Is Your iPhone Logging Your Every Move?

By: Josh Wolford - April 21, 2011

By whom and for what reason is undetermined, but data scientists Alasdair Allan and Pete Warden have discovered a tracking file within devices that operate on iOS 4.  Allan and Warden revealed their findings yesterday at the Where 2.0 location conference in Santa Clara, CA.

Do you have an Apple device? How much would a tracking log concern you? Let us know.

The file is called consolidated.db, and is completely unencrypted and unprotected. The file can be accessed on the device itself and it also appears on any computer with which the device has been synched. Apparently, the tracking began with the iOS 4 update.

Your iPhone is recording you movements, more on the @Radar,, and the The @Guardian, #where20 1 day ago via web · powered by @socialditto

The file contains latitude and longitude coordinates along with timestamps, which is basically all you need to track someone’s movements along any given time-frame.  According to Allan, there can be up to tens of thousands of data points in any one consolidated.db file which could track movements back to around one year ago.

Their research found no evidence to suggest that this information is leaving the devices, but one security researcher thinks the information is leaving your devices – and being sent straight to Apple.  Why would Apple want all of this location information?  One reason could be for the creation of their own location database.  With information being sent every day from the millions of iPhones currently in use, Apple might have found an easy, cost-efficient way to expand its own global location database.

According to this theory, Apple may send information about your location twice a day.  How can they do this?  It is possible that the opt-in procedure for Apple’s geo-tracking is buried innocuously within the initial iTunes installation, which iPhone users require for proper synching of their devices.

Then again, if this is all starting to sound too conspiracy theory for you, lets not forget that Apple is already keeping track of where you are – but with a certain sheen of anonymity.  It’s right in their privacy statement:

To provide location-based services on Apple products, Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services.

This statement on location data collecting doesn’t mention the transfer of this data directly to Apple or third-parties though.  Carefully read, it really only says that location data is logged in order to help applications like maps services, Foursquare or Twitter.

But…uh…privacy, anyone?    Whether this location data is being harvested by Apple for unknown purposes or it simply sits, unencrypted, on your devices and computers waiting to be accessed – there is some basis for concern.  Folks worried about privacy need not even own an Apple product to worry, though.   It’s not like geo-tracking logs aren’t already kept on everyone – all the time.  Mobile providers have this data, but its protected and requires court orders to access.  It would seem the scary thing about this particular find, for some, would be the relative ease with which the data is accessible.

The sky is hardly falling, however, says forensic data researcher Alex Levinson is an article published today.  He outlines three issues the may make this find by Allan and Warden a non-story.

First, he says that Apple is definitely not collecting this data:

Apple is not harvesting this data from your device. This is data on the device that you as the customer purchased and unless they can show concrete evidence supporting this claim – network traffic analysis of connections to Apple servers – I rebut this claim in full. Through my research in this field and all traffic analysis I have performed, not once have I seen this data traverse a network.

Second, the hidden consolidated.db file that is the culprit isn’t really new or hidden:

It’s just moved. Location services have been available to the Apple device for some time. Understand what this file is – a log generated by the various radios and sensors located within the device. This file is utilized by several operations on the device that actually is what makes this device pretty “smart”. This file existed in a different form prior to iOS 4, but not in form it is today.

Lastly, Levinson says that this information is not even new or revelatory.  People have known about this tracking file for a while now.  Not most of the general public, mind you, but people in his industry aren’t strangers to it.

It looks like Washington thinks that this is a real privacy concern, as Senator Al Franken has already written a letter addressed to Steve Jobs asking questions concerning this  issue.  Here are the questions he asks:

  1. Why does Apple collect and compile this location data? Why did Apple choose to initiate tracking this data in its iOS 4 operating system?
  2. Does Apple collect and compile this location data for laptops?
  3. How is this data generated? (GPS, cell tower triangulation, Wi-Fi triangulation, etc.)
  4. How frequently is a user’s location recorded? What triggers the creation of a record of someone’s location?
  5. How precise is this location data? Can it track the users location to 50 m, 100 m, etc.?
  6. Why is this data not encrypted? What steps will Apple take to encrypt the data?
  7. Why were Apple consumers never affirmatively informed of the collection and retention of their location data in this manner? Why did Apple not seek affirmative consent before doing so?
  8. Does Apple believe that this conduct is permissible under the terms of its privacy policy?
  9. To whom, if anyone, including Apple, has this data been disclosed? When and why were these disclosures made?

“Anyone who gains access to this single file could likely determine the location of the user’s home, the businesses he frequents, the doctors he visits, the schools his children attend, and the trips he has taken over the past months or even a year,” he says in the letter.

Indeed, this is a valid point.  But are people making a mountain out of a molehill here?  Are people worried that suspicious spouses will eventually be able to use data like this to nail cheating husbands?  That stalkers are going to be able to more efficiently stalk their victims? (Hello, we already have Facebook)

When you look at a visualization of how the data can be used, however, it does make it seem a little more frightening.  The two finders have created a program that allow users to do just that, and look at their own tracking data on a map.  You can download said program here.  It’ll look like this:

Washington DC to New York from Alasdair Allan on Vimeo.

