With no real statement from Apple regarding the present consolidated.db tracking file furor, the obvious next step is to take it to the courts. Actually, the next step should be a rigorous federal investigation into whether or not Apple has broken any laws. Then, if it has, sue away. And if it hasn’t, sue anyway just in case. Vikram Ajjampur and William Devito are a little impatient, however, and have filed a lawsuit against Apple already.
Now, I’m all in favor of suing Apple — as soon as the facts are known. Apple gets a chance to defend itself against the allegations (time is running out, by the way), and if it doesn’t do so to our satisfaction, then that’s that. This nearly instantaneous lawsuit (filed April 22), however, seems slightly opportunistic.
Claim 12, for instance: “Apple collects the location information covertly, surreptitiously and in violations of law.” I’m not saying this isn’t the case, but when this information was only announced on the 20th, they seem a bit quick on the draw to decide that it’s “covert” as opposed to “undocumented,” like many files and features. It doesn’t take a lawyer to come up with mitigating circumstances or arguments that could potentially exonerate Apple. Use your imagination.
On the other hand, one doesn’t need to wait for the indictment when one has seen the smoking gun. It looks to me like Apple is breaking its own rules here, and in a pretty stupid way at that. An unencrypted log file? Even if it’s only reachable by root (and therefore, Apple may argue, inaccessible to anyone using the phone or any known exploits), it’s a stupid and insecure method and Apple should know better.
But let’s refresh ourselves on Apple’s location policy (from its iPhone 4 SLA):
Emphasis mine. But then in the iTunes/App Store TOS:
We may collect information such as occupation, language, zip code, area code, unique device identifier, location, and the time zone where an Apple product is used so that we can better understand customer behavior and improve our products, services, and advertising.
We’ve got dueling location policies here. But what matters is whether Apple broke the law by not disclosing this particular file/method of tracking, or whether it was just bad and slightly creepy policy on their part.
At any rate, you can download the lawsuit here. My guess would be that this one will be obsoleted once more facts come to light, though another (indeed, several) may follow. And I would also guess that the most significant consequence of this episode will be an industry-wide clarification of stances on tracking, and perhaps some slight rewording of the relevant sections in a few terms of service documents.