Apple Testifies on Mobile Privacy, Location Cache Encryption Coming to iOS

by

120742 ios gps location

As noted last week, Apple vice president Bud Tribble today participated in a U.S. Senate panel discussion of mobile privacy, particularly as it relates to location tracking. Tribble's appearance alongside Google's Alan Davidson and other experts and privacy advocates was supplemented with a new formal letter (PDF) from Apple to concerned legislators reiterating and expanding upon comments made several weeks ago as Apple sought to address public scrutiny of the issue.

During his testimony, Tribble took great pains to make clear that the iOS location database has not been tracking users' devices directly, instead containing information on nearby cell towers and Wi-Fi access points to aid the device itself in quickly determining its location for services relying on that information. Apple of course acknowledged several bugs that had allowed that local cache to grow larger than intended and prevented the information from being deleted when location services were disabled. Those bugs were addressed with last week's release of iOS 4.3.3.

Apple apparently plans to go further, however, noting that it will encrypt the downsized local cache as of the "next major release" of iOS. And Apple has already ceased backing up the cached access point location data to users' computers as part of the device backup process.

The local cache is protected with iOS security features, but it is not encrypted. Beginning with the next major release of iOS, the operating system will encrypt any local cache of the hotspot and cell tower location information.

Prior to the [iOS 4.3.3] update, iTunes backed up the local cache (stored in consolidated.db) as part of the normal device backup if there was a syncing relationship between the device and a computer. The iTunes backup, including consolidated.db, may or may not have been encrypted, depending on the customer's settings in iTunes. After the software update, iTunes does not back up the local cache (now stored in cache.db).

Senators also pressed Apple and Google on third-party applications, inquiring about how the companies address data collection and usage by third-party developers offering software for their platforms, as well as whether those developers should be required to publish explicit privacy policies regarding users' data.

In response, Tribble briefly explained Apple's App Store review process and noted that the company believes that developer privacy policies would not go far enough in informing users, sharing information on Apple's decision to include visual indicators within iOS telling users when their location is being accessed and which applications have accessed that information within the previous 24 hours.

On the topic of how Apple polices developers on what is done with that data after is collected, Tribble pointed to random audits of applications and their network traffic behavior, a reliance on user and blog reports of issues, and a fast response time to pull down apps exhibiting questionable behavior until those issues can be resolved.

Related Forum: iPhone

Popular Stories

top stories 2025 12 20

Top Stories: iOS 26.3 Beta, Major Apple Leaks, and More

Saturday December 20, 2025 6:00 am PST by
You'd think things would be slowing down heading into the holidays, but this week saw a whirlwind of Apple leaks and rumors while Apple started its next cycle of betas following last week's release of iOS 26.2 and related updates. This week also saw the release of a new Apple Music integration with ChatGPT, so read on below for all the details on this week's biggest stories! Top Stories i...
Read Full Article19 comments
maxresdefault

Where's the New Apple TV?

Monday December 22, 2025 11:30 am PST by
Apple hasn't updated the Apple TV 4K since 2022, and 2025 was supposed to be the year that we got a refresh. There were rumors suggesting Apple would release the new Apple TV before the end of 2025, but it looks like that's not going to happen now. Subscribe to the MacRumors YouTube channel for more videos. Bloomberg's Mark Gurman said several times across 2024 and 2025 that Apple would...
Read Full Article104 comments
iPhone Top Left Hole Punch Face ID Feature Purple

iPhone 18 Pro Features Leaked in New Report, Including Under-Screen Face ID

Tuesday December 16, 2025 8:44 am PST by
Next year's iPhone 18 Pro and iPhone 18 Pro Max will be equipped with under-screen Face ID, and the front camera will be moved to the top-left corner of the screen, according to a new report from The Information's Wayne Ma and Qianer Liu. As a result of these changes, the report said the iPhone 18 Pro models will not have a pill-shaped Dynamic Island cutout at the top of the screen....
Read Full Article60 comments
ios 18 security update

Don't Want to Upgrade to iOS 26? Here's How to Stay on iOS 18 [Update: Now Unavailable]

Friday December 19, 2025 10:37 am PST by
Since the beginning of December, Apple has been pushing iPhone users who opted to stay on iOS 18 to install iOS 26 instead. Apple started by making the iOS 18 upgrades less visible, and has now transitioned to making new iOS 18 updates unavailable on any device capable of running iOS 26. If you have an iPhone 11 or later, Apple is no longer offering new versions of iOS 18, even though there...
Read Full Article420 comments
iPhone Chips

