United States Senate
Washington, DC, 20510-2309

Mr. Steve Jobs
1 Infinite Loop
Cupertino, CA 90514

Dear Mr. Jobs,

I read with concern a recent report by security researchers that Apple's iOS 4 operating system is secretly compiling its customers' location data in a file stored on iPhones, 3G iPads, and every computer that users used to sync their devices. According to the researchers, this file contains consumers' latitude and longitude for every day they used an iPhone or 3G iPad running the iOS 4 operating system-sometimes logging their precise geo-location up to 100 times a day. The researchers who discovered this file found that it contained up to a year's worth of data, starting from the day they installed the iOS 4 operating system. What is even more worrisome is that this file is stored in an unencrypted format on customers' iPads, iPhones, and every computer a customer has used to back up his or her information. See Alasdair Allen & Pete Warden, Got an iPhone or 3G iPad? Apple is Recording Your Moves (Apr. 20, 2011), available at http://radar.oreilly.com/2011/04/apple-location-tracking.html.

The existence of this information stored in an unencrypted format-raises serious privacy concerns. The researchers who uncovered this file speculated that it generated location based on cell phone triangulation technology. If that is indeed the case, the location available in this file is likely accurate to 50 meters or less. See Testimony of Michael Amarosa, Before the House Judiciary Committee, Subcommittee on the Constitution, Civil Rights and Civil Liberties, June 24, 2010 at page 7 available at http://judiciary.house.gov/hearings/pdf/Amarosa100624.pdf. Anyone who gains access to this single file could likely determine the location of a user's home, the businesses he frequents, the doctors he visits, the schools his children attend, and the trips he has taken-over the past months or even a year. Cf: People v. Weaver, 909 N.E.2d 1195, 1199- 1200 (N.Y. 2009) (What this technology yields and records with breathtaking quality and quantity is a highly detailed profile, not simply of where we go, but by easy inference, of our associations ... and of the pattern of our professional and avocational pursuits.).

Moreover, because this data is stored in multiple locations in an unencrypted format, there are various ways that third parties could gain access to this file. Anyone who finds a lost or stolen iPhone or iPad or who has access to any computer used to sync one of these devices could easily download and map out a customer's precise movements for months at a time. It is also entirely conceivable that malicious persons may create viruses to access this data from customers' iPhones, iPads, and desktop and laptop computers. There are numerous ways in which this information could be abused by criminals and bad actors. Furthermore, there is no indication that this file is any different for underage iPhone or iPad users, meaning that the millions of children and teenagers who use iPhone or iPad devices also risk having their locationcollected and compromised. An estimated 13% of the 108 million iPhones and 19 million iPad devices sold are used by individuals under the age of 18, although some of these devices may not have been upgraded to iOS4. See AdMob, Admob Mobile Metrics Report at 5 (Jan. 2010), available at htt://metrics.admob.com/wp-content/uploads/2010/02/AdMob-Mobile-Metrics-Jan-10.pdf; Complaint of Apple Inc. v. Samsung Electronics CV-11-1846 at 4-5 (N.D. Cal. Apr. 15, 2011).

These developments raise several questions:

  1. Why does Apple collect and compile this location data? Why did Apple choose to initiate tracking this data in its iOS 4 operating system?
  2. Does Apple collect and compile this location data for laptops?
  3. How is this data generated? (GPS, cell tower triangulation, WiFi triangulation, etc.)
  4. How frequently is a user's location recorded? What triggers the creation of a record of someone's location?
  5. How precise is this location data? Can it track a user's location to 50 meters, 100 meter, etc.?
  6. Why is this data not encrypted? What steps will Apple take to encrypt this data?
  7. Why were Apple consumers never affiamtely informed of the collection and retention of their location data in this manner? Why did Apple not seek affirmative consent before doing so?
  8. Does Apple believe that this conduct is permissible under the terms of its privacy policty? See Apple Privacy Policy at Location-based Services (accessed on April 20, 2011), available at www.apple.com/privacy.
  9. To whom, if anyone, including Apple, has this data been disclosed. When and why were these disclosures made?

I would appreciate your prompt response to these questions and thank you for your attention to this matter.

Sincerely,

Al Franken

United States Senator