able to "opt in" and allow their location data to be collected.

Dan Lyons is technology editor at Newsweek and the creator of Fake Steve Jobs, the persona behind the notorious tech blog, The Secret Diary of Steve Jobs. Before joining Newsweek, Lyons spent 10 years at Forbes.