Apple Responds to Report on iOS 13's Frequent Location Tracking Reminders, Emphasizes Privacy

[JRobinsonJr]

Yes the popup is a bit annoying every few days but far better than the alternative of letting apps do whatever they want to re-enabling settings you didnt want

Surely there is a solution where users are given a 4th option: ”Yes, grant access to my location and stop asking!” Perhaps paired with an authentication? i have several apps that provide legitimate services and find it more than ‘just’ a bit annoying to frequently acknowledge such access. Privacy *IS* important. So is usability... and those are not necessarily mutually exclusive.

 

[Puppuccino]

This doesn’t improve privacy much... whether you allow your location to be used whilst using the app or all the time, the app developers are still getting your location.

I’m not one to usually bash Apple, but by using a technological device you’ve already forfeited your privacy.

Whether you choose to believe that is up to you but it doesn’t make a huge amount of difference. But I will say Apple lead the way in privacy in this day and age.

 

[iGobbleoff]

Why not have Always Allow but not to Phone Home? Just keep it on the device

 

[heathen291]

Most ANNOYING feature ever. The "privacy" issue is a farce. If you wanted to select ALWAYS, there is a REASON why you chose ALWAYS... ALWAYS means ALWAYS, not ALWAYS until a few days from now. If you didn't want ALWAYS, select ONLY WHEN USING APP, or NEVER if the issue of "privacy" is of any concern. However, there are certain apps which you need to use ALWAYS, want to use ALWAYS, and understand what it means to select ALWAYS, and if you do select ALWAYS, you should only have to select it ONCE, not every few days. If you were honestly that concerned about privacy knowing that you wanted/needed to select ALWAYS, find an alternative, chose another app, or change your behavior. I did that with my Sam's Club app. It required ALWAYS when I felt that it didn't need it (It only needed it once you were on premise and needed to CHECK IN to pick up an online order). I set it ONLY WHEN APP IS OPEN, but the changed it when in the parking lot, checked in, and then changed it back. Now, because of other changes, I've stopped using it altogether so it stays at ONLY WHEN APP IS OPEN.
[automerge]1577842550[/automerge]

Although a bit annoying right now...I would rather know than not. I love the "allow once" option when using an app.

My question to you is...How do you NOT know when you are the one making the selection?

 

[Zance]

Would that stop the periodic popup with the tracking reporting and request for confirmation to keep the "Allow Always" setting?

Of course not, but that's not what he was upset about in regards to the wi-fi setting.

 

[Doctor Q]

Surely there is a solution where users are given a 4th option: ”Yes, grant access to my location and stop asking!” Perhaps paired with an authentication? i have several apps that provide legitimate services and find it more than ‘just’ a bit annoying to frequently acknowledge such access. Privacy *IS* important. So is usability... and those are not necessarily mutually exclusive.

That 4th option would be fine with me.

Apple may make it a "smart" feature instead, which decides how often to check with you based on heuristics that try to determine the right balance.

 

[Rigby]

And if you actually read the article you linked to, you'd see that Google does the same thing, they provided anonymized data to the Feds.

Actually, what they did goes further according to the Forbes article:

"Google then returned phone identifiers for six devices. The government asked for personal details of the individual users for all six, which the tech giant duly provided, including name, email and other Google account use data."

So obviously their location data is not anonymized.

The article you linked to, if you bothered to read it, shows they got the data from location services requests. Apple says

so there's absolutely no difference.

According to Apple's Location Services White Paper, they are not able to connect crowd-sourced Wifi location data to a specific user or device:

"If a user has turned on Location Services, their device will periodically send the geo-tagged locations of nearby Wi-Fi hotspots and cell towers to Apple to further improve Apple’s database of Wi-Fi hotspot and cell tower locations. This helps Apple to provide real-time, localized services in more places around the world. To protect user privacy, the submission uses a random, rotating identifier so that Apple can’t tie multiple submissions together or tie submissions to a user’s identity."

 

[konqerror]

Actually, what they did goes further according to the Forbes article:

"Google then returned phone identifiers for six devices. The government asked for personal details of the individual users for all six, which the tech giant duly provided, including name, email and other Google account use data."

So obviously their location data is not anonymized.
According to Apple's Location Services White Paper, they are not able to connect crowd-sourced Wifi location data to a specific user or device:

"If a user has turned on Location Services, their device will periodically send the geo-tagged locations of nearby Wi-Fi hotspots and cell towers to Apple to further improve Apple’s database of Wi-Fi hotspot and cell tower locations. This helps Apple to provide real-time, localized services in more places around the world. To protect user privacy, the submission uses a random, rotating identifier so that Apple can’t tie multiple submissions together or tie submissions to a user’s identity."

The issue is that even if your direct identity is anonymized, people can work out your identity, based on things like work locations and travel patterns.

NYT Investigation Reveals How Easily Smartphone Location Data Can Be Used to Identify and Track Individuals

The New York Times today claimed that it has obtained a file with the precise location of over 12 million smartphones over a period of several months...

www.macrumors.com

There isn't evidence either way, but one could imagine correlating tracking data with the times or IP addresses of e-mail logins, or store accesses, and working back from there.

 

[Average Pro]

Thank you Apple, well done. I like the idea that you're reminded someone is tracking you.

Next challenge, make it so that no one utilizing an Apple phone can share contact data with an App unless the person authorizes it. For example, my sister installs an App. That App tries to rip all of her contacts. When the App tries to access my contact info on her phone, I receive a pop-up indicating that Google, WhatsAp, etc wants permission to collect my information. Easy response; nope.

 

[Rigby]

The issue is that even if your direct identity is anonymized, people can work out your identity, based on things like work locations and travel patterns.

Not if they are using a constantly rotating identifier that prevents correlating the different location samples, as the Apple whitepaper says.

 

[konqerror]

Not if they are using a constantly rotating identifier that prevents correlating the different location samples, as the Apple whitepaper says.

If it was constantly rotating, then the identifier would be completely useless and there would be no point in having one.

The whole point of the identifier is to correlate data over some period of time. The important part is timescales. For example, people leave their house usually no more than 10-11 hours to go to work. So if your ID rotates less frequently than that, you can see where people work and live.

Another example would be person A is at the scene of a crime, and goes home 30 minutes later. If your rotation is much more an half an hour, you now have a trace of person A being there and going home.

Apple hasn't disclosed how often it rotates, so that's the important question here.

 

[1144557]

Surely there is a solution where users are given a 4th option: ”Yes, grant access to my location and stop asking!” Perhaps paired with an authentication? i have several apps that provide legitimate services and find it more than ‘just’ a bit annoying to frequently acknowledge such access. Privacy *IS* important. So is usability... and those are not necessarily mutually exclusive.

Not disagreeing but you are assuming people are intelligent enough to understand what always means and remember they clicked that and its all Apples fault now.

These are the same people suing Apple for stupid crap like Maps told them to make a left turn into a lake and didnt bother looking at all. 🤷‍♂️

 

[JosephAW]

I'm getting tired of it daily nagging to update my devices to iOS 13. Apparently they changed something in the past few weeks. It was nice and quiet for a while but now it's a daily nag.

 

[Rigby]

If it was constantly rotating, then the identifier would be completely useless and there would be no point in having one.

It might be used to detect duplicates (e.g if a device has spotty connectivity and retransmits the sample).

The whole point of the identifier is to correlate data over some period of time.

The whitepaper says explicitly that "Apple can’t tie multiple submissions together".

 

[Baymowe335]

Consumers do know, this is apple being an annoying nagger.

Baloney. The average consumer doesn’t know.

 

[BWhaler]

Which developers are complaining? Facebook and their proxies?

Don’t fall for this hit piece Apple.

(And the WSJ should be ashamed of themselves.)

 

[sdf]

That's a pretty bold misuse of NSLocationAlwaysUsageDescription. The string (the smaller text reading "To get real-time traffic updates…") is supposed to tell you why you, the user, might want to allow the app location use form the background. It is not supposed to tell you what button to push.

 

[Detnator]

This almost reminds me of Windows Vista and their crappy implementation of the UAC dialog.

If I select always allow, I don't need nanny Apple to remind me every few days. I'm not an idiot [though they think all their users are].

Actually Apple doesn’t think all their users are idiots. But they do think most people in general are idiots. And they’re right. Especially when it comes to this kind of stuff.

All you need to do is look at how popular Facebook is. And the size of Microsoft’s market share in the 90’s. And any number of other examples.

Yes. Most people in general ARE idiots.

 

[bigpoppamac31]

I’d rather select the option I want and leave it at that. Constant reminders are annoying. No matter what it’s for. It’s like there should be a pop up blocker for reminders.

 

[bsolar]

Of course not, but that's not what he was upset about in regards to the wi-fi setting.

As far as I understand from his post, he's definitely upset with the reminder popup and would like the "Always Allow" settings to be set for an App once for all without being reminded about it periodically. He clearly knows how to set the option itself, but this doesn't stop the reminder popup from regularly popping.

If your suggestion does nothing in regards of the reminder popup his problem remains.

 

[diipii]

The fanboys will want to feel Apple loves them but adults don't want constant niggles from their phones.

 

[GaryMumford]

Apple really needs to integrate a built-in firewall with granular settings for customization ... something that would allow us to modify just exactly what an app is doing on our phones and what they're connecting to.

Or “Little Snitch” for iOS

 

[StevieD100]

Apps from car insurance companies that check how you drive and give discounts based upon that. Do you slam your brakes a lot? Do you take off from each green light like you’re at a drag strip? Try to drift each turn? You can’t get that info from an IP address.

GPS can't give you that either. It can't tell if you are the driver or just a passenger.

 

[H2SO4]

What are you even going on about? Are you just trying to be miserable for the sake of being miserable? It's a welcome feature.

What are you even going on about? Are you just trying to be miserable for the sake of being miserable? It's not a welcome feature.
It's a hassle.
Give a me a screen in settings to tell me which apps are on permanent so I can check them easily. But keep telling me about it when I've already said ALWAYS grant access, is just a ball ache.

 

[albusseverus]

The Wideband chip is of DEEP concern to me. I believe Apple says it needs it to know my location to the centimetre… to know if I'm in a restricted Camera area… whatever the hell that actually means. Apple is doing extremely detailed tracking with no user control or (most concerning) visibility. So let's call it transparency, about what is happening and why.

Frankly, I'm more concerned with Apple tracking me. Every time I turn the phone on, I get the arrow. I get the arrow even when I'm not using any app that is allowed to track my location. I fully understand that using a phone, my location is always pretty well known by the mobile towers (cell towers)…

But there needs to be transparency about Apple system location requirements/permissions.

App developers have pooped in their own nest by overreaching - taking contact and location, and who knows what else… for no reason other than on-selling that data.

Let's see more transparency about Apple system location tracking.