It's a stretch to say anonymized reporting of nearby lost devices is abuse and part of a botnet, but you can turn off the U1 chip in settings. Privacy > Location Services > System Services > Networking & Wireless
It's a good idea to turn off location services on all Apple devices systemwide. Having it on sends your location over the network to Apple (via visible Wi-Fi MAC address lists) all the time - it's not just passive GPS reception.
Apple then shares this data with the US federal government without the requirement for a warrant, whenever they ask via a FISA request. No probable cause of criminal activity is required: it can be used for pure fishing expeditions, or parallel construction.
I don't think it's reasonable that using the GPS functionality in my device also means the device manufacturer should perpetually receive a real-time log of everywhere my device goes that is then made available to federal investigators whenever they wish to see it.
You keep repeating this data is shared without a warrant message. I don't believe you are correct in this assessment.
The legal definition of a warrant is a written order issued by a judicial officer or other authorized person for the purpose of the administration of justice.
A written request by the FISA court, which is staffed by eleven federal district court judges, is de facto a warrant.
What I think you really object to is the authority and accountability of the FISA court. In particular, the conditions under which such warrants are issued. But that is a problem with the FISA court, not the companies that receive the warrants.
The problem lies with the companies. They have full knowledge that their datasets can and will be queried without limit by the US federal government without probable cause or reasonable suspicion, and they still collect and store the data, after being in full possession of these facts.
In Apple's case, they even preserve vulnerabilities in the system to aid the state in exploiting this circumstance.
It's to the point now where it's not inaccurate to point out that almost all Apple devices function as an extended sensor network for US federal police and military intelligence, given that a) they can access the data at any time and b) Apple makes sure not to secure the data from this illegal intrusion.
Um, what? The requirement for probable cause or unreasonable suspicion is entirely on the judicial entity authorizing the action -- not the recipient of a warrant, however unfair or unreasonable it might be.
If you look at the history, and I think you are referring to iCloud data, Apple designed a way to protect existing iCloud data. From what has been published, Apple made a mistake in letting the US Government know in advance -- before the software was released.
Because Apple then did not continue and protect the data, the story was spun, by "the media", that Apple has somehow "collaborated" with allowing data collection. I don't think that is the true story.
If you look at every other new product or service that has been introduced even before and after the iCloud backup incident, privacy and not being able to obtain data is / was an inherent feature.
What I think most likely happened with iCloud data is that Apple was "coerced" into capitulation -- explicitly not collaboration. A threat was made, if you go forward with your plan, we will do this.
What was the threat? Something possible - Apple ships devices that depend on strong encryption. Strong encryption is still regulated by the US Commerce department -- a US Government agency.
Even the most recent event when OCSP checks failed -- the developer certificate ID check, Apple's response was to say that they stopped logging the IP addresses. This was also mis-represented, likely by folks that did / do not understand that OCSP requests are made via HTTP requests and almost every HTTP server, by default, logs the client IP address. You have to actively not log the addresses -- which is what Apple's apology statement said they changed.
Do you have a source for these claims? Specifically the ones about your locations being sent to Apple and then Apple sharing all of this data with the ‘US federal government’.
True enough, but the same data is also available via your cellular provider, and they are happy to provide it to law enforcement as well. Your cell provider also sells the data for profit.
Yes, all mobile manufacturers seed their AGPS databases from phones they control. Basically sending data that tells them what SSIDs are visible at certain locations.
But I'm pretty sure Apple is actively not combining that data with your identity. They have zero reason to do that.
They don't need to combine that data with your identity. The client IP address does that when the records are produced, as each Apple device sends hardware serial-linked data to Apple nearly constantly, like a supercookie, linking that device (and user, as they have the device purchase records) to that IP.
Whether Apple runs a join on this data in their databases or not is irrelevant.
