Is metadata private?

[overtone]

I want to know why gathering metadata, and metadata alone, is

considered by some as an invasion of privacy, for reasons other than

"the government might abuse its power"

The only reason you wonder about something so obvious is that you refuse to acknowledge what comes under the heading of metadata, refuse to acknowledge what the necessary circumstances are of its collection, and refuse to pay attention to the real life circumstances of the program actually in place as described by eyewitnesses and admitted in default by the officials involved.

 

Just the most obvious example: you simply took for granted that the name of the recipient of a personal letter was metadata, yet you labeled the observation that a government agent might regard the name of the recipient of a phone call as metadata a "conspiracy theory".

 

You have even claimed that a compilation of metadata does not identify an individual. That is just weird - don't you watch any police shows, know anyone who's been arrested, followed any investigation of one of the famous terrorist crimes? This, say:

That's my point — until they link

it to a name, all they know is that someone bought a PleasureMaster 4000,

is goofy. Dude, they have a file. They know that the guy who talks on this phone and uses this computer at these times and works in these places and calls these people and owns this car and writes this letter to the newspaper and bought a wedding anniversary bouquet for this woman at this address (the same one he calls from and keyboards from) bought this sex toy. They also, btw, know where he had it delivered, and whether that matches any of the addresses of his phone contacts, and so forth. That's just what they openly admit about the phone surveillance. What they carefully do not deny includes everything from vocabulary and keystroke patterns to voice analysis and businss computer passwords. It's all metadata.

Edited June 12, 2013 by overtone

[swansont]

don't you watch any police shows, know anyone who's been arrested, followed any investigation of one of the famous terrorist crimes?

 

Yeah, sure I watch them. But I also realize they are fiction, and take liberties with facts about procedures and the law. Police are not empowered to do some of the things that get portrayed on TV, which may be a reason people don't know what their actual rights are if they ever interact with the police.

 

 

This, say:

is goofy. Dude, they have a file. They know that the guy who talks on this phone and uses this computer at these times and works in these places and calls these people and owns this car and writes this letter to the newspaper and bought a wedding anniversary bouquet for this woman at this address (the same one he calls from and keyboards from) bought this sex toy. They also, btw, know where he had it delivered, and whether that matches any of the addresses of his phone contacts, and so forth. That's just what they openly admit about the phone surveillance. What they carefully do not deny includes everything from vocabulary and keystroke patterns to voice analysis and businss computer passwords. It's all metadata.

 

If you're not interested in discussing the OP within the parameters I've outlined, please start a new thread for your discussion.

[overtone]

 

If you're not interested in discussing the OP within the parameters I've outlined, please start a new thread for your discussion

The OP refers to the recent revelations regarding the NSA program of telephone metadata collection and compilation.

 

I am staying well within any parameters of a discussion relevant to what we know of that program, which I took from the OP. That's what I assumed you had "outlined" as parameters of discussion.

 

I don't think there are any parameters that will magically make reasonable an assertion that a compiled body of metadata attached to a phone and its calls does not identify a person unless their real name is explicitly attached to it, but feel free to make the attempt.

[swansont]

The OP refers to the recent revelations regarding the NSA program of telephone metadata collection and compilation.

 

I am staying well within any parameters of a discussion relevant to what we know of that program, which I took from the OP.

 

 

Neither the OP nor the court order makes any mention of anyone's "file", nor of a person's computer or car, or his wedding anniversary gift, etc. since it's telephony data. The court order also specifically excludes the content of the communication from the data collection, so your inclusion of voice analysis is also not within the scope of the subject.

 

 

That's what I assumed you had "outlined" as parameters of discussion.

 

 

I also I said I wasn't interested in conspiracy discussions.

 

Eyewitnesses, tattoos, DNA, fingerprints, Social Security number, clothing, scars, hair, residue or artifacts of crime, bloodstains and injuries, job location and residence, age and weight and height, race, - it's a long list -

 

So if I tell you to look for a white guy in a brown suit with a "Mother" tattoo, that is enough to identify him? And can you make the case that these are available as metadata from Verizon? Other than addresses, but those aren't unique idenifiers. e.g. I work with a few hundred people at my address.

 

 

Not without a warrant, specifying the location to be searched and the person or things to be seized.

 

And? This was a warrant, specifying the data to be seized.

