The news broke earlier this week: Researchers Alasdair Allan and Pete Warden discovered that the iPhone 4 and iPad 3G devices -- essentially cellular devices running iOS 4 -- have a secret file hidden away that tracks the devices location regularly. It appears that these devices determine location through pinging cell phone towers and triangulating the resulting position. Then the device records the estimated latitude and longitude with a timestamp in a file called consolidated.db. Allan and Warden hasten to add that, as far as they can tell, this information remains stored locally on your phone (though it will transfer to any computer you synchronize your device to).
As if that weren't bad enough, the news gets worse. The file is unencrypted. Anyone who could get access to your computer or device could, in theory, trace all your movements back based upon the timestamps and coordinates. Clearly, this could result in a massive invasion of privacy.
Why would Apple need to record this information? That's a question that a lot of people are keen to ask, including the FCC and Senator Al Franken, according to Politico's Kim Hart and Tony Romm. Franken sent a two-page letter to Steve Jobs asking for more information about the file -- you can read it here.
Allan and Warden point out that cell phone carriers have this information already -- it's part of delivering service to customers. If the carrier couldn't locate and identify customers, it wouldn't be able to provide phone and data service. But that information is protected and it would require a court order before a carrier would give it up to another party. Having that same information available and unencrypted on a device is a different matter entirely. All it would take is a theft -- or even a careless act -- for your location data to fall into the wrong hands.