As Apple wrestled with controversy over iOS devices storing location data, Microsoft moved to offer its own explanation for when and how its Windows Phone devices collect information on a user’s physical location.
“When you allow an application or game to access your device’s location, the application or game will connect to Microsoft’s location services and request the approximate location of the device,” reads the FAQ posted on Microsoft’s corporate Website. “The location service will respond by providing the application or game with the location coordinates of the user’s device (when available), which the application or game can then use to enrich the user experience.”
Microsoft’s location services apparently rely on a database of local cell towers and known WiFi access points to “provide an approximate location of the user’s device.” (Microsoft insists the “managed driving” it uses to collect information about WiFi access points will not take any emails or passwords transmitted by those hotspots.) Users can also deny applications access to their location information.
“Applications that use your location are required to provide the ability to turn off that application’s access to your location,” reads another part of the FAQ. “And you can always turn off access for all applications by turning off location services.”
In addition to WiFi access points, Microsoft’s location services can leverage a device’s GPS to provide observed longitude, latitude, direction and speed.
Furthermore, Microsoft’s location services “will only collect information when you allow a particular application to request location information and that particular application requests location information.” While Microsoft apparently creates a randomly generated ID to identify mobile devices sending information to its location services, the FAQ makes no mention of whether such transmissions are encrypted in transit. Microsoft also claims the location information “is not shared with mobile operators.”
Windows Phones don’t seem to store the user’s location data on the smartphone itself, a marked departure from iOS or Google Android.
Both Apple and Google are under additional government pressure to reveal how they collect and store location data, after Illinois Attorney General Lisa Madigan asked to meet with executives from both companies to discuss privacy issues. Apple is also facing inquiries from U.S. Rep. Edward Markey (D-Mass.) and Sen. Al Franken (D-Minn.), who fired off letters to Apple CEO Steve Jobs asking for greater clarification on news that the iPhone and 3G-enabled iPad running iOS 4 have been saving location data to a hidden database file.
Researcher Alasdair Allan wrote about iOS 4’s supposed location-sniffing abilities in an April 20 posting on the O’Reilly Radar blog. Working with co-researcher Pete Warden, he released an open-source iPhone Tracker application that can plot stored location data on a map.
“The database of your locations is stored on your iPhone as well as in any of the automatic backups that are made when you sync it with iTunes,” Allan wrote as part of a FAQ about removing the data. “One thing that will help is choosing encrypted backups, since that will prevent other users or programs on your machine from viewing the data, but there will still be a copy on your device.”
Location data saved by iOS 4 apparently includes information gleaned from cell towers and the names of WiFi access points, and not actual GPS data from a tablet or smartphone. Other recent news reports have suggested that smartphones running Android are transmitting location data to Google.
In a FAQ posted on its corporate Website, Apple attempted to clarify its position on location-logging.
“The iPhone is not logging your location,” reads one section. “Rather, it’s maintaining a database of WiFi hotspots and cell towers around your current location, some of which may be located more than one hundred miles away from your iPhone, to help your iPhone rapidly and accurately calculate its location when requested.”
Apple goes on to insist that the iPhone only stores a protected subset of that total crowd-sourced database. “The location data that researchers are seeing on the iPhone is not the past or present location of the iPhone, but rather the locations of WiFi hotspots and cell towers surrounding the iPhone’s location,” reads the FAQ, “which can be more than one hundred miles away from the iPhone.”
Apple apparently plans to stop backing up this cache “soon,” courtesy of a future software update.