Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Intelligent Machines

Apple and Google Defend Their Handling of Data

Congressional testimony centers around what “location” really means, and who’s responsible for how apps behave.

Apple and Google are scrambling to regain trust after revelations about the way smart phones and tablets handle users’ location data. In a U.S. Senate subcommittee hearing held today, representatives from Apple and Google stressed that their companies had streamlined and clarified their handling of location-based data. But a key unanswered question is how they’ll let third-party app providers share that information.

Where I’m calling from: Apple and Google have been under scrutiny recently for their handling of smart phone users’ location data—the map above came from data stored on one Technology Review editor’s iPhone.

The problem is that users enjoy location-based services, but most don’t understand what happens to the data they share in exchange for using those services. Senators wondered if location data was being stored securely enough to protect users. They pointed to the lack of privacy policies for many mobile apps, and noted that even when users are aware of what happens to their data, they may find it difficult to control.

For example, until Apple’s update to iOS last week, someone who opted out of location services wasn’t actually turning off all of his device’s location-based sharing. Apple said the problem was due to a bug that has since been corrected.

Guy “Bud” Tribble, vice president of software technology for Apple, testified that “Apple does not track customers’ locations. Apple has never done so and has no plans to do so.”

Tribble said that the location information found on phones represented a portion of a crowd-sourced database that Apple maintains in order to process location information more rapidly than is possible through GPS alone. The company stores the locations of cell towers and Wi-Fi hot spots collected from millions of devices. User devices note which towers and hot spots they can connect to, and use that to quickly deduce location. He said that the information stored on iPhones was never a user’s location.

But Ashkan Soltani, an independent researcher and consultant who also testified at the hearing, suggested that Tribble’s explanation was disingenuous. For users who live in urban areas, Soltani said, the data on phones pinpointed hot spots as close as 20 feet away—which, he argued, is effectively the user’s location. “We need a clear definition of what ‘location’ means,” he said, and also called for more clarity about what constituted an “opt-in” policy.

The picture gets even muddier when third-party apps are considered. “Users don’t have a very good idea about what a lot of the applications on their phones are doing,” says Stuart Anderson, cofounder of Whisper Systems, a company that makes security and privacy software for Android phones. “Applications ask for very broad permissions.” Anderson notes that these permissions include the functions users expect, but might also cover unexpected actions from third-party code, such as monitoring used by advertisers.  

To make matters worse, users don’t have fine-grained control—Anderson notes that they don’t have the ability to adjust a phone’s behavior or give selective permissions (his company recently released a product designed to do just that).

Apple, which observes a strict review policy for entrants to the App Store, seems to hope that its design standards will keep third-party apps on their best behavior. “What we need to do is put things in the user interface that make it clear what the app is planning to do,” Tribble said. He pointed out that Apple currently has an icon that shows whether an app has used location data within the past 24 hours. He said that Apple doesn’t believe that providing a technical means of limiting the information that apps can access would work. Instead, he said, the combination of the review process and design decisions would provide sufficient quality control.

Alan Davidson, Google’s director of public policy for the Americas, pointed to Google’s contrasting vision of an open app market. Instead of Google reviewing apps, Android devices are designed to recognize what an app is asking for, and alert the user, he said. Google has worked hard to make the resulting notifications understandable and useful, he said.

Both companies argued that they weren’t responsible for what apps do on their platforms. Such a stance, however, is unlikely to appease regulators or customers, which means that Apple and Google may soon have to take more responsibility for how third parties behave on their platforms

The latest Insider Conversation is live! Listen to the story behind the story.

Subscribe today
Already a Premium subscriber? Log in.

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe and become an Insider.
  • Insider Plus {! insider.prices.plus !}* Best Value

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

    Bimonthly digital/PDF edition

    Access to the magazine PDF archive—thousands of articles going back to 1899 at your fingertips

    Special interest publications

    Discount to MIT Technology Review events

    Special discounts to select partner offerings

    Ad-free web experience

  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning print magazine, unlimited online access plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

  • Insider Online Only {! insider.prices.online !}*

    {! insider.display.menuOptionsLabel !}

    Unlimited online access including articles and video, plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.