"Microsoft's representations to Congress were false," the lawsuit reads – making a serious charge that's both perfectly accurate and almost certainly incorrect in several different ways.
Spying, or staying connected?
Even without any other complicating factors – like software loaded on a phone that may collect GPS data – Microsoft's statement could not possibly be true, even if only it and the cell carrier were the only ones that could possible track location data on users.
Every activated cell phone has to identify itself and its location to cell-network access points on cell towers in the area, in order to remain connected to the mobile-phone network.
The only way the phone itself could avoid that would be to shut down its radio in between calls made by the phone owner, which would cut it off from incoming calls and automatic data updates.
Every time the owner wanted to make a call, the phone would have to signal local cell towers, then go through a (relatively) long identification and authentication process.
Even for customers sensitive enough about privacy to carry a phone that can only make outgoing calls, the delay in that process would make the phone unpopular, if not completely unusable.
So…skip the attempt to expand the accusation of Microsoft-as-Big-Brother into one that includes purposeful lying to Congress and what you have (so far) is one app that keeps grabbing and forwarding location data the phone already has and that is easily available to the apps that run on it.
That's clearly a problem, most especially because it sends the data not to the cell carrier to verify location, but to Microsoft's own servers to verify who knows what.
It's not necessarily an indictment of Microsoft as a whole, or even all the software running on Windows Phone 7.
I'm perfectly willing to believe evidence showing Microsoft is misusing location data, or collecting it surreptitiously, or telling customers something about what it does with that data that is substantially different from what it really does.
Plenty of other companies have been doing the same thing, which remains a big problem for both the privacy of customers and presumed honesty of vendors.
So far, though, it looks as if it might be a screwup with just one of a dozen or more built-in major apps – one that can be fixed easily with a patch.
Believing it was a mistake and that it has been fixed will require more than just bland reassurance from Microsoft, though.