Yesterday, Apple announced Touch ID, a sensor embedded in the new iPhone that uses fingerprint data to authenticate you to the phone. From a privacy/tracking perspective, it doesn’t seem particularly worrisome by itself - the fingerprint data seems to be hashed with the unique ID of the phone and stored in local secure storage. If someone wants your fingerprints, they’re generally not that hard to get (if they have physical access to the outside, it’s probably easier to dust the phone for prints).
However, the iPhone also has a precise location tracker. Combined with fingerprint authentication data points, this provides a single-source, for all intents and purposes irrefutable, proof that someone was in a particular place at a particular time. There are a lot of ways to assert spacetime presence, but the precision of this is about to get a lot sharper and more mainstream. There are a good number of practical applications for this, but it also raises a lot of questions. I’m not sure we’re ready to handle the answers (but too bad, because it’s coming!).
Will this data be used to assert guilt or innocence for crimes? It seems almost guaranteed.
Will Apple receive a large number of requests for this data? I would be shocked if not.
Will this be used in combination with Passbook to ensure that the person who bought the ticket in question is the only one who can use it? Probably. (I also lament the lack of transferability built into most electronic purchases these days.)
Initially at least, it seems that Apple has locked down the functionality for this - it’s possible that at this time, the location data can’t actually be correlated with fingerprint touches. But it’s too useful to stay that way forever. I’d start thinking about this stuff.