Yes, we’re all excited for the release of the iPhone 5 this week, which is being widely reported. What hasn’t been so widely reported or understood was a leak of about a million UDIDs by #AntiSec, a hacking initiative affiliated with Anonymous. As it turns out, the leak was a fabrication. #AntiSec didn’t obtain these UDIDS from the FBI. One mystery is solved, but the whole incident calls attention to a much more serious matter.
First, what’s a UDID? A UDID is a unique alphanumeric identifier issued for every Apple iOS device, including iPhones, iPads, and iPod Touches. Up until recently, Apple has encouraged application developers to obtain the UDIDs of their users. Concurrent with the release of the iPhone 5, Apple will soon ban the use of UDIDs by app developers. That would be good news, if it weren’t a red herring.
Apple collects user data of user locations, and has not been particularly transparent about government requests for information. Even if the #AntiSec leak is a forgery, the existence of such a government database is intensely plausible. The NSA is constructing the country’s largest data storage facility in Bluffdale, Utah, and will have the capacity to store 100 years’ worth of the world’s electronic communications. Courts have ruled that the acquisition of data is not a Fourth Amendment search, and that only the querying of the data later on constitutes a search.
So, how would the NSA acquire data on people? Malte Spitz discusses, in a chilling TED talk, how your smart phone is always able to transmit information about you.
Spitz’s comments should be obvious to iPhone users, who have long had access to the Find My iPhone app.
All this should be chilling to you, but if you’re thinking, “Privacy doesn’t matter because I have nothing to hide,” you are seriously mistaken.