Location and Privacy in the News – A Locatrix Perspective

We’ve been noting with interest the current media debate over how Apple is (or isn’t) using customer location as derived through the iPhone, and wanted to add a brief Locatrix perspective to the mix.

Apple’s response to the issue is that the anonymized usage data allows them to better create location-centric experiences for their customers. Of course the privacy community is asking questions about how anonymous this data really is, and whether ownership of such data should actually be granted to Apple.

It’s worth noting how Apple actually uses data of this nature. Apple provides a positioning API within iOS that allows developers to determine the location of a particular handset, usually to provide some relevant content or data to the handset. The positioning itself is generated using a combination of GPS fix (when a clear view of the sky is possible) but more immediately a derivation of position using attributes of the WiFi or cellular network towers that the device can currently see.

The cellular tower data – latitude, longitude, and azimuth (or antenna direction) – isn’t usually data that network operators release freely. More typically, companies like Apple (and also Skyhook Wireless) utilise GPS-equipped devices to record radio signatures of specific GPS-verified locations, so that when the same signatures are noted from another handset, an approximate location can be calculated without necessarily requiring a clear GPS fix (which, from a cold start, can take up to 45 seconds even with a clear view of the sky).

Apple’s argument is that by gaining access to a larger amount of customer data – after all, there are literally millions of us using iPhones around the world now – will help them improve the performance of this radio-signature positioning method, benefiting all customers.

Now, without wading into the data ownership debate specifically, there’s a really important distinction that can be made here with regards to the usage of technology to passively (i.e. without user initiation) locate a handset.

There’s a good reason that MNOs don’t freely release positioning data, nor access to positioning systems – they can’t. Under each country’s telecommunications regulatory environment, customer data is sacrosanct, and misuse is directly punishable through fines and/or license loss. But in the broader Internet world – one in which we freely click-to-agree licenses and terms-of-use without reading them, there’s much less onus on clarity for where and how these data rights are used.

Within Locatrix, we’ve focused an enormous amount of effort on maintaining the absolute highest standard of data protection, both from the physical domain, in data security within our hosting solutions, but also in providing a proven user privacy model within our XLF and Uandme solutions.

These solutions allow our customers – leading mobile network operators like Telstra – to confidently provide location and social networking capabilities to their subscribers, knowing that at all times each individual’s privacy rights are completely protected.

It’s just unfortunate that the broader web-services world isn’t governed by similar legislation to the regulatory frameworks securing communications industries.



Posted on: