It's a common scenario in Europe. It's not "exotic" to take a €39 train ride from Paris to Brussels to visit for the weekend.
I don't think it's a privacy concern to store such data locally on the phone. In any case, it should be resolved by letting the user decide how long to cache the data; that would make everyone happy.
How does data roaming work on European carriers? For someone traveling from the US, there could be a significant cost to using data in another country. If Europe's prices are more sane, it might not be an issue.
At the moment data roaming in Europe is still a nightmare, most providers make you pay ridiculous fees when crossing a border. The EU commissioner for IT & Telco (Nellie Kroes) recently threatened with legislation if things didn't improve and now several providers started offering some kind or "Euro roaming" subscription.
Even so, the data should not be stored in a plain text file. Doing so gives any iPhone application access to that location data. Apple claims that it manages location preferences by application, but that's not true as long as this file exists in a plain text format.
That is incorrect. The iPhone employs sandboxing, so most areas of the filesystem are not accessible to iOS applications, and this cache is in one of those restricted locations. An app on the phone cannot read this information.
However, it is included in the iTunes backups. Those can be read -- but only on your computer, not on the iPhone itself.
(An exception to the above would be a jailbroken phone: the packages installed via Cydia would not have the same restrictions, although the recent jailbreaks do not remove the restrictions on apps from the App Store.)
The location/timestamp concerns are only relevant when my phone has been stolen or somebody has unrestricted access to my computer. At that point, location tracking is only one of many many terrible things that can happen to me, and frankly it's nowhere near the most terrible. And if I'm concerned about somebody tracking me, I'm going to be most concerned about the last 7 days, not the past year. If you're concerned about the government tracking you for longer than a year, they easily have access to that data without your ever knowing they looked.
The solution is to properly protect your data on your phone and your computer.
Your solution is asinine, as I have little way to protect my "cache" of goods... it's unencrypted both on the device and in the backups (though you can encrypt backups now, there might be previous computer backups of mine that have unencrypted location data, now I have to go find and excise those).
Any malicious desktop tool can easily find the location cache in unencrypted backups. Modern Police Forensics tools (http://www.cellebrite.com/) can easily extract non-encrypted data from phones in minutes (see Michigan Police).
That Apple stored this growing set of user-data in cleartext on the device was as stupid as Sony storing their customer's personal information in cleartext (or weakly hashed) on their servers.
Either bit-recycle the information that's not immediately relevant, or strongly encrypt/sanitize it. This shit isn't rocket-science, folks. Otherwise it's a liability and potential PR nightmare in the making.
We're now still in the "wild west" of personal data records. Once these issues start to snowball and real-life consequences happen, people will clamor for litigation, which given politicians will be over-reaching and ham-fisted.
Corporations with hundreds of millions of users' personal data should stay in front of these issues unless they want to wade in a regulatory mess (see Google's mis-steps with wifi packet data).
As of right now, anyone with an iPhone can have their localization data ripped from their device in less than 5 minutes via cellebrite. It could be a coworker, police office, or immigration official.
