Apple China denies location tracking claims: we’re ‘deeply committed to protecting the privacy of all our customers’

This past week, Chinese State TV called the iPhone a “national security concern” because of its location tracking capabilities. The iPhone’s operating system utilizes location for several applications, including Maps and Weather. iOS 7 also introduced a new feature that utilizes a customer’s location in order to provide improved traffic and route information. Now, Apple has quickly responded via a concrete and comprehensive message on its website for China. The message is advertised on the homepage, and is a direct response to the allegations from China State TV.

Apple denies the claims by stating that “privacy is built into [its] products and services from the earliest stages of design. We work tirelessly to deliver the most secure hardware and software in the world.” Apple also explains that it uses industry leading encryption to protect location data, and says that all location data is stored solely on the iPhone, not on Apple’s servers.

Apple goes on to, once again, explain that it does not work with government agencies to spy on its customers: “Apple has never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will. It’s something we feel very strongly about.” Apple goes on to list specific work it does for individual services in order to protect customer privacy.

On Maps:

Our customers want and expect their mobile devices to be able to quickly and reliably determine their current locations for specific activities such as shopping, travel, finding the nearest restaurant or calculating the amount of time it takes them to get to work. We do this at the device level. Apple does not track users’ locations – Apple has never done so and has no plans to ever do so. Calculating a phone’s location using just GPS satellite data can take several minutes. iPhone can reduce this time to just a few seconds by using pre-stored WLAN hotspot and cell tower location data in combination with information about which hotspots and cell towers are currently being received by the iPhone. In order to accomplish this goal, Apple maintains a secure crowd-sourced database containing known locations of cell towers and WLAN hotspots that Apple collects from millions of Apple devices. It’s important to point out that during this collection process, an Apple device does not transmit any data that is uniquely associated with the device or the customer.

On App Store apps and Location Services settings:

Apple gives customers control over collection and use of location data on all our devices. Customers have to make the choice to enable Location Services, it is not a default setting. Apple does not allow any app to receive device location information without first receiving the user’s explicit consent through a simple pop-up alert. This alert is mandatory and cannot be overridden. Customers may change their mind and opt-out of Location Services for individual apps or services at any time by using simple “On/Off” switches. When a user turns “Off” location data for an app or service, it stops collecting the data. Parents can also use Restrictions to prevent access by their children to Location Services.

On Traffic tracking, iOS in the Car, Notification Center, and iTunes in the Cloud:

When it comes to using iPhone for traffic conditions, iOS can capture Frequent Locations to provide commute information in the Today view of Notification Center and to show you automatic routing for iOS in CarPlay. Frequent Locations are only stored on a customer’s iOS device, they are not backed up on iTunes or iCloud, and are encrypted. Apple does not obtain or know a user’s Frequent Locations and this feature can always be turned “Off” via our privacy settings.

Of course, Apple’s sharp and direct response to these location tracking claims indicates how seriously the company takes both its public perception and the privacy of customers. The letter in full can be found below in both English and in Chinese.

English version:

Apple is deeply committed to protecting the privacy of all our customers. Privacy is built into our products and services from the earliest stages of design. We work tirelessly to deliver the most secure hardware and software in the world. Unlike many companies, our business does not depend on collecting large amounts of personal data about our customers. We are strongly committed to giving our customers clear and transparent notice, choice and control over their information, and we believe our products do this in a simple and elegant way.

We appreciate CCTV’s effort to help educate customers on a topic we think is very important. We want to make sure all of our customers in China are clear about what we do and we don’t do when it comes to privacy and your personal data.

Our customers want and expect their mobile devices to be able to quickly and reliably determine their current locations for specific activities such as shopping, travel, finding the nearest restaurant or calculating the amount of time it takes them to get to work. We do this at the device level. Apple does not track users’ locations – Apple has never done so and has no plans to ever do so.

Calculating a phone’s location using just GPS satellite data can take several minutes. iPhone can reduce this time to just a few seconds by using pre-stored WLAN hotspot and cell tower location data in combination with information about which hotspots and cell towers are currently being received by the iPhone. In order to accomplish this goal, Apple maintains a secure crowd-sourced database containing known locations of cell towers and WLAN hotspots that Apple collects from millions of Apple devices. It’s important to point out that during this collection process, an Apple device does not transmit any data that is uniquely associated with the device or the customer.

Apple gives customers control over collection and use of location data on all our devices. Customers have to make the choice to enable Location Services, it is not a default setting. Apple does not allow any app to receive device location information without first receiving the user’s explicit consent through a simple pop-up alert. This alert is mandatory and cannot be overridden. Customers may change their mind and opt-out of Location Services for individual apps or services at any time by using simple “On/Off” switches. When a user turns “Off” location data for an app or service, it stops collecting the data. Parents can also use Restrictions to prevent access by their children to Location Services.

