iPhones and iPads are keeping a log of where you have been

Named “consolidated.db,” the file has thousands of location data points for each of them starting at the time they respectively updated their operating systems to iOS 4 — released in June 2010. Each location point includes latitude, longitude, a time stamp, and the IP address for the wireless network their phone was accessing for service. One of the researchers had 33,000 location check-ins over seven months (including a few erroneously placing him in South America).
[...]
Warden [...] expresses concern about the fact that the history is sitting on a plain, unencrypted file on the iPhone, and then transferred to a computer any time the device is synced.

• The novel aspect here is that this information is so readily available, but this kind of data has long been collected by cell phone network providers. In the latter case you need a court order to get the data. In the former case, access to the cell phone or (synced) desktop computer is enough.
• You cannot completely switch this off, but you can make it more difficult for others to access the data, by encrypting the backups on your desktop computer [1]. Tip from Marco Arment:
  
  

  You should encrypt your backups, if not for security reasons, for a big convenience gain: encrypted backups will include your email and Mobile Me passwords so you never need to re-enter them after a restore.
  

• The collected data is in ~/Library/Application Support/MobileSync/Backups/ (in your home directory).
• Mac app for displaying the collected data on a map.

Mac application “iPhone Tracker”.

1. How to encrypt your iOS backups: “iPhone and iPod touch: About backups” → “About Syncing and Backups” → “Encrypted backups”