Fully 50 percent of nearly 8,000 respondents in an informal April 27 Wall Street Journal poll said they were “very concerned” about the iPhone’s tracking and storing of users’ location. The Nielsen Company came to a similar conclusion in research released this month. (Fifty-two percent of men and 56 percent of women were concerned about privacy on their smartphone).
Nevertheless, as concerned as people may be, most have essentially agreed to being tracked, regardless of how small the print might be.
Subheading (b), in section 4 of the iPhone’s User License Agreement (ULA) clearly states: “Apple and its partners and licensees may transmit, collect, maintain, process and use your location data, including the real-time geographic location of your iPhone, and location search queries.
Granted, Apple goes on to specify that this information is anonymous. “The location data and queries collected by Apple are collected in a form that does not personally identify you and may be used by Apple and its partners and licensees to provide and improve location-based products and services.”
But perhaps it doesn’t get any clearer than the statement which mandates that “by using any location-based services on your iPhone, you agree and consent to Apple’s and its partners’ and licensees’ transmission, collection, maintenance, processing and use of your location data and queries to provide and improve such products and services.”
Where things get a littler murky, especially when it comes to this most recent wave of outrage leveled at Apple, is that in that same ULA, Apple assures its users that they “may withdraw this consent at any time by going to the Location Services setting on your iPhone and either turning off the global Location Services setting or turning off the individual location settings of each location-aware application on your iPhone.”
Apparently that’s where Apple’s “software glitch” comes into play, as those who have tested deactivating those location services settings say it didn’t make any difference; the phone continued to collect their location. Apple says it is fixing the problem, but with regulators rushing to convene hearings on the matter, asking for comment from all four major carriers, as well as Google, this will not be an open and closed case.
The Scapegoat
Almost every OEM, not just Apple, has some form of disclosure clause in their ULA. Take a look at this website, which outlines the disclosure and privacy policies of almost every major OEM.
Roger Entner, founder of Recon Analytics, says Apple is probably the least of people’s worries when it comes to issues of privacy. “Apple really is the whipping boy here, and to some extent I think that’s probably unfair. The core of Apple’s business model is to sell devices and applications,” he says, adding that on the other hand, a company like Google, whose job it is to sell advertising – “they’re relying on location-based information for that.”
To be sure, the use and sale of information by any corporate entity is of concern, but Entner says there are altruistic ways location information can be used. He cites mapping tools, such as Google Traffic, that show congestion by pinging Android-based devices. But he includes a caveat.
“If you collect it in an anonymous way, it’s not really a big thing. It’s actually beneficial,” Entner says.
But part of the question is whether location information is always collected anonymously. Entner says he’s skeptical, suggesting that any regulatory efforts aimed at privacy need to demand anonymity, while also giving consumers the right to know who controls their information and how it’s being used.
“The very big issue here is that people are starting to realize that they’re engaging in a Faustian bargain with free applications,” Enter says, pointing to the darker side data collection. “The companies that are providing you with a free service are selling your privacy, and location is just the tip of the iceberg.”
Enter says that any legislation that becomes law needs to honor the subtleties of the problem. “This is not just about saying no. This is about allowing consumers the choice about what companies can collect about them in a lawful way and to then be able find out what others know about them,” he says.
Whether everything can be solved by law is a big question mark. Entner suggests consumers adopt a more skeptical stance when it comes to providing their information. He’s not a doomsayer but has a stake in how the discourse on privacy proceeds.
“The Internet has adopted a very cavalier attitude about privacy, and people have gone down this road hook, line and sinker because these services are free. Nothing is free,” Entner contends. “When you look at the complexity of the information out there… these companies know more about you than you know about yourself. The potential is there to make ‘1984’ look like child’s play.”
Sound Familiar?
Ross Rubin, executive director of industry analysis at NPD Group, says the recent flap regarding privacy on the mobile is an extension of what we’ve been seeing on the Web for over a decade.
“The reason it gets higher profile in the mobile space is because you’re talking about a device that is even more personal and it’s tracking your conversations, your circle of friends, associates and your location,” Rubin says, noting that the kinds of information stored on our smartphones presents not just a privacy risk but in many instances a safety risk.
As of this writing, Apple has admitted to nothing more than a software flaw, saying that no location information is transmitted back to the Apple. The company explained that any information that has been gathered was done so for the development of a traffic app similar to Google Traffic. Apple conceded that there’s room for improvement when it comes to how terms of service are communicated to the consumer.
Rubin says communication of thorny privacy issues could be better communicated through the use of tools, such as on-device videos. But he says that given the explosion, and acceptance by many, of location-aware applications, the key for the industry is striking a balance between what a consumer is giving up and what they’re benefiting from any given service.
“Different consumers have different tolerances when it comes to [releasing their information],” Rubin says, adding that when it comes to regulation, it’s more likely that the “thrust of consumer protection efforts will be focused on disclosures, as opposed to putting any hard lines around what companies can and can’t ask for.”
Different Strokes
A good example of how complicated things can get in the pursuit of that balance can be found in the extent to which user preference and tolerance can vary when it comes to disclosing personal information. Look at the difference between how people share information on LinkedIn versus what users reveal on Facebook.
Kiran Modak, co-founder of Unsocial, a recently launched mobile startup that allows business people to locate relevant contacts on their smartphones at events, says that business demands that people engage face to face, not just in cyberspace. He says that business people have to reveal a lot of information to as many people as possible, whereas social networks employ a more selective management of disclosure.
Modak tells the story of a friend who has more than 800 people in his Facebook community. “I asked him why he doesn’t post on his Facebook anymore, and he said because he doesn’t feel comfortable sharing with all those people anymore. It had gotten too big,” Modak says.
Conversely, he relates an occasion when a producer from Fox Studios used the Unsocial app at a development conference. “He needed a couple of iOS developers to interview, so he put that up as his status,” Modak says. “Later that day, I ran into him, and he had four iOS developers to interview.”
“It’s different with something like Unsocial. The more people I have in my group, the more people I’m going to have aware of my business,” Modak says.
The Endless Debate
All four major U.S. carriers (AT&T, Sprint, T-Mobile USA, Verizon Wireless) responded to an inquiry from Congress on how they collect and use location data. Each company, in their own words, said that they will not track a user’s location without first getting consent. They also admitted that they have no control over how an application or device collects the same information.
“Personal data should be made unreadable to those without a legitimate need to access it to the greatest extent possible, and the data should not be retained longer than absolutely necessary,” wrote Rep. Ed Markey (Mass. –D), in calling for greater smartphone user privacy.
It is ironic, as well as a sign of the nuances of the privacy versus technology debate, that Research In Motion (RIM) has had to defend the extent to which it encrypts emails on BlackBerry devices. Is there such a thing as too much privacy?
This week (May 1-7) is National Privacy Week, an initiative launched by the American Library Association to promote discussion about their privacy rights in the digital age. As the debate rages on (you can be sure it will), it might behoove everyone to take a moment to look at how they’re sharing their information online and on their mobiles.
Filed Under: Industry regulations + certifications