Australian Gov't Scooped Up Tons Of Cell Site Location Data To Track Citizens' Movements
from the serving-the-public-by-eliminating-its-direct-participation dept
A couple of years after it happened, Australian citizens are finally being (indirectly) informed their government harvested cell site location info to track their daily activities. This isn't the work of an intelligence agency or a secretive law enforcement effort. Instead, it's an (unannounced) partnership between the Australian Bureau of Statistics (which handles the Australian Census) and a cellphone service provider. The provider apparently willingly turned over cell site info without a court demand, government mandate, or consultation with its customers. Asher Wolf has the details at Medium:
The ABS claims population estimates have a “major data gap” and so they’ve been a busy bee figuring out a way to track crowd movement. Their solution? Mobile device user data.
“…with its near-complete coverage of the population, mobile device data is now seen as a feasible way to estimate temporary populations,” states a 2017 conference extract for a talk by ABS Demographer Andrew Howe.
While the “Estimated Resident Population” (ERP) is Australia’s official population measure, the ABS felt the pre-existing data wasn’t ‘granular’ enough. What the ABS really wanted to know was where you’re moving, hour by hour, through the CBD, educational hubs, tourist areas.
Third-party records are almost always easily-accessible. They are subject to very limited protections. But generally when the government wants access to records, it's because they're targeting someone in a criminal or national security investigation. What few people expect is for the government to obtain this data en masse, then proudly proclaim its usefulness a couple of years after it's already made use of it.
Cellphone users weren't informed of the government's plans. And the telco made no effort to inform affected customers or give them an opportunity to opt out. While it may look like an innocuous effort to gauge temporary population increases linked to special events and holiday weekends, the information obtained could easily be mined to gain insight on traffic to places of worship, government buildings, airports, workplaces, and protests.
Supposedly, the information has been anonymized. It obviously hasn't been completely stripped of personal information. The slide deck [PDF] detailing the effort notes the data can be broken down by age and sex. The anonymization claim is made without any support from the ABS, which still has yet to provide any further info -- much less a privacy impact assessment -- via its website.
As Wolf points out, the ABS doesn't exactly have a great track record on either data anonymization or protecting the massive amount of data it collects.
Considering the last attempt by a government department to roll-their-own-crypto resulted in the MBS/PBS data breach of 2.5 million Australians, it’d be nice to know exactly how the ABS or telco anonymised and aggregated the data — especially since the ABS on-sells micro-data, from time to time.
As other rights agencies and activists note, the collection of personal info in bulk by the government is always alarming. At best, the techniques deployed here are "deeply unethical." At worst, they conjure images of the worst government behavior: the use of personal info to target specific groups for additional surveillance or internment (as was done with the Japanese during World War II using US Census data). The entire project was undertaken with zero public notice by an agency already known for being cavalier in its treatment of the wealth of personal information obtained through the Census.
ABS has promised more answers but has ignored Wolf's direct questions about study -- including the telco involved and the method used to anonymize the data. When it finally delivers its "detailed information paper" -- two years after the fact -- it's unlikely the details will include the answers Wolf is seeking.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: australia, australian bureau of statistics, cell site location info, census bureau, csli, privacy, surveillance, tracking
Reader Comments
Subscribe: RSS
View by: Time | Thread
Another one
[ link to this | view in chronology ]
Re: what can we do
"what can we do" ?
>> the very first critical step is to radically change your personal mindset of generally trusting government politicians & bureaucrats.
Power corrupts everywhere and always
[ link to this | view in chronology ]
Re: Re: what can we do
[ link to this | view in chronology ]
Re: Re: Re: what can we do
don't ever vote for a politician or anybody that even looks like one
[ link to this | view in chronology ]
Re: Re: Re: Re: what can we do
Again with this?
What do we replace it with?
[ link to this | view in chronology ]
What to do?
Remember that here in the United States, the big mass surveillance program wasn't even revealed to the people to be voted on. Our agencies lied to our representatives about what they were doing, and it's curious to me to this day that we don't call this a coup (given that it's doing a major circumvention of proper channels).
Feel free to get active all you like. It's a lot of work for very slow progress. The US is corrupting faster than can be fixed.
For the more adventurous types, there's a sabotage campaign. You may need to research what are targets.
The third option is do what terrorists do and use burner phones.
[ link to this | view in chronology ]
Re: What to do?
[ link to this | view in chronology ]
Re: Another one
1) obtain location records for a few key politicians
2) publish same
3) run like hell
4) ???
5) profit!
[ link to this | view in chronology ]
Re: Another one
Governments aren't going to stop doing it (but might say they did), so nothing policital will help.
Stop carry tracking devices everywhere. People won't actually stop carrying cellphones, so we'll instead need to stop phones from being used for tracking. You could try to:
Technically, it's not that hard. You can already run Tor over Wifi with random MAC addresses. The problem is that cell networks want IMSI and IMEI for billing and other reasons, so there would need to be some zero-knowledge proof of subscribership/payment and an ability to anonymize the first hop.
Step 2 would be to stop debit/credit card tracking, because if the government can see you just spent $35 at 123 Main St. that's almost as good as phone tracking. Except that we still have the option of cash to prevent that.
[ link to this | view in chronology ]
Census fail
https://www.youtube.com/watch?v=DakivOyBo-M
If you can't get census data one way (that's complete shit), get it another way (that's even more complete shit).
[ link to this | view in chronology ]
Additional information
Additional information in this Canberra Times article:
[ link to this | view in chronology ]