Using Trump As A Prop, The Myth Of 'Anonymized' Cell Data Is Finally Exposed
from the privacy-doesn't-exist dept
As companies and governments increasingly hoover up our personal data, a common refrain to keep people from worrying is the claim that nothing can go wrong because the data itself is "anonymized"--or stripped of personal detail. But time and time again, studies have shown how this really is cold comfort; given it takes only a little effort to pretty quickly identify a person based on access to other data sets. Yet most companies, policy folk, and government officials still act as if "anonymizing" your data means something. It's simply not true.
While that point hasn't yet resonated with the public and press fully, it should now.
The second in an amazing 7 series saga by the New York Times was released this week, taking a closer look at a data trove of 50 billion location pings from the phones of more than 12 million Americans given to the Times by an anonymous insider at one of countless location data brokers. The first in the Times' series took a look at how easy it was to identify "anonymized" normal citizens and track their everyday lives. This second piece ups the ante by... easily tracking the President of the United States via the location data of one of his secret service agents:
"The meticulous movements — down to a few feet — of the president’s entourage were recorded by a smartphone we believe belonged to a Secret Service agent, whose home was also clearly identifiable in the data. Connecting the home to public deeds revealed the person’s name, along with the name of the person’s spouse, exposing even more details about both families. We could also see other stops this person made, apparently more connected with his private life than his public duties. The Secret Service declined to comment on our findings or describe its policies regarding location data."
I'm not sure I've ever seen a story that more perfectly encapsulates both the stupidity of the "anonymized data is a panacea" claim, as well as the government's feckless refusal to seriously address one of the biggest scandals in privacy history. Granted it wasn't just the daily movement habits of the President's security detail that the data revealed, but that of Congressional staffers and lawmakers, many of whom have similarly been utterly apathetic to the problem:
"We were able to track smartphones in nearly every major government building and facility in Washington. We could follow them back to homes and, ultimately, their owners’ true identities. Even a prominent senator’s national security adviser — someone for whom privacy and security are core to their every working day — was identified and tracked in the data."
DC lawmakers could use this as a learning opportunity to finally understand why location data--whether it comes from an app or your cellular provider--shouldn't be treated cavalierly and sold to every nitwit with a nickel. Granted, it's just as likely the end lesson government learns is a focus on better location data security for government officials, and nobody else. As we've noted for a while, "feckless" is the best term to describe the government's response to a steady parade of scandals showing this data is routinely abused from everybody from rogue law enforcement officers to crazed stalkers.
The Congressional response to the Times' latest report was bipartisan in nature, even though a desire to actually do something about it hasn't been. Recall Congress voted along strict party lines to kill FCC broadband privacy rules in 2017 that could have at least partially addressed the problem. The GOP also supported the erosion of FCC authority in the net neutrality repeal, which also opened the door to greater abuse. Still, when the check comes due for those policy moves, notice how the outrage is suddenly bipartisan:
"This is terrifying,” said Senator Josh Hawley, Republican of Missouri, who has called for the federal government take a tougher stance with tech companies. “It is terrifying not just because of the major national security implications, what Beijing could get ahold of. But it also raises personal privacy concerns for individuals and families. These companies are tracking our kids."
“Tech companies are profiting by spying on Americans — trampling on the right to privacy and risking our national security,” Senator Elizabeth Warren, a Democrat running for president, told us. “They are throwing around their power to undermine our democracy with zero consequences. This report is another alarming case for why we need to break up big tech, adopt serious privacy regulations and hold top executives of these companies personally responsible.”
The FCC's supposed investigation into carrier location data sales appears to be stuck in neutral, with growing concerns the agency is running out the clock to avoid having to hold industry accountable. There's no real effort to craft rules that prohibit the widespread collection and sale of such data, and most policy conversations remain fixated exclusively on big tech, despite the problem also being rampant in big telecom. Meanwhile, our quest for an actual US privacy law in the internet are remains stuck in neutral, in large part because industry doesn't want to lose billions to consumers opting out of having their every waking moment monetized.
Still, the Times report (which many gearing up for the holidays won't read) may help finally dislodge some of this apathy and drive some actual, fact-based awareness of the real scope of the problem, maybe someday resulting in actual, serious proposals to fix it.
Filed Under: anonymized data, anonymous data, data brokers, datasets, donald trump, location data, privacy
