Metadata Not Anonymous at All, Stanford Researchers Show

[TampaYankee]

Metadata Not Anonymous at All, Stanford Researchers Show

By Tom's Guide / Marshall Honorof11 hours ago

If you're not concerned about government surveillance of your phone because the National Security Agency (NSA) only collects metadata, think again. A study from Stanford University shows that connecting "anonymous" metadata to compromising personal information is trivially easy.

Documents leaked in June by former NSA contractor Edward Snowden revealed that the organization was collecting metadata about calls placed to and from Verizon telephone lines. Although this revelation was potentially troubling, metadata collection is, in theory, not cause for concern.

The metadata about your phone calls does not reveal your name or identity, or the content of your conversations, but it does track the numbers you call, how long the calls last, and which other companies have your phone number in their directories.

Although the specific documents leaked in June concerned Verizon landlines, the NSA has since admitted that it collects metadata about mobile telephone calls and text messages as well.

MORE: 13 Security and Privacy Tips for the Truly Paranoid

Sen. Dianne Feinstein (D-Calif.), who heads the Senate Intelligence Committee, has said that collecting metadata is "not surveillance." Because the information, by itself, cannot identify individuals, Feinstein and the NSA hold that it is practically harmless for the government to collect it.

A research team operating out of Stanford University disagrees, and hopes to prove its point with a new Android app called MetaPhone. By accessing your phone number and your Facebook page, this app does what any NSA program could do: It acquires your metadata, then correlates it with your social-media information to see how much it can learn about you.

"Phone metadata is inherently revealing," wrote Jonathan Mayer and Patrick Mutchler, the app's designers, on a Stanford Law School blog. By using MetaPhone, you can submit your information to a Stanford research project so that Mayer and Mutchler can determine how easy it is for organizations to glean personal information from your supposedly non-revealing metadata.

When Tom's Guide tried the app, we found that the results supported Stanford's assertion: Dozens of different organizations had the phone number we tried on file. The NSA — or worse, a cybercriminal — would be able to find our name, our geographic location, our bank, our medical facilities and even our eating habits with just a simple cross-check online.

Whether the NSA is actually cross-referencing individual metadata is another question. The process is simple, but by no means efficient. Uploading and cross-checking data takes time, and to find more complex information, like a home address, would likely take some human oversight.

Like most NSA surveillance programs, you probably have nothing to worry about unless you're conspiring with terrorists or planning some kind of criminal activity. The question of whether the NSA should have access to such revealing data from everyday citizens, though, is a legitimate privacy concern.

Aside from participating in the MetaPhone study, there are a few things the average user can do to protect him or herself. Not listing your phone number on your Facebook or Twitter profile makes you harder to track down.

If you're really paranoid, ditch your smartphone and use a new disposable phone every month. Forget about landlines; they're even easier to track than cellphones.

See original article at: http://news.yahoo.com/metadata-not-anonymous-stanford-researchers-222037555.html

[Guest Paragon]

Great article. Thanks for sharing. This stuff seems to have no end.

[MsGuy]

A different point of view:

http://www.boston.com/news/nation/2013/12/27/judge-rules-nsa-phone-surveillance-legal/WaF4dgUZoZFdsCfYAWZoAO/story.html

[Guest Paragon]

And thank you for that. If we truly trusted our government, I guess we would worry less. This judge sees apples when the other judge sees ringworm. I want to see safety, and yet still I want to see privacy...and a respect for it.

[boiworship]

Creeping totalitarianism.

[lookin]

If we truly trusted our government, I guess we would worry less.

It's not easy trusting the government when it's in the process of becoming more opaque. Fundamental decisions are being made behind closed doors. Could anyone have believed a dozen years ago that we'd have a federal court that did not publish its decisions and was not subject to oversight? Even Congress wasn't - and isn't - told the full truth.

If the government thinks it needs secrecy in certain areas, it should lead the public debate about which areas and how much freedom citizens are willing to give up in return. Getting ratted out by a contractor is not a trust-building maneuver.

In my opinion, it's not about trusting what goes on behind closed doors; it's about making sure the doors are rarely closed and don't stay shut for long. Once they're shut, how is anyone to know what's going on behind them? What if a war on terror becomes a war on gay porn? I don't especially need James Clapper checking into my browser history.

While I don't expect that to happen any time soon, I also don't expect the government to rein in its new-found technical capabilities on its own. I think, without public input, expansion of targets is inevitable. Where has restraint been shown so far?

I've linked to this article before about changes we asked the Germans to make after 9/11. It's a decade old, but still provides food for thought about how trust is built when a government is transparent to its citizens, and citizens are opaque to the government. I think we are moving in the opposite direction.

[MsGuy]

Interesting metaphor, lookin. I never thought of it in terms of two way transparency.

Peeping us is all well and good but they sure get their panties in a knot if we put an eye on their keyhole.

Oddly enough, the same advanced tech that makes us so naked to their gaze would make it possible, for the first time since hunter/gatherers, for human governance to be transparent to the governed. If only they wanted it. Or, maybe better put, if only we insisted.

Hey, look at you.