Microsoft has responded to U.S. location privacy concerns involving Windows Phone 7.
The software giant has issued a nine page response to the U.S. House of Representatives after receiving a request for information. Apple’s iPhone and iPad 3G devices log latitude-longitude coordinates alongside the time and date in a special hidden file on the device. The issue came to light in April after researchers discovered the functionality. Apple has been recording the data on devices since iOS 4.0 was released. Apple recently addressed the issue with the release of iOS 4.3.3.
Privacy groups and lawmakers are currently investigating exactly how modern smartphones collect and store user location information. “The discussion has intensified over the past few weeks when the practices of two other companies in the mobile market were called into question,” says Microsoft’s mobile chief Andy Lees. “As a result, several members of the House of Representatives sent a letter to a number of companies that provide mobile phone services seeking clarity on this issue.” Microsoft’s nine-page response details how Windows Phone 7 treats user location information.
“At Microsoft, we believe that consumers should have control over the location information they share, and that the information collected should be narrowly tailored to support specific experiences on Windows Phone 7 devices,” says Lees. “We believe that our careful and deliberate approach to user privacy in the development of the Windows Phone 7 operating system reflects Microsoft’s commitment to give users informed choices about the collection and use of location information and reflects our intent to facilitate the delivery of device location information solely at the user’s request and solely for the user’s benefit.”
Microsoft says it designed Windows Phone 7 with the following privacy principles in mind:
1. User Choice and Control. Microsoft does not collect information to determine the approximate location of a device unless a user has expressly allowed an application to collect location information. Users that have allowed an application to access location data always have the option to disable access to location data at an application level, or they can disable location collection altogether for all applications by disabling the location service feature on their phone.
2. Observing Location Only When the User Needs It. Microsoft only collects information to help determine a phone’s approximate location if (a) the user has allowed an application to access and use location data, and (b) that application actually requests the location data. If an application does not request location, Microsoft will not collect location data.
3. Collecting Information About Landmarks, Not About Users. Microsoft’s collection of location data is focused squarely on finding landmarks that help determine a phone’s location more quickly and effectively. In our case, the landmarks we use are nearby Wi-Fi access points and cell towers. The information we collect and store helps us determine where those landmarks are, not where device users are located. In fact, we’ve recently taken specific steps to eliminate the use and storage of unique device identifiers by our location service when collecting information about these landmarks. Without a unique identifier or some other significant change to our operating system or practices, we cannot track an individual device.
4. Transparency About Microsoft’s Practices. Microsoft gives consumers opportunities to learn more about its location data collection practices. When the user makes a decision to allow an application to access and use location data, Microsoft provides a link to the Windows Phone Privacy Statement, which includes its own section on location services with information describing the data Windows Phone 7 collects or stores to determine location, how that data is used and how consumers can enable or disable location-based features. Additionally, at the time that Windows Phone 7 launched last November, Microsoft published a consumer-friendly Q&A in the “Help and How-To” section of its Windows Phone website to address commonly-asked questions about location services and consumer privacy. This Q&A provides detailed information on how location services work for Windows Phone 7, the data Microsoft collects to provide location services, and step-by-step instructions (as well as diagrams) on how to enable and disable location services on Windows Phone 7, and the methods Microsoft uses to assemble and maintain its location database. Prior to launch of Windows Phone 7, Microsoft proactively engaged with various government and consumer organizations to start constructive dialogues regarding our location data collection and use practices.
Microsoft’s full response to the U.S. House of Representatives is available here (PDF), or embedded below.