Identifying People from Their Metadata

Jonathan Mayer, Patrick Mutchler, and John C. Mitchell, “Evaluating the privacy properties of telephone metadata“:

Abstract: Since 2013, a stream of disclosures has prompted reconsideration of surveillance law and policy. One of the most controversial principles, both in the United States and abroad, is that communications metadata receives substantially less protection than communications content. Several nations currently collect telephone metadata in bulk, including on their own citizens. In this paper, we attempt to shed light on the privacy properties of telephone metadata. Using a crowdsourcing methodology, we demonstrate that telephone metadata is densely interconnected, can trivially be reidentified, and can be used to draw sensitive inferences.

New research, but not a new result. There have been several similar studies over the years. This one uses only anonymized call and SMS metadata to identify people who volunteered for the study.

Four assorted news articles.

Tags: , , , , , , , ,

Posted on May 19, 2016 at 6:10 AM15 Comments

Comments

Rolf Weber May 19, 2016 10:17 AM

I think few people will deny the results of this study, that metadata can be very telling.

But the point is, there is not only the technical possibility, there is also the law. So even if we realize that the metadata can be abused, we can anyway reasonably decide that democratic governments should have the data, because we trust that it will only be used lawfully, and we think that the data will help to prevent and investigate crimes. Nothing else we already do today for example with the police, we give them guns and jails, and we trust that they use it only lawfully — and we trust that those who abuse their power are punished.

Meta-data-stasize May 19, 2016 10:47 AM

Key part:

i) Participant A held conversations with a pharmacy specializing in chronic care, a patient service that coordinates management for serious conditions, several local neurology practices, and a pharmaceutical hotline for a prescription drug used solely to manage the symptoms and progression of relapsing-remitting multiple sclerosis.

ii) Participant B received a long phone call from the cardiology group at a regional medical center, talked briefly with a medical laboratory, answered several short calls from a local drugstore, and made brief calls to a self-reporting hotline for a cardiac arrhythmia monitoring device.

iii) Participant C placed frequent calls to a local firearm dealer that prominently advertises a specialty in the AR semiautomatic rifle platform. He also placed lengthy calls to the customer support hotline for a major firearm manufacturer; the manufacturer produces a popular AR line of rifles.

iv) Participant D placed calls to a hardware outlet, locksmiths, a hydroponics store, and a head shop in under 3 weeks.

v) Participant E made a lengthy phone call to her sister early one morning. Then, 2 days later, she called a nearby Planned Parenthood clinic several times. Two weeks later, she placed brief additional calls to Planned Parenthood, and she placed another short call 1 month after.

Using public sources, we were able to confirm that participant B had a cardiac arrhythmia and participant C owned an AR rifle. As for the remaining inferences, regardless of whether they were accurate, the mere appearance of possessing a highly sensitive trait assuredly constitutes a serious privacy impact.

Seems participants C & D haven’t been reading schneier.com, otherwise they would probably visit said shops in person and pay with cash.

Anyhow, this shows up the lies told by the MIC, to wit “It’s only meta-data” i.e. somehow a lesser evil than content. Sensitive inferences are easily drawn from small data-sets.

The surveillance state is also having a broader detrimental impact on trust and commerce, ironically making the role of the law enforcement community harder, as a number of people withdraw from the net completely (blow back from playing their hand too hard):

https://www.washingtonpost.com/news/the-switch/wp/2016/05/13/new-government-data-shows-a-staggering-number-of-americans-have-stopped-basic-online-activities/

Nearly one in two Internet users say privacy and security concerns have now stopped them from doing basic things online — such as posting to social networks, expressing opinions in forums or even buying things from websites, according to a new government survey released Friday.

……

This chilling effect, pulled out of a survey of 41,000 U.S. households who use the Internet, show the insecurity of the Web is beginning to have consequences that stretch beyond the direct fall-out of an individual losing personal data in breach. The research suggests some consumers are reaching a tipping point where they feel they can no longer trust using the Internet for everyday activities.

……

When asked to list their biggest concerns, nearly two out of three respondents cited identity theft, while nearly half brought up credit card or banking fraud. About one in five listed data collection by the government.

……

The new NTIA data suggests a significant number of Americans have embraced at least one strategy: Opting out of online activities.