Apple Clings to Samsung as RAM Prices Soar

Monday December 22, 2025 6:17 am PST by
Apple is significantly increasing its reliance on Samsung for iPhone memory as component prices surge, according to The Korea Economic Daily. Apple is said to be expanding the share of iPhone memory it sources from Samsung due to rapidly rising memory prices. The shift is expected to result in Samsung supplying roughly 60% to 70% of the low-power DRAM used in the iPhone 17, compared with a...
Read Full Article62 comments
apple beta 26 lineup

Apple's 2026 and 2027 Product Roadmap: Foldable iPhone, iPhone 18 Pro, M5 Macs, and More

Tuesday December 16, 2025 4:42 pm PST by
There has been a whirlwind of rumors over the last few days, sourced from leaked internal software designed for the iPhone and the Mac, and news sites like The Information. Below, we have a quick recap of everything we've heard this week, which serves as a guide to Apple's product plans in 2026 and beyond. We've organized the info by likely release date, though there are some products that...
Read Full Article44 comments
generic tracking prompt orange

Apple Hit With Supersized Fine in Italy Over an iPhone Privacy Feature

Monday December 22, 2025 7:47 am PST by
Italy's Competition Authority (AGCM) has imposed a €98.6 million ($116 million) fine on Apple over its App Tracking Transparency feature. Since the release of iOS 14.5 in April 2021, Apple has required apps to ask for permission before tracking a user's activity across other apps and websites for personalized advertising, as part of a feature named App Tracking Transparency. If a user...
Read Full Article119 comments

Top Rated Comments

Small White Car Avatar
Small White Car
191 months ago


I hope they use Kleig Lamps at full power on these jokers. Make the searing heat of the lamps force the truth out of their well practiced script designed to give them and their privacy trampling employers plausible deniability.

Can we then turn them on you to finally learn the truth: That you're shorting Apple stock and merely come here to advance your own goals?
Score: 10 Votes (Like | Disagree)
aiqw9182 Avatar
aiqw9182
191 months ago
You can watch it here:
http://cspan.org/Events/Congress-Looks-into-Protecting-Mobile-Privacy/10737421417-1/
Score: 8 Votes (Like | Disagree)
JHankwitz Avatar
JHankwitz
191 months ago
Big Deal?

I must live a pretty dull life. I can't think of anyplace I've gone with my iPhone in the past that would warrent concern over someone else knowing where I've been. Cell phone towers have been tracking me for about 5 years now, and I haven't found the need to complain or make a big deal about it. Is everyone else out there involved in covert national security operations, murders, or what?
Score: 5 Votes (Like | Disagree)
Popeye206 Avatar
Popeye206
191 months ago
Funny... A lot of people here are worried about non-descript, non user specific location data, but yet, no one is up in arms that organizations like the FBI monitor internet traffic for IP address access to see who's visiting certain web sites. To me, that is more troubling. That is "big brother" watching you, not some computer company trying to give you better service, or better map data.
Score: 3 Votes (Like | Disagree)
gnasher729 Avatar
gnasher729
191 months ago
I don't understand this argument.

For one obvious example, if a battered woman's crazy ex-husband was able to find everywhere she's visited in the last year by stealing her iPhone, that's a problem. Extreme example, sure. But it's not always strangers that you have to worry about.
The places where she _might_ have been in the imagination of a crazy ex-husband are surely a much bigger risk. As is the contents of her address book, her e-mails, her browser history. So the risk is: Battered woman, crazy ex-husband locates her, steals her iPhone, doesn't mind what's in her address book, browser history, e-mails, but he actually knows about this cache file, has software to investigate her, and kills her because of some place she has been. Very likely. If she gets rid of her iPhone for another phone, it is more likely that he kills her because she must have something to hide. If she sells her iPhone and buys a gun with the proceeds, she is more likely to shoot herself by accident.

But I asked about the risk compared to things like lightning or snake byte. In the USA, an average of slightly more than hundred persons a year die from lightning. Isn't that something you should worry about a million times more?

Just out: Facebook caught exposing millions of user credentials: http://www.theregister.co.uk/2011/05/10/facebook_user_credentials_leaked/

That should keep the crazy ex-husbands busy for a while.
Score: 3 Votes (Like | Disagree)
Krevnik Avatar
Krevnik
191 months ago
I wonder if the changes will cause IOS devices to take longer getting an initial location?

Not really. The cache still holds for 7 days, which is enough for day-to-day operation. It'll get a little befuddled when on a vacation for a bit, but the end result is that when you do need to query Apple, it sends down a bunch of sites nearby so you don't have to query them again for a while. The timestamps in the cache will likely be such that if you commute in the same area most of the time, you populate the cache once and that's it.

The irony is that this caching design (while only sending updates back to the central DB) is a better means of providing privacy from Apple as it cuts down on the traffic between the two and reduces the information they can glean indirectly if they were being malicious.
Score: 3 Votes (Like | Disagree)
Read All Comments