Kim Cameron just posted an interesting blog post about the latest changes to Apple’s iTunes Terms of Use. He noticed a rather alarming change to the Privacy Policy which I’m ashamed to say I missed entirely when I blithely accepted the changes earlier this week. My bad. Anyway these terms of use are a no-opt out agreement that you have to accept if you are going to use iTunes and be able to either activate your shiny new iPhone or deploy any apps to it.
The kicker is this part of the revised document:
Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services.
Note the weasel terms at the end – they may share it with those people but they say nothing about whether they can share it with others, they don’t really clarify that very well. And also note that it is not just Apple – it is Apple and its partners and licensees.
Kim’s follow up on a Consumerist piece from June 21st indicates that the change was made a number of days before I saw the Terms of Use up date on my iPhone so the timing is a bit of a puzzle. Still the point remains – Apple is building a huge database of participants who have “consented” to being put in a global location tracking database. Kim’s right in pointing out that the timing of this change is a bit supect given the high profile attention being focussed on Google’s location tracking practices of late. A key reason for doing this must be that they hope to be able to defend their location tracking practices from legal challenges that they expect to happen now that the Google WiFi ID scanning has become such a serious issue.
However there is another timing issue that should be borne in mind. The reason Apple are now more interested in location tracking, and precise location tracking at that, seems pretty obvious to me – accurate location data makes the new iOS 4 iAd feature* a killer advertising platform. Minority Report’s directed advertising only skims the surface of the possibilities – linking individually directed advertising to locations and even more specifically to location patterns makes the sort of things we’ve seen before (Google adverts for BP when I’m reading about oil slicks for example) seem trivial. Imagine the power of an iAd that knows what your location patterns are, and the sort of pre-emptive advertising that could support – trivially we’re talking about inserting an advert for Burger King as your phone realises you are following a regular route to McDonalds. The problem here is that for this to work Apple has to give this advanced level of location data to a whole bunch of people you probably do not want watching your every move. No doubt Google hoped to gather similar data (and possibly do with their Google Latitude product and Android phones) but Apple have cut directly to the chase as far as their customers are concerned.
The “partners and licensees may collect, use, and share precise location…” phrase got me thinking – if “licensees” were to include your employer could they use the data to track your specific location at all times? What if a private investigator wanted to be a licensee? Could they just pull in anyone’s location data they wished? How about PETA, Greenpeace or the someone like the BNP in the UK? I’m pretty hopeful there will be some serious controls that should prevent those specific scenarios but honestly, how can you be sure?
Kim also points out that when someone figures out how to map this data to a larger uber databases maintained by one of the global WiFi identifier scanning operations then its really hard not to see this as major privacy threat. The problem comes back once again to the use of globally unique identifiers and how they can be used to make undesirable connections between data sets– however if the iAd motivation is behind this then Apple really do need a globally unique identifier. The value in this data for advertising is that it is globally unique and personally identifying – Apple’s claims that it is not are absolute rubbish – the globally unique device ID of someone’s phone is just as much personally identifying as a real fingerprint.
I certainly think this is an issue (and clearly Kim does) but we seem to be in a fairly small minority at the moment. Looking at the coverage of the Google WiFi scanning debacle it’s interesting (and depressing) to note that there is almost no attention being paid to the privacy problems of “just” scanning for device identifiers.
* For some limited interpretation of the term “feature” – not one that’s really useful for end users but great for advertisers, obviously.