Apple Confirms iPhone Regularly Gathers Location Data, But Says It Doesn’t Leave the Phone

Apple Confirms iPhone Regularly Gathers Location Data, But Says It Doesn’t Leave the Phone

Apple confirmed that their latest iPhone 11 phones come with a feature that requires regular geolocation checks, but the company said that information doesn’t leave the phone.

AWS Builder Community Hub

Security researcher Brian Krebs noticed that the latest iPhone 11 was making geolocation check seven when all apps that would require it had that feature disabled. The only way to stop this behavior would be to disable the geolocation feature system-wide. It turns out that things are more complicated than just apps with unpermitted access, as it pertains to a new chip called U1.

Apple says it respects user privacy, which makes it odd that the phones are gathering data for unknown purposes. At worst, geolocation data would be sent back to Apple, but the company assured everyone that the GPS information doesn’t leave the phone.

It took Apple a couple of days to address the problem fully, but now we know that the iPhone 11 access the GPS data with instructions from its U1 chip. That’s a component in the phone that manages ultra-wideband (UWB) communication, until now only used for AirDrop and to find nearby compatible devices.

“Ultra-wideband technology is an industry-standard technology and is subject to international regulatory requirements that require it to be turned off in certain locations… iOS uses Location Services to help determine if iPhone is in these prohibited locations in order to disable ultra-wideband and comply with regulations… The management of ultra-wideband compliance and its use of location data is done entirely on the device, and Apple is not collecting user location data,” Apple said to TechCrunch.

It turns out that other components in iOS need access to GPS data as well, but they have no dedicated toggle. It’s still a little bit unclear what Apple intends to do with the UI chip, but for now, iPhone users will have to deal with the fact that their devices collect location data, and that’s that.

*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Silviu STAHIE. Read the original post at: