Monday, September 30, 2013
Cell phone tower data decreases privacy and can increase risk of domestic terror hits
“a growing number of mobile carriers are now carefully mining, packaging, and repurposing their subscriber data to create powerful statistics about how people are moving about in the real world.”—Techonology Review, How Wireless Carriers Are Monetizing Your Movements
“A new research paper shows how easily supposedly anonymous location data can be used to identify individuals; the findings promise to have profound importance as businesses seek new ways to make money from mobile users.
… the researchers found that they could identify 90 percent of users with just four data points and 50 percent of users with just two. They also show a methematical relationship between the resolution of locational information and the ease with which a user can be identified by his or her movements.” –MIT Technology Review, How Access to Location Data Could Trample Your Privacy
by Larry Geller
Cell phone data now made available by cell carriers is not only a threat to individual privacy (See: How Access to Location Data Could Trample Your Privacy, MIT Technology Review, 5/26/2013), but the data can give evildoers a leg up on practicing their craft.
The carriers are selling the data in order to increase profits, but at what cost to us personally and to our collective security? Shouldn’t laws be put in place to strengthen our privacy interest in our personal communications?
Intertwined with the personal privacy issue is the utility of this data for anyone wanting to study or make use of how we come together for sport, recreation, or even for political demonstrations. In the wrong hands, that understanding can be deadly.
Targeting the Boston Marathon was an obvious strategy for a terror attack—it was a well-known concentration of people where the most damage could be done. Technology was not necessary to choose the Marathon crowd for maximum impact. Anyone participating in or attending a future marathon must think, even for a brief moment, of whether they could be in danger themselves.
But let’s cut to the chase. Oahu is home to several military bases. Would the time of day when the most shoppers crowd The Mall at Pearl Harbor, a giant PX, be of interest to potential terrorists? The data points that could answer this question are likely easily available, thanks to cell phone carriers looking for ways to make a buck by selling their tracking data.
Technology is conspiring against us by providing leads to exactly when the most people are concentrated in a given area, complete with GIS coordinates of their location. Check this out:
This animation shows the movements of soccer fans before—with red indicating a higher density of fans—during, and after a match of the Boca Juniors, a leading Argentine team, at La Bombonera stadium in Buenos Aires. Researchers at Grandata, a Buenos Aires-based data analytics startup, earlier established which phones were those of die-hard fans by examining data from previous Boca Juniors matches.
[Technology Review, Glimpses of a World Revealed by Cell-Phone Data, 5/9/2013]
If someone wanted to target New Yorkers in Central Park, would they be better off on this day in February:
Or this summer weekend?
(images from IEEE Spectrum, Crowd-Mapping with Cell Phones, 8/21/2013)
Aggregate cell phone data may become valuable in predicting the spread of disease, for example, but its unrestricted availability provides easy access to the movements of crowds and the assembly of people. In this day and age, that seems like a great risk.
Preventing the sale of this data under comprehensive privacy protection laws would seem to be a good first step in reigning in both government (NSA) and private access to our personal information. Stopping the proliferation of cell tower data would help set the tone that carriers are in the business of guarding privacy as well as selling communications services. Convincing our government of the same principle is a more difficult hurdle, but it would be good to begin someplace.
Links to this post: