Last week, the state-run Chinese media labeled the iPhone’s Location Services feature found in iOS 7 a “national security concern,” citing Chinese researchers that stated the data could lead to security breaches in that country. Over the weekend, Apple officially responded to the charges on its Chinese website.
The statement, posted in both Chinese and English, started off by restating Apple’s commitment to privacy, and by stating the its Location Services exist solely to assist users who require navigation.
Apple also stated that it does not have access to the Frequent Locations data on any device, and noted that access to the feature can be turned off via the device’s privacy settings.
Apple concluded by saying it has “never worked with any government agency from any country” to create backdoor access to any of the information held by its products, and that it vows to never all access to its servers.
Apple has found itself the target of the Chinese government, and therefore the government controlled media, many times in the past. The company was subjected to attacks from the Chinese media last year over its warranty practices, with the attacks ending only after Apple CEO Tim Cook made a formal apology.
The Apple Statement, in English:
Your Location Privacy
Apple is deeply committed to protecting the privacy of all our customers. Privacy is built into our products and services from the earliest stages of design. We work tirelessly to deliver the most secure hardware and software in the world. Unlike many companies, our business does not depend on collecting large amounts of personal data about our customers. We are strongly committed to giving our customers clear and transparent notice, choice and control over their information, and we believe our products do this in a simple and elegant way.
We appreciate CCTV’s effort to help educate customers on a topic we think is very important. We want to make sure all of our customers in China are clear about what we do and we don’t do when it comes to privacy and your personal data.
Our customers want and expect their mobile devices to be able to quickly and reliably determine their current locations for specific activities such as shopping, travel, finding the nearest restaurant or calculating the amount of time it takes them to get to work. We do this at the device level. Apple does not track users’ locations – Apple has never done so and has no plans to ever do so.
Calculating a phone’s location using just GPS satellite data can take several minutes. iPhone can reduce this time to just a few seconds by using pre-stored WLAN hotspot and cell tower location data in combination with information about which hotspots and cell towers are currently being received by the iPhone. In order to accomplish this goal, Apple maintains a secure crowd-sourced database containing known locations of cell towers and WLAN hotspots that Apple collects from millions of Apple devices. It’s important to point out that during this collection process, an Apple device does not transmit any data that is uniquely associated with the device or the customer.
Apple gives customers control over collection and use of location data on all our devices. Customers have to make the choice to enable Location Services, it is not a default setting. Apple does not allow any app to receive device location information without first receiving the user’s explicit consent through a simple pop-up alert. This alert is mandatory and cannot be overridden. Customers may change their mind and opt-out of Location Services for individual apps or services at any time by using simple “On/Off” switches. When a user turns “Off” location data for an app or service, it stops collecting the data. Parents can also use Restrictions to prevent access by their children to Location Services.
When it comes to using iPhone for traffic conditions, iOS can capture Frequent Locations to provide commute information in the Today view of Notification Center and to show you automatic routing for iOS in CarPlay. Frequent Locations are only stored on a customer’s iOS device, they are not backed up on iTunes or iCloud, and are encrypted. Apple does not obtain or know a user’s Frequent Locations and this feature can always be turned “Off” via our privacy settings.
Apple does not have access to Frequent Locations or the location cache on any user’s iPhone at any time. We encrypt the cache by the user’s passcode and it is protected from access by any app. In the interest of even greater transparency for our customers, if a user enters their passcode successfully, they are able to see the data collected on their device. Once the device is locked no one is able to view that information without entering the passcode.
As we have stated before, Apple has never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will. It’s something we feel very strongly about.