Yes, your iPhone is tracking you -- the question's why

It could be a bug, a mistake or something to do with 'geofencing'

1 2 3 Page 2
Page 2 of 3

Not surprisingly, the consolidated.db file and the earlier version of it have been used in data forensic investigations by law enforcement agencies. Although that may raise the hackles of some privacy advocates, similar information can be retrieved from cell carriers by court order during an investigation.

Just what is this file for?

So what is consolidated.db doing on the iPhone? This is the probably the biggest unanswered question. Not being an Apple iOS engineer, I have no inside knowledge, but I'm fairly confident that Apple's goal is not to maliciously spy on the whereabouts of every iPhone owner. Apple has more important things to do with its time and resources. Also, it appears that this file itself is never actually transmitted back to Apple, though information about a phone's location apparently is, according to the Wall Street Journal.

My assumption is that the file is related to Apple's collection of location data about available Wi-Fi networks. Apple's iOS devices have three ways to determine your location: They can collect GPS data (provided the device supports GPS and can get a signal from enough GPS satellites), utilize cell tower triangulation (provided we're talking about an original iPhone or a 3G iPad and a cell connection can be established), or refer to a database of known Wi-Fi networks.

Even though my Wi-Fi-only iPad doesn't support GPS or cellular communication, it very often nails my location with surprising accuracy based on nearby networks -- regardless of which one I'm actually connected to. That's because it has access to a broad global database of known public and private networks and their locations.

Up through iOS 3.1, Apple relied on a database known as Skyhook. Beginning with the introduction of iOS 3.2 a year ago, the company quietly began using its own database of Wi-Fi networks and their locations. This change became public in a letter (download PDF) Apple's chief counsel sent to Reps. Ed Markey (D-Mass.) and Joe Barton (R-Texas) about changes to the company's privacy policy last July. Apple essentially said that any information it collects about a particular user or device is kept private unless the user consents to sharing it.

Here's what Apple's privacy policy says about location-based services:

"To provide location-based services on Apple products, Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services."
"Some location-based services offered by Apple, such as the MobileMe 'Find My iPhone' feature, require your personal information for the feature to work."

As Apple builds its own global database of Wi-Fi networks and locations, collecting data from iOS devices worldwide is an ideal way to maintain and update that database. Note: Apple's not alone. Smartphones based on Google's Android operating system do the same thing, as the Wall Street Journal noted in its story.

However, forensic specialists familiar with the consolidated.db file claim that the file is not transmitted to Apple by either an iOS device or iTunes -- although that doesn't mean that some of the data stored in the file isn't transmitted on its own. If that's the case, one likely explanation for its presence is to provide third-party apps with easy access to a cache of past location information. This is one reason forensic experts believe Apple moved away from using the private -- and difficult to access -- h-cells.plist file.

1 2 3 Page 2
Page 2 of 3
  
Shop Tech Products at Amazon