Siri Privacy – What info does the service collect?
Siri for iPhone is cool, but in order to perform her magic a lot of information has to be collected and transmitted first. Find out what information Siri collects, and everything you need to know about Siri Privacy.
Read MoreEvery spoken request must be recorded in digital form, and sent up to the service to perform cloud-based speech recognition. While from a practical perspective the audio recordings themselves are unlikely to be preserved for very long (this would take an enormous amount of storage space with little practical application) a transcript of your conversations with your iPhone is almost certainly stored in Apple’s data center. Her response is recorded as well. In order to be able to make inferences from context, Apple’s service must know your contact list, relationships, and more. Knowing the terms under which you are sharing this information with Apple is important.
First the good news: Apple is clear they do not share your information with third parties without your express consent, and most of the information stored long-term to improve Siri’s heuristics is anonymized. Apple’s reputation in privacy is nascent but relatively positive. Aside from a few (quickly remedied) missteps around iOS Location and iPhone contact privacy, they have demonstrated that they take user’s privacy more seriously than their primary competitor who prides itself on knowing every intimate detail about your life so it can serve better advertisements.
Too Late – You’ve Already Been Exposed
From the launch of iOS 4 right up until your device downloaded the iOS 4.3.3, unencrypted, time-stamped latitudes and longitudes were stored on both your device and any device you backed up to for a full year. And a ‘bug’ prevented the data from being erased even when you turned off Location Services. So depending on when you bought your iPhone and how widely you backed up your device, you could have a lot of your location history deposited around your various tech devices.
The software update does have a program to find and erase these deposits, but it’s up to you to make sure you’ve cleansed all potential data deposits.
Read MoreApple May Be Innocent, But Others Aren’t
Even though Location Services has narrowed its scope, there is still always a week’s worth of location coordinates logged on your iPhone, albeit in an encrypted format. (This is not true if you have Location Services turned off.) The concern is who, besides you, has a right to see it?
The legal system has yet to figure out what digital data can and can’t be used against you in a court of law. Spend a few minutes on www.PrivacyCast.com or EPIC’s Location Privacy page, and you’ll quickly come to two conclusions. One, your digital devices and online existence collectively create a disturbingly accurate biography of your every thought and action. Two, there is way more confusion than clarity about who is legally allowed to request your data and what they can use it for.
Consider the following scenarios where a record of your location could be detrimental:
Divorce or Child Custody Dispute: Facebook pages are showing up more and more often in divorce court. Why not where you’ve been? Imagine: You live in New Jersey and have custody of your kids on weekends. They want to see the Statue of Liberty. Innocent? Yes. Digital proof that you violated the law by taking them out of state without notifying the ex-spouse? Also yes.
Federal Agencies: The Department of Homeland Security flags travelers with a passport indicating travel to countries like Libya and Sudan that have terrorist organizations. The FBI could possibly do the same with records of visits to states like Idaho and Tennessee that are militia hotspots. We know that governments have backdoors into smartphones, no reason to expect them to be used.
Third Party Buyers: Apple currently has no intentions of tracking your location. A new CEO or business direction could change that and have your data history up for sale. Your auto insurance company might buy it to find out if you routinely drive over the speed limit. Or, your employer might want to know if you really did stay home sick last week.
Read MoreApple’s Intentions: Sinister Plan or Simply Overlooked?
Depending on your worldview, there are two ways of interpreting Apple’s intentions. The innocent accident version is that Apple was focused on providing the best info possible for its location services and did not think out the possible results of tracking your data. Envision a meeting in which the developer asks the project leader how long to keep the recorded data and whether to encrypt it. Project leader thinks for 10 seconds and shrugs, “A year, I guess. Nah – nobody’ll find it so don’t waste bytes on encryption.” Oops. Apple offers a version of this in its press release responding to the Where 2.0 announcement.
However, it’s hard to accept the innocent accident explanation. Apple very specifically requires all third-party applications to ask your permission to use your location; in other words, opt-in instead of automatic. Yet, Apple chose to make the tracking both automatic and invisible to the device owner. This program is hidden deep within the device’s ones and zeros, and only a highly savvy coder poking around inside the operating system would happen on it. Of course, evidence is mounting that Apple provides governments with backdoors into their smartphones, so it’s tough to give them a pass here.
The oopsy excuse doesn’t work when it’s obvious that Apple was actively thinking about the privacy parameters during the development process. So where does that leave you? In its press release, Apple states that it, “is not tracking the location of your iPhone. Apple has never done so and has no plans to ever do so.” To paraphrase – just trust us. Our question – should we?
Read More