Like Apple and Google, Microsoft collects records of the physical locations of customers who use its mobile operating system.
Windows Phone 7, supported by manufacturers including Dell, HTC, LG, Nokia, and Samsung, transmits to Microsoft a miniature data dump including a unique device ID, details about nearby Wi-Fi networks, and the phone's GPS-derived exact latitude and longitude.
A Microsoft representative was not immediately able to answer questions that CNET posed this afternoon, including how long the location histories are stored and how frequently the phone's coordinates are transmitted over the Internet. Windows Phone currently claims about a 6 percent market share but, according to IDC, will capture about 21 percent by 2015 thanks to Microsoft's partnership with Nokia.
Microsoft does say, however, that location histories are not saved directly on the device. That's different from Apple's practice of recording the locations of visible cell towers on iPhone and
iPad devices, which can result in more than a year's worth of data
The privacy practices of mobile software companies have come under extensive scrutiny after a researcher at a conference last week in Santa Clara, Calif., described in detail how the iPhone's location logging works. A CNET report, however, showed that law enforcement and forensics analysts had been aware of and relied on the undocumented feature since at least last year.
Sen. Al Franken (D-Minn.) today asked Google and Apple to appear at a Senate hearing scheduled for May 10, and Illinois Attorney General Lisa Madigan has asked for a meeting. A lawsuit seeking class action status was filed today in Tampa, Fla.
According to a Web page in the "Help and How-To" section of the Windows Phone site, Microsoft has assembled a database with the "location of certain mobile cell towers and Wi-Fi access points" so a mobile device can determine its location more quickly, and with less battery drain, than if only GPS was used. Relying exclusively on GPS would have a negative "impact on mobile phone users by increasing data charges and draining the battery," the company says.
To make applications like maps work, of course, it's necessary for a smartphone or tablet to transmit its GPS coordinates to a remote server--and, in exchange, receive nearby restaurant reviews, or driving directions, and so on.
Privacy concerns begin to arise when a unique device ID is transmitted, which allows a company to track a customer's whereabouts over an extended period of time. Randomizing the device ID frequently would alleviate some concerns. (Microsoft says that in the case of Windows Phone 7, location information is transmitted to its servers only if Wi-Fi and location services are turned on. It also points out it offers a global switch to turn off all location-based services.)
"The user is identifiable if you have a series of events" that can be linked together, says Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington, D.C.
Microsoft says its operating system transmits the MAC address of the Wi-Fi access point (but not the name), signal strength, a randomly generated unique device ID retained for an unspecified limited period of time, and, if GPS is turned on, the precise location and direction and speed of travel. That happens when the "application or user makes a request for location information," the company says.
One privacy concern is that location databases can be a gold mine for police or civil litigants: requesting cell phone location information from wireless carriers has become a staple of criminal investigations, often without search warrants being sought. It's not clear how often legal requests for these records have been sent to Microsoft, which said it could not immediately answer that question, or whether its lawyers require a search warrant signed by a judge.
Even though police are tapping into the locations of mobile phones thousands of times a year by contacting AT&T, Verizon Wireless, and other mobile carriers, the legal ground rules remain unclear, and federal privacy laws written a generation ago are ambiguous at best. The Obama Justice Department has claimed that no warrant is required for historical location information, a claim opposed by a coalition of companies including Google and Microsoft but not Apple. (CNET was the first to report on warrantless cell tracking in 2005.)
Apple acknowledged (PDF) to Congress last year that "cell tower and Wi-Fi access point information" is "intermittently" collected and "transmitted to Apple" every 12 hours, but has declined to elaborate. Google has confirmed that it collects location information from Android devices, but downplayed concerns about privacy by saying the information is not "traceable to a specific user." It has yet to respond to questions from last Friday.
Here are the questions, still unanswered, that CNET posed to Microsoft this afternoon:
- When did Microsoft start collecting location data from mobile devices?
- Does Microsoft collect cell tower data?
- How frequently do devices running Windows Phone 7 transmit the data to Microsoft? Every 15 minutes? Hourly? Daily?
- How is that done? Is it an HTTP POST request to a Microsoft.com server, like Google?
- Is the connection encrypted? If so, using what method?
- What information, exactly, is transmitted?
- You say the information collected includes a "randomly generated unique device ID." Is that device ID ever changed? If it is changed, how often does it change?
- What does Microsoft use the database of Wi-Fi access points for? Because you collect "direction and speed" if GPS is available, is it used for traffic data?
- You say the WiFi access points are surveyed when "the user has allowed a particular application to access location services and the application requests location information." If WiFi is turned on, location services have been activated, but no apps are ever run, will location data ever be transmitted to Microsoft?
- You say the randomly generated ID is "retained for a limited period." How long is that? Is the ID then deleted or only partially anonymized?
- Given a street address or pair of GPS coordinates, is Microsoft able to produce the location logs associated with that generated ID, if legally required to do so?
- Given a generated ID, is Microsoft able to produce the complete location logs associated with it, if legally required to do so?
- Given a MAC address of an access point, is Microsoft able to produce the generated IDs and location data associated with it, if legally required to do so?
- How many law enforcement requests or forms of compulsory process have you received for access to any portion of this database?
- If Microsoft knows that a Hotmail user is connecting from a home network IP address every evening, it would be trivial to link that with an Windows phone's device ID that also connects via that IP address. Does Microsoft do that?
- Is any information about current or previously-visited locations stored on a Windows Phone 7 device?
- Is Microsoft planning to change any of its policies regarding location data storage and transmission?
Disclosure: McCullagh is married to a Google employee not involved in this issue.