Apple Inc. denied Wednesday that iPhones store a record of their users' movements for up to a year and blamed privacy concerns partly on a misunderstanding.
A data file publicized by security researchers last week doesn't store users' locations, but a list of Wi-Fi hot spots and cellular towers in their general area, the company said. It promised software fixes to address concerns over that file.
The data, downloaded from Apple, helps the phone figure out its location without having to listen for faint signals from GPS satellites. That means navigation applications can present the phone's location faster and more accurately, Apple said.
Apple said the data is stored for up to a year because of a software error. The company said there's no need to store data for more than seven days, and a software update in the next few weeks will limit the amount of data in that file.
The iPhone will also stop backing up the file to the user's computer, a practice that raised some concerns. Computers are much more vulnerable than phones to remote hacking attempts.
A third planned fix is to stop downloading the data to phones that have all "Location Services" turned off, Apple said, and to encrypt the file on those where it's on.
"Users are confused, partly because creators of this new technology [including Apple] have not provided enough education about these issues to date," Apple said in its statement.
Wednesday's statement was Apple's first comprehensive response to the most recent complaints. Apple had revealed the nature of the location file in a letter to Congress last summer after an earlier round of questions about its location-tracking practices.
The file drew new attention last week, after a report from researchers Alasdair Allan and Pete Warden at a technology conference in Santa Clara, Calif.
As demonstrated by location-analysis software released by Allan and Warden, the lists of Wi-Fi hot spots and cell towers generated by iPhones can be used to construct a general record of users' movements.
But a snoop needs access to the victim's phone or PC, both of which usually store lots of other personal information. Phones contain texts, e-mails and lists of phone calls. PCs contain such information as tax returns, logs of websites visited and passwords.
In an e-mail, Warden said that it was good to have an explanation for the existence of the file. He agreed that it doesn't contain precise location information.
"By pulling down information about nearby towers, the log can reveal where you are at a neighborhood level," he said, adding that he's relieved that Apple is applying software fixes.
"I'm happy that Apple has answered some of the questions that I raised, and I'm glad they've acknowledged they need to take steps to address these problems."
Sen. Al Franken, D-Minn., chairman of the Senate Judiciary subcommittee on privacy, technology and the law, said he still has questions about why Apple didn't tell users what it was doing.
"This has raised larger questions of how the locations of mobile devices are tracked and shared by companies like Apple and Google, and whether federal laws provide adequate protection as technology has advanced," Franken said. He plans a hearing on cell phones and privacy next month.
In Wednesday's statement, Apple reiterated that while iPhones regularly transmit their location to Apple, they do so only anonymously, and the company isn't able to track users. It can also transmit a user's location to companies that buy ads through Apple's iAds advertising system, but only if the user approves giving the current location to a particular ad.
Google acknowledged last week that phones running its Android software store some location data directly on phones for a short time from users who have chosen to use GPS services. This was done "to provide a better mobile experience on Android devices," Google said, emphasizing that any location-sharing is done with the user's permission.