When it comes to using iPhone for traffic conditions, iOS can capture Frequent Locations to provide commute information in the Today view of Notification Center and to show you automatic routing for iOS in CarPlay. Frequent Locations are only stored on a customer’s iOS device, they are not backed up on iTunes or iCloud, and are encrypted. Apple does not obtain or know a user’s Frequent Locations and this feature can always be turned “Off” via our privacy settings.

Apple does not have access to Frequent Locations or the location cache on any user’s iPhone at any time. We encrypt the cache by the user’s passcode and it is protected from access by any app. In the interest of even greater transparency for our customers, if a user enters their passcode successfully, they are able to see the data collected on their device. Once the device is locked no one is able to view that information without entering the passcode.

As we have stated before, Apple has never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will. It’s something we feel very strongly about.

Chinese version:

一直以来，Apple 都非常坚定地承诺保护我们所有用户的隐私。从最初的设计阶段开始，隐私保护的理念就已植根于我们的产品与服务之中。我们不懈努力，只为将安全性世界领先的硬件和软件产品带给我们的用户。与许多其他公司不同，我们的业务并不依赖于收集大量用户个人信息。我们郑重地承诺，坚持给予用户清晰而透明的提示和选择，让用户得以控制自己的信息。而且我们坚信，自己的产品也简单而恰当地做到了这一点。

我们非常感谢 CCTV 的努力，就这一我们也认为非常重要的议题来协助进行用户教育。在此，我们要确保所有的中国用户能够清晰地了解，在涉及隐私和个人数据信息时，我们的所为及所不为。

在购物，旅游，寻找就近餐馆或计算上班所花费时间等具体活动中，我们的用户想要并期望他们的移动设备能够快速并可靠地确定自己的当前位置。我们在设备端做到了这一点。但 Apple 不会追踪用户的定位：Apple 以前从未这样做过，以后也永远不会这样做。

如果仅使用 GPS 卫星数据进行手机定位，可能需要花费几分钟的时间。而通过预先储存的无线局域网热点位置和信号发射塔位置数据，并结合当前正在被 iPhone 接收的无线局域网热点和信号发射塔信息，iPhone 可以将这个时间缩至短短几秒钟。为了实现这一目标，Apple 运行着一个安全可靠的众包数据库，其中包含了 Apple 通过数百万 Apple 设备收集的已知信号发射塔和无线局域网热点位置信息。但必须重点指出的是，在这一收集过程中，Apple 设备并未发送或传输任何具体与某部设备或某位用户相关的数据。

在我们所有的设备上，Apple 都让用户能够自主控制定位数据的收集和使用。用户必须自主选择启用 “定位服务”，因为它不是一项默认设置。Apple 绝对不允许任何应用，在未曾预先弹出让用户一目了然的提示并得到用户明确同意的情况下，就擅自接收设备的定位信息。这样的提示是强制性的，并且不能被隐藏或覆盖。如果用户改变主意，仅需简单地切换 “开/关” 按钮，即可随时就个别应用或服务退出 “定位服务”。当用户将某个应用或服务的定位数据切换成 “关” 时，它就会停止收集数据。而且，家长还可以使用 “访问限制” 功能，以防止孩子使用 “定位服务”。

当使用 iPhone 了解交通状况时，iOS 可搜集 “常去地点”，在 “通知中心” 的 “今天” 视图中提供通勤信息，并在 CarPlay 中为你展示 iOS 自动规划的路线。但 “常去地点” 仅存储于每个用户个人的 iOS 设备上，并且进行了加密；它并不备份于 iTunes 或 iCloud 中。Apple 从不获取或了解某个用户的 “常去地点” 信息。而且，这一功能也可随时通过隐私设置切换为 “关”。

Apple 不会在任何时候通过任何用户的 iPhone 去获取其 “常去地点” 或其定位服务的缓存。我们通过用户密码对缓存进行了加密，并且谨防任何应用对其进行访问。为了让用户拥有更大透明度的权益，用户在成功输入其个人密码后，即可看到其设备上收集的数据。而当设备锁定后，在未输入密码的情况下，任何人都不可能查看这些信息。

正如我们前文所述，Apple 从未与任何国家的任何政府机构就任何产品或服务建立过所谓的 “后门”。我们也从未开放过我们的服务器，并且永远不会。对于我们而言，这些都是必须坚守、绝不妥协的