Also, if you want to know more about how Allan and Warden “discovered” the tracking file, check out this video:

Are you concerned about your existing personal location records ? Are they harmless? Tell us what you think.

Josh Wolford

About the Author

Josh WolfordJosh Wolford is a writer for WebProNews. He likes beer, Japanese food, and movies that make him feel weird afterward. Mostly beer. Follow him on Twitter: @joshgwolf Instagram: @joshgwolf Google+: Joshua Wolford StumbleUpon: joshgwolf

View all posts by Josh Wolford
  • smith

    what should we do for not tracking is there any solution

    • Mike

      Yeah, it’s an easy solution… A-N-D-R-O-I-D

      Make no mistake, Google already knows more about you than you can possibly imagine, but – at least to this point – it doesn’t seem as if they are in cahoots with the federal government to track your physical day to day movement.

  • Susan Coppersmith

    From what I understand from an interview I watched on The Today Show this morning there is no way of turning the tracking off.


  • John

    Michigan State Police are being sued by ACLU to find out what they are doing with the information they are now taking from cell phones with a device they plug into the phones of people stopped in traffic! (No warrants-no probable cause)

  • Steven Martinez

    We do check-ins on facebook
    We let people know where we’re at on tweeter

    And Apple records were you’ve been to only your phone…people get angry. No logic what so ever.

    • Josh Wolford

      I tend to agree. As long as people voluntarily give up their info, they’re all about it.

  • Addie

    It’s a step closer to them implanting chips into our brain when we are born to track our every move. I definately find it a complete intrusion of privacy.

  • Warren Redlich

    No, I’m not concerned. But I’d love for someone to come up with an app that allows users to access the data.

  • Jonathan

    Not at all really, i don’t go anywhere that i’m embarassed about and if they’re selling the information to companies all it can mean is more targeted advertising and i’m fine with not seeing tampon ads anymore

    • John Hayes

      How about someone knowing the best time to rob your house because you are away.

      • bob

        how would the robber get access ot the file on your iDevice

  • Garage door repairs

    Location tracking is being done all of the time anyway, the governments of the world could find most people electronically quite easily should they have cause. If you want to have a private life then stay off the net. The net is a huge network of people communicating to one another, giving location data all the time so the iPhone is not doing anything different really. Even landline calls are logged so unless you prefer to communicate via snail mail you may as well get used to it!

    • Susan Coppersmith

      We seem to be giving up our privacy to easy. The tracking needs to be permission based. If we are being tracked at least we should know about it. We can’t let a company think it is okay to violate our right to privacy in the name of serving us better. Like they are doing us a favor…

  • John Hayes

    If I was a thief I could see how it would be very helpful to know how far away someone was before breaking into their house.

    If I was a rapist it would be handy to know where the girl I was stalking is .

    How about knowing when someone is walking the day’s deposits to the bank or has just visited the bank and probably has money.

    I think that personal information carries associated risk and just as you wouldn’t like your bank account number, SS # and Driver license # available to anyone because of the risk your personal location generally should be secure and under your own control.

    • Marco Massenzio

      If you were a robber… how would you gain access to my log?
      oh, wait – you could first attack me, rob my iphone, hack into the log file to find out I’m… wait… yes, lying unconscious at your feet!

      I remember someone making a similar claim about StreetView allowing robbers to see via satellite when people where leaving home, or stalking their preferred girl….

      Make no mistake, I take my privacy very seriously, but the real tragedy here is that 90% of Americans have no clue about technology and how it’s *really* used to rob them of their privacy… by their own Federal Government!

  • PC

    I thought it was a well known fact that the device tracks and stores your whereabouts… and I’m pretty sure Google does something similar

  • adm

    The erosion of privacy and freedoms, happening now, is best accomplished if it occurs step-by-step, in insidious ways. In addition, we have seen that it usually occurs under the guise of doing something for “your own good” or your protection. Thus, in Orwellian fashion, phrases such as “to control you better” are often replaced with “to serve you better”, and placed in the small print of user agreements, as well new laws – the contents of which are obscured from the public.

  • adm1984

    The erosion of privacy and freedoms, happening now, is best accomplished if it occurs step-by-step, in insidious ways. In addition, we have seen that it usually occurs under the guise of doing something for “your own good” or your protection. Thus, in Orwellian fashion, phrases such as “to control you better” are often replaced with “to serve you better”, and placed in the small print of user agreements, as well new laws – the contents of which are obscured from the public.

  • spuffler

    Don’t you think that this database would be VERY helpful for retrieving a stolen (or lost) iPhone? Too bad that ‘blind trust’ apps on the iPhone COULD get unrestricted access to the data, without us giving our permission.

  • Jon

    People voluntarily provide scads web based information in easily accessible formats that make it easy for all sorts of potential criminal impacts against them. I think there are worse things out there than iphone tracking, like making a facebook account for your baby, or not checking privacy settings on any online account. We wonder why identity theft is on the rise? We are letting it happen. Focus on your own behaviours and actions before calling out a company that probably controls your data better than you do. LOL

  • Beamer

    Glad I don’t have an iPhone. No matter what, it’s an invasion of privacy. Something like this can have dire consequences, as others have said here.

