May 8, 2011 Privacy is Golden

iPhone Tracks User

Curses, foiled again.  

Once again, this is not the column I had planned to write for today due to fast-breaking current events that raise more timely and thus interesting issues. Before I am castigated by AARP and a cohort of irate senior citizens (of whom I consider myself one),  let me hasten to add that I don’t think that newer is necessarily better than older, except  with regard to news, newer news is better --- hence the terminology, “news”. Also, before I begin, I would like to thank my former student, Kevin St. Germain for sending an email reminding me that this was an important Privacy issue worth discussing here.

I am referring to the latest Apple controversy which began  to appear in online forums about April 10 and exploded into mainstream media on or about April 21 ---  a “scandal” to some, a “brouhaha” to others. The issue can be succinctly summed up by David Pogue’s headline in New York Times column as, “Your iPhone Is Tracking You. So What?” (http://pogue.blogs.nytimes.com/?nl=technology&emc=ctb1). Pogue cleverly states the issue and his solution in seven words. The details take a bit longer: If you own a device that uses iOS which is the operating system in the iPhone and iPads (with a cellular option) then, when the device is on and even when your settings indicate otherwise, your latitude and longitude location is being recorded via the closest wi-fi hot spots and cell phone towers as you travel about. The argument by those who did not agree with Pogue’s interpretation was that Apple was storing your locations unencrypted, and copying them, unencrypted, to your computer and to iTunes (an Apple  internet store and content manager for iOS devices), without your explicit permission and, to top it all off,  not saying what they were doing (or going to do) with that information.

Some business publications have a strong theory about what they are going to do. They say that both Apple and Google use their smartphones to transmit their locations back their servers as part of their competition to gain control of the projected 8 billion dollar market by 2014 in location-based services (see: http://keepamericafree.com/?p=395)

 such as targeted advertising, vehicle tracking and even dating (see Wikipedia for a full range of examples that includes health, entertainment, work and personal life applications).

After about a week of nonresponse (some might say stonewalling), Apple conceeded that mistakes were made but there was no nefarious intent to infringe on users’ privacy. Further, they pledged to insure the anonymity of the location data by encrypting it on the user’s computers and cell phones, limiting its storage to one week rather than one year, and fixing the bug in the Locations Settings so that location transmission can be turned off.  In a final effort to soothe users Apple issued the statement,  “Users are confused, partly because creators of this new technology (including Apple) have not provided enough education about these issues to date.’’ Way to go Apple, this method of blaming the victims and insulting their intelligence has been used by generations of ineffectual teachers. Even if Apple fulfills its promises, police departments can use software that neatly dumps the contents of your cellphone memory for future investigation (see: http://www.theregister.co.uk/2011/04/21/police_cellphone_searches/) --- so not only don’t drink and drive, don’t carry your cell with you…

In any case, Pogue argues that the location data is too crude to actually place you with any accuracy and further opines, “ Now, I’ve been in this job long enough to know that there’s a privacy-paranoia gene. Some people have it, some don’t. I don’t. I have nothing to hide. Who cares if anyone knows where I’ve been? “

This is a common argument against privacy rights: if you haven’t been breaking the law or doing anything bad, then what have you to fear? A (possibly paranoid) privacy advocate might respond, “that’s not the issue --- privacy is the right to be left alone and being watched changes one’s behavior (try entering “pantopticon” into your favorite search engine). Furthermore, you are confusing privacy with secrecy: it’s no secret what I do when I go to the bathroom but I still would like my privacy while I’m doing it.” How would You like to have your iPhone act as a survelliance device while en toilette? It’s an interesting ethical question and lots (and lots) more counterarguments to Pogue’s opinion can be found by the Google search engine if you just type, “if you’ve done nothing wrong”.

But the core problem may not be an ethical one --- it is simply a bad business policy. In the Terms and Conditions of Apple’s end user agreement is the seemingly innocuos fragment, “… we may share geographic location with application providers when you opt in to their location services."

Just what is meant by the term, “opt in”?  Privacy advocates prefer an opt-in policy because it requires the organization (e.g. Apple) to ask your permission up front to use any data you provide to it. Use includes sharing your data with other organizations. The organizations themselves prefer an “opt out” policy (Apple’s current policy) which means that it is your responsibility to explicity forbid the organization from using or sharing your data (e.g. your location file on the iPhone). In other words, under an opt in policy, doing nothing automatically opts you out while doing nothing under an opt out policy automatically opts you in. Which would you prefer?

Perhaps if Apple had adopted the opt in policy in its own User Agreement, this problem would never have arisen. 

Followup Links:

http://pogue.blogs.nytimes.com/2011/04/28/wrapping-up-the-apple-location-brouhaha/

http://www.guardian.co.uk/technology/2011/apr/20/iphone-tracking-prompts-privacy-fears)

http://www.pcpro.co.uk/news/security/367048/apple-snooping-plot-thickens-iphone-tracker-was-patented

http://www.nytimes.com/2011/04/28/technology/28apple.html?ref=miguelhelft

http://www.theregister.co.uk/2011/04/21/police_cellphone_searches/   (more links at this site)

Some last minute thoughts:

Is society moving towards a scenario I read over 20 years ago whereby all citizens would be required by law to wear video-camera helmets at all times?

The idea was that this would prevent most all crime because everyone would be filming everyone else all of the time and the data would be streaming into a collosally gigantic database. Not only would everyone know where everyone else was located but they could also see what they were doing while they were there!  Thus if a crime were committed  the evidence would be accessible in this database and criminal(s) could be quickly apprehended and isolated form the rest of society. Further, if anyone removes their helmet, a warning signal is also sent to the database/law enforcement administrators so that person immediatley becomes a criminal subject to arrest or death. Whether the author was satirical or serious I don’t know as I’ve lost the refrerence to the article but here is a good example where societal security completely trumps personal freeedom and makes a complete mockery of the very concept of privacy.

We may be approaching that society with the advent of the look-see (spelled looxcie) which looks like a bluetooth device hanging on your ear. http://technabob.com/blog/2010/09/15/looxcie-wearable-ca  In this case, the device is not mandated by the government but,according to their ad copy is targeted toward, “voyeurs and narcissists” so here the outcome is reversed; ie this is a complete trumping of personal freedom over other people’s privacy.