The Tech - Online EditionMIT's oldest and largest
newspaper & the first
newspaper published
on the web
Boston Weather: 45.0°F | Light Rain
Article Tools

The controversy surrounding the security of Apple’s iPhone and iPad escalated Thursday as some European governments said they would investigate whether the company had violated privacy laws by collecting and storing users’ geographic location data.

At the same time, some researchers said that contrary to reports published Wednesday, the iPhone’s recording of location information in a hidden file on the device, later stored on iTunes on a PC, has been known for some time, and that the information has, on some occasions, been used by law enforcement agencies in investigations.

“This data that was supposedly discovered yesterday has existed in earlier iPhones,” said Alex Levinson of Katana Forensics, a company that specializes in extracting data from electronic devices for legal cases. Levinson said he and colleagues had explained Apple’s practices at conferences and in research papers, and that his firm has helped law enforcement agencies “harvest geolocational evidence from iOS devices,” a reference to the Apple operating system.

Levinson said an update to Apple’s operating system changed the location of the file storing the information, but that the file had existed previously.

While privacy advocates and many iPhone users were alarmed by the revelations, Levinson and other security experts said they suspected that Apple had been using the data to be able to pinpoint a phone’s location more quickly, saving bandwidth and battery life, when their owners used location-based services like maps and navigation.

Still, the controversy has been magnified by Apple’s silence. For the second day, the company did not respond to calls and emails seeking comment.

But in a letter sent by Apple in July to two congressmen — Edward J. Markey, D-Mass., and Joe L. Barton, R-Texas — the company appeared to confirm that it has been storing and collecting location information for some time.

In the letter, Apple said it collects the location data anonymously and only when consumers agree to use its location-based services like maps, or any apps that ask a user’s location, and for its advertising system, iAds. The company said it has been offering location-based services since 2008, but that only in 2010, when it released iOS 3.2, did it begin relying on its own databases for those services. Explaining its need to collect data from its customers’ phones, Apple wrote, “These databases must be updated continuously.”