Congress to investigate hidden file in phones that track user’s whereabouts, personal info
Congress will launch an investigation, to determine whether a recently-discovered hidden application in some models of Apple iPhones, iPads and Androids that track a user’s movements and private information over the past year, is a violation of Americans’ privacy.
Sen. Al Franken (D-Minn), chairman of the Senate Judiciary Committee on Privacy, Technology and the Law scheduled a hearing on May 10 called Protecting Mobile Privacy: Your Smartphones, Tablets, Cell Phones and Your Privacy, according to Bank Info Security.
The application was discovered by researchers Alasdair Allan and Pete Warden, who identified the unencrypted file as “consolidated.db.” It records where the owner had been, on what date and at what time, along with other vital personal information, without the knowledge of the owner of the device, GMA News said.
In a blog post, Allen and Warden noted, “What makes this issue worse is that the file is unencrypted and unprotected, and it’s on any machine you’ve synced with your iOS device. It can also be easily accessed on the device itself if it falls into the wrong hands. Anybody with access to this file knows where you’ve been over the last year, since iOS 4 was released,” GMA News reported.
Allan and Warden told the Telegraph, “At first we weren’t sure how much data was there, but after we dug further and visualized the extracted data, it became clear that there was a scary amount of detail on our movements.” Warden formerly worked at Apple for five years in an unrelated department, and left on good terms, GMA News said.
The two men put up a website to detail these findings. It also enables people with these products to test the tracking system and to visualize it on a web-based mapping system on the website, the Telegraph said.
It is not uncommon for network operators to store records of the movements of users, which can be legally accessed by intelligence agencies and the police, the Telegraph said. However, this information is usually kept behind a firewall and a court order is needed to access the information, GMA News said.
In this case however the data is not password or encryption protected. This makes the information of the user accessible by anybody who gains possession of either the user’s phone and to any computer that it is linked to, the Telegraph reported.
Franken inquired about Apple’s iOS 4 and its function in secretly tracking down the location and information of a user on iPhones and 3G iPads, and any computer that is synchronized with the device, Bank Info Security reported.
In a statement, Rep. Jay Inslee (D-Wash) said, “I’m deeply disturbed by this report. I have been concerned that current law fails to ensure consumers are protected from privacy violations. Consumers are often left to learn of these breaches of privacy from hackers and security experts because companies fail to disclose what data they are collecting and for what purpose,” Fierce Mobile Content reported.
Franken, in his letter to Jobs wrote, “There are numerous ways in which this information could be abused by criminals and bad actors. Furthermore, there is no indication that this file is any different for underage iPhone or iPad users, meaning that the millions of children and teenagers who use iPhone or iPad devices also risk having their location collected and compromised.”
Dr. Ian Brown, senior research fellow of Oxford Internet Institute told The Telegraph, “I certainly think it’s something they should have brought much more to the attention of the user, and that it should only be switched on after an explicit user decision.”
Daniel Hamilton, director of Big Brother Watch told the Telegraph, “iPhone users will rightly be concerned that their movements are being covertly monitored in this way. Apple has a duty to immediately provide their customers with details about how to disable this invasive software.”
Apple has sold some 15 million iPads and over 100 million iPhones. Its iOS apps can be synchronized with any Windows or Mac computer that runs its iTunes software, GMA News reported.