iPhone tracking

Leaving aside the fact that, as Incognito points out, users have agreed to it, there's also the fact that they aren't tracking users: they are merely recording the fact that some unidentifiable iPhone or other was in the vicinity of some base station or wifi network at some random time on some random day. If it can't be tied to an individual device or person, it's merely a fact about the presence of wireless network connectivity at some point on Earth, not a track of anything. Your mobile phone company knows a heck of a lot more about where you are, and can prove that it's you.

Legality of such click-through licenses is very much questionable (in UK at least), regardless of that what Apple did is crazy stuff that will cost them some real $$$, far more than they'd make from this highly questionable practice.

The only reason they'll get away with it is because Apple users simply don't have any other company to turn to for replacements...

If mobile company tried to sell this data or use it in any way other than reasonable then they'd be in trouble.

Apple is not mobile company anyway - it does not NEED to know your location, and the device you have is YOURS.

This sort of tulip should be opt-in only - EU can make very make big thing out of it.

Apple don't attach any personal data to the locations, so they don't know your location.

For those with Android devices, check out how Android does the same thing: https://github.com/packetlss/android-locdump

Here's two randomly-chosen example records from my own phone, as exported to XML. The first is in the CellLocation table:

which is a place I've never visited, although I have passed it on the motorway; and the second is from the WifiLocation table:

which is an address I've never been to although some relations live about a mile away from it.

<Devil's advocate><stirring it>
So they are tracking where your relatives have been as well?

That helps but does not entirely get them off the hook - the reality is that they use hardware fully purchased (not rented or otherwise) by their customers work for them, probably wasting battery time, with "agreement" being anything but clear.

If that was some free software app that pulled that trick (and I believe some did and got banned from app store for it) then it's one thing, but having manufacturer like Apple pull the same trick is totally different.

You think anonymous is ok? Well, Google got done for vans on a street checking WiFi signatures, how is that different (if not much worse)?

Firstly: it isn't wasting battery time; the location data is only related to cell base stations and/or wifi networks, which the phone is aware of anyway if it's switched on. (More precisely, if the relevant hardware is enabled, as either or both can be switched off at will.)

Apple are using the data to provide a service supporting one of the key capabilities of the device. Given that I paid for the device on the basis that it has that capability (amongst others), I hardly think it makes any sense to object to them providing that service.

Any app that uses location data attached to personal data other than as explicitly required for the app to function won't even get into the App Store in the first place. This is one of the benefits of Apple's curation process, and a safeguard that Android users don't have given Google's unwillingness to vet the products posted in their store.

Over time Apple have tightened up the rules on this: for example, once it became apparent that apps which had no need for location awareness were nonetheless using the Location Services APIs for the purpose of providing advertising targeted to a device's location, they outlawed that.

Google did not get done for gathering data about the location of wifi networks: that is public information, literally broadcast to all and sundry by wifi access points, and even the most rabidly paranoid privacy advocate has never yet suggested a way for a wifi network to advertise its presence to nearby devices over the airwaves without the fact of its presence, and its identity in the form of its MAC address, thereby being made public. What Google were done for was storing the contents of actual data packets captured from unsecured networks - in other words, the personal data of those using the access points at the time Google's vehicles came by, including such data as emails and HTTP traffic.

Google fined for collecting WiFi data from hotspots in France - Boing Boing

Google Faces New Demands In Netherlands Over Street View Data - WSJ.com

"The Dutch DPA argues that MAC addresses, in combination with the ability to identify the location of wireless hardware, qualify as personal data that could provide information about the router's owners, and requires Google to offer an online opt-out from the database."

HTH

If you could be bothered to go to the CNIL, the source the first story, you'd see that Google are (as I said) being fined for collecting personal data from the networks, and for failing to provide full technical details to the CNIL in a timely manner.

As the second story is behind a paywall, I don't know what it says. However the fact that it is datelined yesterday and has the word "New" in the headline suggests that it may be about a change in regulations rather than a regulation that has existed all along. I'm not going to bother paying the WSJ to find out, given that all your arguments have already been disposed of.