PS Comment 1 (‘Adolf’), wrong again Bud. We don’t need an intimate data-set of the personal lives of 300 million+ Americans just to find terrorist X who is more likely to be tipped off to the Feds by his grandmother or worried friends based on case studies to date. Troll harder MF.

Denny Seidelman May 19, 2016 11:29 AM

Unfortunately this discussion is already obsolete. The USA and the UK are making great progress in their plans to “collect it all.” Data AND metadata. Thanks to Snowden we know that a couple of years ago the US was capable of storing 3 days of full data (a complete mirror of the internet), unless an analyst placed a request on a selector, in which case the data would be held indefinitely. This 3 day capacity has probably increased by now.

ISPs in the USA and Europe (not to mention countries where there is no democracy) are under immense pressure to cooperate with unlawful bulk surveillance programs. They do not have a choice. If, say, Bluffdale, fails, all they have to do is go straight to the ISP.

Going dark? Going dark my ass. I don’t understand how anyone can be so negligent to keep posting personal information or even browse the web without anonymization these days.

Anselm May 19, 2016 11:48 AM

we can anyway reasonably decide that democratic governments should have the data, because we trust that it will only be used lawfully, and we think that the data will help to prevent and investigate crimes

There is an important principle which dictates that only as much data should be collected as absolutely necessary to fulfil a given task (“data economy”). Collecting everyone’s metadata all the time in order to “prevent and investigate crime” violates this principle since only a small percentage of the population is actually criminal, so the vast majority of the data will merely describe the lawful day-to-day doings of innocent people which even democratic governments have no business prying into.

It is illegal for a cop to be corrupt but there are bent cops all the same. Similarly, it is safe to assume that if a massive metadata database exists then criminal elements will find a way to get at its content – by cracking, social engineering, bribery, extortion, you name it –, and that will actually enable crime rather than prevent it. This is on top of all the “legal” but iffy uses people will find for this data that are nothing to do with crime prevention or investigation. For example, why shouldn’t the government make some money on the side by allowing companies or political parties to mine the data for advertising purposes? All under very strict control, of course, but all that database infrastructure must be paid for somehow …

Comrade Major May 19, 2016 12:09 PM

There is two aspects of surveillance: psychological and technical.
Psychological aspect is well studied – people don’t like to be watched etc.
Technical is not studied good enough (at this moment).

Snowden changed the world. World will never be same.

At this moment we should embrace counter-surveillance (contrintel) principles, not luddism.

Operative realm is supreme to crypto/math.

Metadata May 19, 2016 12:18 PM

Somewhat related…

The Assassination Complex
Inside the Government’s Secret Drone Warfare Program

Major revelations about the US government’s drone program—bestselling author Jeremy Scahill and his colleagues at the investigative website The Intercept expose stunning new details about America’s secret assassination policy.

When the US government discusses drone strikes publicly, it offers assurances that such operations are a more precise alternative to troops on the ground and are authorized only when an “imminent” threat is present and there is “near certainty” that the intended target will be killed. The implicit message on drone strikes from the Obama administration has been trust, but don’t verify.

The online magazine The Intercept exploded this secrecy when it obtained a cache of secret slides that provide a window into the inner workings of the US military’s kill/capture operations in Afghanistan, Yemen, and Somalia. Whether through the use of drones, night raids, or new platforms yet to be employed, these documents show assassination to be central to US counterterrorism policy.

The classified documents reveal that Washington’s fourteen-year targeted killing campaign suffers from an overreliance on flawed signals intelligence, an apparently incalculable civilian toll, and an inability to extract potentially valuable intelligence from terror suspects. This campaign, carried out by two presidents through four presidential terms, has been deliberately obscured from the public and insulated from democratic debate. The Assassination Complex allows us to understand at last the circumstances under which the US government grants itself the right to sentence individuals to death without the established checks and balances of arrest, trial, and appeal.

The book will include original contributions from Glenn Greenwald and Edward Snowden.

http://books.simonandschuster.com/The-Assassination-Complex/Jeremy-Scahill/9781501144134

Bob May 19, 2016 3:48 PM

we can anyway reasonably decide that democratic governments should have the data, because we trust that it will only be used lawfully, and we think that the data will help to prevent and investigate crimes

No. You can because you’d happily forge your own chains in exchange for promises that they’re “only for the bad guys.”

