iOS devices for a long time, like other devices, track your location based on your preferences. Cell carriers for years have kept data which matches user>handset>tower, but government could only access it via a court order. This has only been complicated by the use of GPS location services which a host of applications and companies use for various purposes. This occurs many times without the user fully understanding the implications. A malicious actor having physical access to the device can access location data, thus administrators and users should consider these new risk and mitigation methods.

Apple iPhones keep a sqlite database of your locations based on Wifi and Cell Tower information, this information is not shared but physical access to your device or computer can allow access by a malicious actor.  

Risk re-evaluation specific to iOS devices but consider points for all mobile devices:

• This is nothing new, a host of services use location information and you need to consider the risk individually. 
• If the iOS devices is stolen a thief can access this data on your iPhone along with a host of other data on your phone.
• Backup's of iOS devices which are not encrypted will allow a user with access to your computer to extract information about your iPad or iPhone including location information related to cell towers and WiFi networks. (Roughly where you have been.)
• Remove all iOS backups from all Backup Tapes or TimeMachines.
• iOS devices used by high profile employees overseas may become the targets of attacks specifically to gain access to their iPhones to determine their movements.
• Backups in iTunes of iOS devices are not encrypted by default.
• iOS devices may not be registered to wipe data remotely or with Passcode Lock.
• The collection of data is not shared with Apple unless the user opts-in for location services.
• Various phones and applications use location services, consider the risk before opt-in. 

What users should do to mitigate risk:

• If traveling with an iOS device and laptop make sure to remove all old backups and then create a new encrypted backup. 
• If traveling overseas consider leaving your iPhone at home or be prepared to destroy the device.
• Sign up for Find My iPhone so you can remotely wipe and lock the device.
• Do not Sync your iPhone on any public computers or computers outside your trust zone.
• Use the Passcode Lock feature and make sure to use numbers and letters 12 characters or more. 
• Remove old backups of iOS devices from all machines, backups and TimeMachine backups. 
• Create a new backup of iOS devices which are encrypted. 
• Review who and how you share location services, not all of it is bad and can be useful for certain business functions. 

Consider these risk and re-evaluate regularly. Alex Levinson has a really good write up about the subject and we included a dump of SELECT * FROM sqlite_master where type='table', please visit the reference links for more information.