While this may have been shocking to iPhone users—it was old news to the law enforcement community, who has been using the iPhone’s tracking file as part of standard operating procedure when analyzing the iPhone for evidence for several years.
And, it turns out, the data being stored isn’t all that useful for tracking a user and his iPhone. The data is simply not reliable and there seems to be way too much of it. Because a variety of apps use location data, it’s stored with no consistency. It shows routes that may be off by actual streets or avenues. It shows activity that may be off in time by days or weeks.
There is a reasonable explanation for all of this confusion. The data was not designed to track your location; it was designed to improve your location identification.
The AT&T iPhone does not contain what is called the enhanced 911 chip, designed to locate a mobile phone by the use of two GPS satellites (versus the minimum three for conventional GPS devices). Instead, it relies on multiple technologies to determine its location-- satellites, WiFi hotspots, and cell towers combined depending on their availability. This hybrid method is very inaccurate in rural areas, though is usually slightly better in urban areas. And while someone analyzing the collected data can often identify a basic route, it’s usually only accurate to within five to ten miles.
Here’s the way the data collection typically works.
The iPhone combines the reception and transmission of all of its wireless technologies (3G cell phone communications, Wi-Fi receivers and transmitters, and GPS receivers) into just two antennas. These are integrated into the metal ring around the camera, the audio jack, the metal screen bezel, and the iPhone circuitry itself.
Using these antennas, the iPhone doesn’t always get a solid GPS signal, especially when indoors or in basements. So for speed and better accuracy, it relies on a process called Assisted GPS (A-GPS).
Before looking for a GPS signal, it gets a rough estimate of its location from the cell phone network, which makes this determination based on signal strength from the nearest towers. It then tries to get location data from the GPS satellites, but if this isn’t available, it checks to see if the phone is getting any WiFi signals; based on the known location of those WiFi nodes the iPhone can help pinpoint the phone’s whereabouts. (Apple is leveraging a public crowd-sourced database of known WiFi hotspots to aid in this geo-locating.) If there aren’t any WiFi nodes available, it turns again to the cell phone network, where Apple is leveraging another public database of known cell towers. Using these known tower locations to collect the latitude, longitude, and the compass heading from where the iPhone is in relation to a nearby tower, the iPhone stores that information with a date/time stamp in a file called Consolidated.db.
Inside of the Consolidated.db database are four tables: CellLocation, CellLocationLocal, CellLocationHarvest, WifiLocation, and WifiLocationHarvest. The non-Harvest tables are directory listings of known Cell Tower and WiFi node locations, each stored with a degree of confidence. The Harvest tables appear to be temporary tables used for updating the CellLocation or WiFiLocation tables. These lists only represent a small sample of the known cell towers and WiFi hotspots; the full database would be too large to store on the device.
Consolidated.db doesn’t store snapshots of location data constantly throughout the day, rather, it only grabs the coordinate data when an application requests it; it also sometimes grabs that data to make sure it hasn’t strayed from its current location.
With so many different developers creating applications that rely on the location features of the iPhone, the quantity and time increments of collection and storage of location information in the Consolidated.db file varies. The time stamp information has occasionally been found to be incorrect as each application collects and updates this information by whatever time period it sees fit. This may be an update time stamp from Apple’s database or an update time stamp of the last time the cell tower or WiFi hotspot was located. Finally, the controlling application location request can be made for greater or lesser accuracy, some applications look for more WiFi nodes or cell towers for greater accuracy.
So it turns out that the iPhone Tracking database is truly all over the map. But there are few things that are for sure with the location data stored in Consolidated.db. The information stored won’t show that you spend more time in certain locations than others. In other words, someone won’t be able to look through your data and figure out from it where you live or work or where your child goes to school. Also, the Consolidated.db will not define the paths you have travelled over specific periods of time, though may confirm the places you and your iPhone have visited in general, loosely based on the time updates for those data records.
Law enforcement agencies will continue to use the iPhone location data and other related intelligence for corroborating information about where phone users have been originally obtained from other sources, but relying on the iPhone data as evidence itself may be a crime.
Richard Mislan is a Professor of Cyber Forensics at Purdue University. He wrote Cellphone Crime Solvers published in the July 2010 issue of IEEE Spectrum. Mislan edits his iPhone Consolidated.db regularly to confuse anyone who might look at it.