Tox May 19, 2016 5:10 PM

People should stop using old telephone system,
and use these on their phone(non-root, cant-root is OK).

  1. NoRoot Firewall (sigo.mobi) OR AFWall+
  2. Orbot
  3. qTox <– THIS

https://tox.chat/ Official
https://github.com/tux3/qTox For portable version(better than installer)

If @schneier have some time to spare, why don’t you analyze security
as a “pro”?

"lawfully" lol May 19, 2016 6:02 PM

Has anyone thought about doing what’s right…

instead of just how to bend laws to reason anything as lawful that they want?

Lezter Alien May 19, 2016 9:48 PM

Y’all wouldn’t mind us “borrowing” yours and Canadians net connections while you all sleep, just so we can avoid local meta data bulk collection and gain access to reasonable download speeds we can exploit to then save data to 3rd party servers just incase we might want download some of this data at a later date if needed.

Apparently 1GB connections will never be needed here, but having access to fast speeds elsewhere might be handy for trickle downloading software like new AV or Firewall versions over a month or so without bringing the household internet to a crawl.

At least platforms like bittorent allow us access to free software updates most people take for granted elsewhere in the world, at least untill we fall even more behind as you all move forward without us.

Drone May 19, 2016 10:31 PM

Is there something new here? I didn’t think so; glad you agree… BTW, how much did this “non-study” cost us taxpayers?

Darren Chaker May 20, 2016 2:27 AM

I love technology and privacy, but will chime in on a different theme. Specifically, if all of mass surveillance deals with protecting lives, why not start with something which kills 1,300 people a day? “Cigarette smoking is responsible for more than 480,000 deaths per year in the United States, including nearly 42,000 deaths resulting from secondhand smoke exposure. This is about one in five deaths annually, or 1,300 deaths every day.” http://www.cdc.gov/tobacco/data_statistics/fact_sheets/fast_facts/ (No offense to smokers)

In lieu of doing so, there’s a witch hunt on encryption and an effort on mass surveillance. If American lives were so important, go after the #1 mass killer, who not only often kills the primary target (the smoker), but also those around them (second hand smokers) not a fraction of those. Years later may be it’s a terror organization who truly owns the tobacco industry!

I wrote an article about how to implement basic security to stay on top of security and privacy – encrypt phone, use strong PWs, full disc encryption, VPN, etc. see, http://darrenchaker.us/privacy-darren-chaker

The purpose is to save lives. I would hope there is a pecking order to do so. But do not believe it is being implemented. By using the terror card, Government is allowed what it pleases in the name of saving a few people a year, when 1,300 die every day. I do not like that rationale. However, the fact remains, you cannot truly control those you govern unless you know all of its secrets and lies.

Bill May 20, 2016 7:54 AM

@Darren: And after smoking, let’s tackle drunk driving. Both of these kill way more in a year than perished in all terrorist attacks on US soil.

These tragedies just don’t get the media attention because the deaths don’t all happen in one incident and they have been happening for years.

Tatütata May 21, 2016 8:36 AM

There’s a scene in the film “All the President’s men” where Carl Bernstein sits in the park with a contact from the phone company. (C&P?)

While he’s eating his sandwiches, the Bellhead says: Carl, if [Attorney General] John Mitchell wanted your phone records, you’d be running around yelling “invasion of privacy”.

How quaint! Metadata was considered sensitive and confidential — at least when it concerned the rich or powerful…

In the original Godfather at least one murder is committed on the basis of metadata. Button man Paulie Gatto gets his bullets in the head on the basis of phone records suggesting contacts between him and the Sollozzo/Tattaglia clan. (That’s the source of the famous “leave the gun, take the cannoli” in the film version).

In reality, I don’t see how New York Telephone would have maintained detailed message accounting for local calls back in the 1940s. A clandestine pen-and-ink recorder on Paulie’s line?

r May 26, 2016 1:40 PM

@darren,

Currently reading through your list, you recommend cccleaner but not the open source and cross platform BleachBit?

Maybe it needs a more colorful interface and a one-click button granted… But it’s a powerhouse.

I like glary utilities too as shareware (not endorsing it).

It’s one of the programs available to Windows users through ninite.com

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.