After hearing about the existence of a file that stores the location of an iPhone, I decided to investigate for myself.

Apparently iPhones running iOS4 periodically record the device’s Latitude and Longitude and timestamp in one of the numerous SQLite databases in phone’s backup and configuration system. Several sites have provided methods of extracting the filename from encrypted backup filesystem. Once located, the contents of the file in question can be investigated using any number of techniques including the SQLite Manager plugin for Firefox.

This system of logging the location of the iPhone to file has been in use for some time, as pointed out in this excellent blog post by Alex Levinson, co-author of the book iOS Forensic Analysis.

Many news reports have claimed that this information is not transmitted back to Apple, but this revealing post from F-Secure Security Labs suggests that by default this location information is sent back to Apple twice a day so that Apple may collate a database of Wi-Fi locations.

The co-ordinates stored in the location database are also readily available to any iPhone application installed on the phone through the iOS API. About halfway down the page in the What’s New in iOS 4 page on the apple website we find this quote:

Background location – Navigation apps can now continue to guide users who are listening to their iPods, or using other apps. iOS 4 also provides a new and battery-efficient way to monitor location when users move between cell towers. This is a great way for your social networking apps to keep track of users and their friends’ locations.

Visualising The Data

Since I had access to the raw data in a convenient SQLite database format, I decided to create my own visualisation. I wrote a PHP script that selected some of the rows from the tracking database and generated a series of images using PHP’s GD Image Library. The location of each point was highlighted orange and allowed to fade gradually over time, creating a “heatmap” effect.

The resulting animation shows the location of my iPhone during the period July 2010 to April 2011. During that period I made several interstate trips, but this animation focuses on the Sydney, Newcastle, Hunter Valley and Port Stephens areas.

At the beginning of the tracking period I lived in Sydney, but traveled to Newcastle regularly for work. Numerous hotspots can be seen in the Wyong area, this is because I usually stop at the Twin Service Stations at Wyong to break up the journey along the F3. Here I usually check my email and make a few phone calls. Later parts of the animation show more activity in Newcastle and ends with a recent holiday to Port Stephens.

The animation is also available in High Definition on YouTube.

In total there were 4181 rows of co-ordinates in my tracking file, each one with a timestamp and estimated horizontal accuracy. The information was inside a table called called “cellLocation”. The dataset went back some 275 days. Presumably the collection of gelocation information in this file began when I installed iOS4 in the middle of last year.

Clearly, storage of such information in an unencrypted format by default on every iPhone in the world could be a potential privacy issue, but it’s not like this information hasn’t been collected before. Google, Foursquare, Facebook and Twitter all collect information on the whereabouts of it’s users whenever they can. These companies gain access to the more accurate information as they have access to the device’s built-in GPS. Each time you check in on foursquare, tag yourself in a Facebook place, or geotag your tweets you are explicitly opting in to these information collection services.

What’s different this time is that now the end user has the ability to actually view the information that is being collected about their location by their mobile devices.

This one of the first times that this information has been so readily accessible. Over 100 Million iPhones have been sold, making this one of the most widely and publicly available geolocation datasets. Unfortunately, this information is fragmented across tens of millions of computer in the form of iPhone’s backup files.

Various open source applications are appearing that allow users to visualise their movements based on the contents of the iPhone tracking file. Form example, an OSX application released by Alasdair Allan and Pete Warden, and a Java applicationn that outputs the waypints in .kml format ready for viewing in Google Earth.

I can say from my own experience that reviewing the location information from my own phone was a thought provoking exercise. I started wondering who collects information about my location. I’ve already mentioned Twitter, Foursquare, Facebook etc. but there’s many more less obvious examples of tracking going on.

The geolocation information has been derived from the location of nearby cell towers. Information of this nature is collected by mobile providers so they know which cell tower to route the current call through. The Latitude and Longitude seems to be accurate to within a few kilometers at worst.

My current mobile carrier, Optus, would have a wealth of information about my whereabouts at any point in time. The data they have would be almost exactly the same as the information I extracted from the iPhone database.

Mobile carriers collect this information routinely

We can’t stop the mobile carriers from collecting this information because they need it for the the robust and efficient operation of their network. What we should be doing however is questioning is what their policy with respect to this information once they collect it.

For example:

  • Exactly what information is collected and retained
  • How long will they retain this information.
  • What is the carriers policy on giving up this information to third parties (Advertisiers, partner companies, law enforcement).

The location of a users phone at a particular time location is routinely used in criminal cases. This is how former Justice Einfeld was convicted of lying under oath in early 2009. Police then used mobile phone records to trace Einfeld as he drove south over the Spit Bridge.

If the mobile phone companies are willing to give up this data for case involving a speeding fine, then they are very likely to be willing to divulge the same information to authorities under more serious circumstances.

I’m hoping this post raises awareness of the fact that location information can be, and is being collected from every mobile phone user. Perhaps in the near future it will be routine to ask more about your mobile carrier’s privacy and data retention policies when choosing a network.