  • Beamer

    Off topic question. Is it really necessary to have this intrusive advertising in my face? It sits off to the right and is very annoying. Should be a way to delete it out if I don’t want to see it and have no intention of clicking on it. thanks.

  • Marty

    If this is true, and it looks like it may well be.
    Apple are doing something which is illegal. Illegal because the user has no choice to opt out and lets face it when was the last time you read 15000 words of small print before you click the ‘accept’ box.
    Apple know it is not possible for people to read it all so you could sign away your house and not know it.

    This must be unacceptable practice and should be slammed immediately.
    Our government should be on our side against such companies that are very happy to act illegally to exploit the customer.

    Etrade published this, this pm.
    Apple Inc. automatically collects and transmits to itself location information about users of its iPhone smartphones, according to a letter the company sent to U.S. Reps. Edward Markey (D., Mass.) and Joe Barton (R., Texas) last year.

    The letter, which is publicly available on Markey’s website, became newsworthy this week in light of findings from two researchers who uncovered a file on iPhones that keeps a record of where the phone has been and when it was there. The file is unencrypted and stored by default.

  • Mike Heron

    At some stage this information will be used by Governments or others to control people. For now its just going quietly into place waiting for someone to use. God help the Human Race, because who else will.

  • Paul Smith

    Are you people for real. Really. Get a life. I think mr John is getting paid by ANDROIT just to rubbish apple. Come on.

  • Ted Rice

    No, I am not worried. I use an antique prepaid cell phone and will probably continue to do so as long as it works.

  • Allin Entrepreneur

    I guess as a webmaster you just get used to it. Dosent bother me at all, i assume that they track more than i know.


  • Angel Rivera

    this seems to be a trend with myjor companies as of late, sony does simulair privacy violation and does not cradle person infomation with care. if you own a ps3 sony can tell what, tv u own, what kind of router, pc, laptop, what connected to the devices, if you haved external hard drives. if they can access it there very little you can do if some decides to hack them again… then mirror ur files (keep ur home movies off network lol), or place files. the hold of corp america has grown and priacy went out the door with the patriot act. i guess allot of ppl are ok with apple profiting from ypour personal life at the expense of privacy. if that the case shouldnt the concumer ber getting a piece of the pie. if ur willing or unwillingly giving it up.

    you can formualy request they stop collecting information, there is a federal law, but uncle sam wrote it in a way u have to directly request and ref it in the request other wise they dont care and they still have to reply to. everything from video games to phone are tracked cuase the gov lets them cuase its in their best interest.

  • Ed

    I find it disgusting that Apple would stoop to such a low tactic!

  • Robert Strimaitis

    It’s not just Apple, all devices are required to have this ability along with turning your device on to listen mode without your knowledge since 2002. Who made this requirement? Why are there so many cameras watching you? Surveillance = Control = YOU !!!!! WAKE UP SHEEPLE we are not in America anymore. I challenge you to listen to some alternative news for one week.

    Start here: and I dare you to look at our government the same way you’ve been lead to believe. I’m not paranoid
    , just informed, are you?

    • bob

      “im not paranoid”
      now im not saying that what your aying has no merit, but your going over the top.
      (also, I dont watch any news on tv generally. sometimes getting viewers and informing people accurately conflict each other. Not that they intentionally deceive, just that well, the ones that don’t check their facts and go for the most interesting stories are the most succesful)

      note:im not entirely sure about this opinion I just posted. it might change a little bit often.

  • Melinda

    Doesn’t bother me in the least. Although I understand concerns about privacy, etc., it has become clear that, thanks to social networking sites, few of my fellow world citizens have any secrets (or appear to not want any) so, if someone/thing wants to know that I get up, go to work, and go home every day – no biggie.

  • Laurie

    We are being tracked by pretty well every card we use. It may not be to the extent that Apple has gone to, but every time we use a credit or debit card it is recorded somewhere for someone’s use.

    That being said, I am fine with that as I am fully aware of it, but to sneak in a program that tracks virtually every corner you go around or stop at in absolute invasion. That is just a little too intrusive.

    How long before we are told what, when and where to shop or travel or they will freeze our cards because they don’t like where we shopped. Or worse yet they just install a chip in our wrist or head.

    Why the secrecy Apple? What is your motive?

  • Mira

    I think Google through ANDROIDs is tracking too! It happens in noticeable per second deals!

  • Prasad

    We need not to surprise now a days because today’s technology is very advanced so we need to develop our technology with a rapid speed then all of us can enjoy with so many other features like this.

  • http://EHOW JENNY


  • Peopleunit

    The million dollar question is, will people continue to purchase these phones? I sure as hell wouldn’t.

  • Mike snapes

    You should also be careful about your privacy settings on your iPhone if you manage your home security from a mobile device. Although great benefits to have wireless home security with mobile apps be careful and listen to the advice and info in this post