One iOS 8 feature Apple hasn’t talked about much is its ability to randomize the device’s MAC address while scanning for WiFi networks.
In iOS 8, Wi-Fi scanning behavior has changed to use random,locally administered MAC addresses… The MAC address used for Wi-Fi scans may not always be the devices real (universal) address… Once the iOS device is done scanning it will give the real MAC ID.
This appears to be a security and privacy precaution as marketing and analytics companies routinely use this unique identifier to collect data about nearby devices scanning for WiFi networks. The New York Times published a story last year about a similar experiment at Nordstrom and several marketing companies selling data to retailers and more use the same method of picking up the MAC address from devices scanning for WiFi networks. One of those companies, Euclid Analytics, explains how it currently uses the MAC address of iPhones to help clients. While it notes “the MAC address does not disclose the device owner’s real-world identity nor any other personal data,” it also uses the data it collects to help clients “improve store layouts, determine timing for promotions and sales, measure the effects of advertising, and set staffing levels and store hours.”
These marketing companies do the same for Samsung and Android devices, which also do not currently automatically randomize the MAC address, but it looks like Apple might put an end to that with iOS 8.