 

 

I have been identified - they've assigned me an ID number, my own case file, etc. They know where I live, where I am at any time I have my phone on me (and a fair number of times I don't), my bank account numbers and passwords, even the make, model, serial number, license plate number, and location of my car if it has that modern phone stuff in it. They might have picked up my SSN, driver's license number, and physical description along the way (nothing stopping them - we know they record numbers punched into the keypad).

 

Do the police need to get a warrant to get your name and other info from your license plate? Why isn't that an invasion of privacy?

[imatfaal]

!

Moderator Note

 

proximity1

 

This thread is very much aimed at an almost procedural debate on the privacy of metadata - rather than the substantive discussion of the case of Edward Snowden's revalations to the Guardian / W.Post. I have moved the your two posts to the thread dealing with the NSA situation.

 

 

everyone

 

on such an important and potentially controversial news topic there are bound to be many diverse ideas that need to be discussed - please try and keep to one discussion point per thread. Feel free to open new threads for any new angles that you feel ought to be argued.

 

[proximity1]

@ 30 : "This thread is very much aimed at an almost procedural debate on the privacy of metadata."

 

Very well then,

 

What does "metadata" denote, mean, and include? And what, if anything, distinguishes "meta" in metadata from any other sort of data? That is, in other words, what about "metadata" essentially, intrinsically, different from so-called plain "data"-- and why ought anyone accept this distinction as worthy, valid?

 

And, RE: "Is metadata private?", what is the significance of the term, as you intend it, of "private"?

 

Can this question be adequately discussed without a clear idea of what you mean by "private"?

 

Which of the following, if any, are intended by "private"?

 

"not practically susceptible to examination" or "to view[ing]? or "not legally susceptible to view or search" ?

Does "private" mean "concealed" ? Does it mean "concealable" ? "Sensitive" ? "Privileged" ?

Edited June 14, 2013 by proximity1

[john5746]

Which is why the question is important — is metadata private?

 

My argument is no, because unless the metadata has an identifier, there is nothing being revealed about you. What the government knows is that 555-1234 called 555-5678 and talked for 14 minutes. (Multiplied by millions of calls each day) What it doesn't know is that John Smith called Jane Jones and talked for 14 minutes. Absent that knowledge, what personal privacy intrusion is taking place?

 

The problem with this is that it's such a tissue-paper thin barrier to go from knowing a phone number to knowing a name, and if you don't trust the government to resist the temptation to do a reverse lookup and find this out, that's IMO a valid point, but it's also a separate issue. That sort of action should require a warrant based on probable cause, and the government has not shown that it can be trusted to keep its hand out of this particular cookie jar. So some sort of secret oversight is no better than "trust us". To me, that's the real issue.

I agree with this assessment. I'm personally OK with them getting my data, but to me its a question of breach possibilities. As I think about this, one of the easier solutions is to replace the phone numbers with a dumb ID and that ID will relate to another database stored in another system under a different jurisdiction.

 

That database with people's phone number, email, 4 digit SSN, etc linked to this ID could then be more transparent. You could get the equivalent of a "credit report" once a year to see if your information has been requested.

 

The NSA data, with no easily identifiable info, could remain secret. Since it appears they let about any tech person to have access to this data, that would add a much needed layer of security. This would slow things down, but I see no reason why they need that quick access to identify people.

[proximity1]

RE:

 

"My argument is no, because unless the metadata has an identifier, there is nothing being revealed about you. What the government knows is that 555-1234 called 555-5678 and talked for 14 minutes. (Multiplied by millions of calls each day) What it doesn't know is that John Smith called Jane Jones and talked for 14 minutes. Absent that knowledge, what personal privacy intrusion is taking place?"

 

 

John5746:

"I agree with this assessment. I'm personally OK with them getting my data, but to me its a question of breach possibilities. As I think about this, one of the easier solutions is to replace the phone numbers with a dumb ID and that ID will relate to another database stored in another system under a different jurisdiction.

"That database with people's phone number, email, 4 digit SSN, etc linked to this ID could then be more transparent. You could get the equivalent of a "credit report" once a year to see if your information has been requested.

"The NSA data, with no easily identifiable info, could remain secret. Since it appears they let about any tech person to have access to this data, that would add a much needed layer of security. This would slow things down, but I see no reason why they need that quick access to identify people."

RE: posts N° 3 & 32:

 

Nature Scientific Reports (Open Access) "Unique in the Crowd: The privacy bounds of human mobility"

Yves-Alexandre de Montjoye, César A. Hidalgo, Michel Verleysen & Vincent D. Blondel

Scientific Reports 3, Article number: 1376 doi:10.1038/srep01376

Received 01 October 2012

 

Accepted 04 February 2013

 

Published

25 March 2013

 

We study fifteen months of human mobility data for one and a half million individuals and find that human mobility
traces are highly unique. In fact, in a dataset where the location of an individual is specified hourly, and with a spatial resolution
equal to that given by the carrier's antennas, four spatio-temporal points are enough to uniquely identify 95% of the individuals. We
coarsen the data spatially and temporally to find a formula for the uniqueness of human mobility traces given their resolution and the
available outside information. This formula shows that the uniqueness of mobility traces decays approximately as the 1/10 power of their
resolution. Hence, even coarse datasets provide little anonymity. These findings represent fundamental constraints to an individual's
privacy and have important implications for the design of frameworks and institutions dedicated to protect the privacy of individuals."

... "

Modern
information technologies such as the Internet and mobile phones, however, magnify the uniqueness of individuals, further enhancing the
traditional challenges to privacy. Mobility data is among the most sensitive data currently being collected. Mobility data contains the approximate
whereabouts of individuals and can be used to reconstruct individuals' movements across space and time.

... "

A simply anonymized dataset does not contain name, home address, phone number or other obvious identifier. Yet, if individual's patterns are unique enough, outside information can be used to link the data back to an individual. For instance, in one study, a medical database was successfully combined with a voters list to extract the health record
of the governor of Massachusetts²⁷. In another, mobile phone data have been re-identified using users' top locations²⁸. Finally, part of the Netflix challenge dataset was re-identified using outside information from The Internet Movie Database²⁹.

... "

All together, the ubiquity of mobility datasets, the uniqueness of human traces, and the information that can be inferred from them highlight the importance of understanding the privacy bounds of human mobility. We
show that the uniqueness of human mobility traces is high and that mobility datasets are likely to be re-identifiable using information only on a few outside locations. Finally, we show that one formula determines the uniqueness of mobility traces providing mathematical bounds to the privacy of mobility data. The uniqueness of traces is found to decrease according to a power function with an exponent that scales linearly with the number of known spatio-temporal points. This implies that even coarse datasets provide little anonymity.

"

http://www.nature.com/srep/2013/130325/srep01376/full/srep01376.htm

Edited June 14, 2013 by proximity1

[john5746]

proximity, sounds like your stance is that databases should not exist. Good luck with that.

[ewmon]

I concur that metadata is private.

 

The American government collecting metadata on our virtual lives is the same as those mandatory North Korean government "guides" following you around and noting the locations you visit and the people you conversed with, although not knowing the reason you visited those locations or the content of those conversations.

 

If a private citizen collected metadata on you, the authorities would call it "cyberstalking". Of course it's private.

 

I quote Wikipedia on cyberstalking (with emphasis added) —

 

Cyberstalking is the use of the Internet or other electronic means to stalk or harass an individual, a group of individuals, or an organization. It may include the making of false accusations or statements of fact (as in defamation), monitoring, making threats, identity theft, damage to data or equipment, the solicitation of minors for sex, or gathering information that may be used to harass. The definition of "harassment" must meet the criterion that a reasonable person, in possession of the same information, would regard it as sufficient to cause another reasonable person distress. ... Cyberstalking is a criminal offense

 

The reason why Internet companies don't automatically share metadata with the government is because doing so would distress its customers.

 

Welcome to virtual North Korea, led by our dear Supreme Leader Kim Barack-Obama, successor of our dear Eternal Leader Kim George-Bush. I hope all of us are wearing our government-issued lapel pins. Of course we are. [/sarcasm]

 

(Oh great! That last bit will surely force the NSA to sic its virtual bloodhounds on me.)

[Cap'n Refsmmat]

proximity, sounds like your stance is that databases should not exist. Good luck with that.

I would say that because metadata is private, while such databases can exist they should be carefully overseen. I don't count "trust us, there's oversight, but it's top secret" as oversight. I don't see how secret oversight of a secret program offers any guarantee that abuse will be detected or punished.

Welcome to virtual North Korea, led by our dear Supreme Leader Kim Barack-Obama, successor of our dear Eternal Leader Kim George-Bush. I hope all of us are wearing our government-issued lapel pins. Of course we are. [/sarcasm]

 

(Oh great! That last bit will surely force the NSA to sic its virtual bloodhounds on me.)

If you want to sic the NSA bloodhounds on you, just end every post with a selection of interesting key words.

 

You know, like Adriatic Croatian bullion Bin Laden weapons of mass destruction infowar UNSCOM Centro embassy red noise pre-emptive 9/11 morse Steve Case beanpole cypherpunk. (M-x spook)

[proximity1]

"I would say that because metadata is private, while such databases can exist they should be carefully overseen. I don't count "trust us, there's oversight, but it's top secret" as oversight. I don't see how secret oversight of a secret program offers any guarantee that abuse will be detected or punished.

If you want to sic the NSA bloodhounds on you, just end every post with a selection of interesting key words."

 

There exists only one conceivable manner in which such an "oversight" might occur---namely, when an insider, someone with direct, personal knowledge of and access to documentation of abuse, has a "crisis of conscience" and, at enormous risk to himself or herself, reveals evidence and examples of the abuse. Everything else in "oversight" has been tried again and again and failed again and again: Senate and House committees, executive agencies, departments of ethics and oversight within the intelligence agencies themselves, periodic (crisis-driven) congressional hearings and "reform" legislation, which, again, experience has shown again and again, will be diluted, circumvented, depassed by technological evolution, etc.

 

All of these have repeatedly failed to produce any effective and lasting improvements or even what would constitute a basic temporary practical "oversight" of what, in acts, programs, techniques, are, of course, inherently secret. There does not even exist any very important public sentiment which creates an effective climate of opposition to official government abuse of secret powers and secretly collected and used information which strikes directly at the public's own privacy rights and interests. In light of all that, all we have, our last resort, is to pin hopes on the only too rare occurrances of episodes such as the current one.

 

I remember the incidents and the congressional hearings which, in 1978, led to the now-feckless reforms and corrective measures which, then, were supposed to prevent such things as we are today learning about from happening again.

Edited June 14, 2013 by proximity1

[swansont]

Yet, if individual's patterns are unique enough, outside information can be used to link the data back to an individual.

 

Outside information.

 

You can identify that the subject is a unique individual, which is why they are interested in the data, but you do not know who the person is without more information. As I have been saying.

[proximity1]

Outside information.

 

You can identify that the subject is a unique individual, which is why they are interested in the data, but you do not know who the person is without more information. As I have been saying.

 

"...but you do not know who the person is without more information. As I have been saying."

 

You've been saying that, yes. But this indicates that that repeated assertion is false, for, as the study says explicitly, ..."four spatio-temporal points are enough to uniquely identify 95% of the individuals".

 

What else except "knowing who the person is" does "uniquely identify 95% of the individuals" mean? (emphasis added).

 

You are now faced with a documented report providing direct evidence that indicates that your repeated claim is false--not to mention that, in the metadata as a collective whole that's under consideration here, there is obvisously an enormous range of other "corroborative data" (that is the "outside information" which to which the authors refer) which supplements the data which this study reviewed-- i.e. "mobility data".

 

As the authors write, concerning just that, the effects of augmenting the mobility data with "outside information":

 

"Modern information technologies such as the Internet and mobile phones, however, magnify the uniqueness of individuals, further enhancing the traditional challenges to privacy. Mobility data is among the most sensitive data currently being collected."

[swansont]

If a private citizen collected metadata on you, the authorities would call it "cyberstalking". Of course it's private.

Corporations gather metadata on you, and some believe corporations are people.

 

The courts have already ruled (way back in 1979) that the phone numbers you dial are not private; you have no reasonable expectation of privacy and obtaining the numbers doesn't require a warrant.

http://supreme.justia.com/cases/federal/us/442/735/case.html

[users] typically know that they must convey phone numbers to the telephone company and that the company has facilities for recording this information and does, in fact, record it for various legitimate business purposes

 

…

 

This Court consistently has held that a person has no legitimate expectation of privacy in information he

voluntarily turns over to third parties

proximity1, on 14 Jun 2013 - 12:46, said:

"...but you do not know who the person is without more information. As I have been saying."

 

You've been saying that, yes. But this indicates that that repeated assertion is false, for, as the study says explicitly, ..."four spatio-temporal points are enough to uniquely identify 95% of the individuals".

 

What else except "knowing who the person is" does "uniquely identify 95% of the individuals" mean? (emphasis added).

AFAICT it means if you tagged that person with some label, like "subject A", you have a 95% confidence that you keep track of him or her and not get the subject mixed up with someone else.. But you don't know who the person is without additional information. Just like it says in what you quoted.

proximity1, on 14 Jun 2013 - 12:46, said:

You are now faced with a documented report providing direct evidence that indicates that your repeated claim is false--not to mention that, in the metadata as a collective whole that's under consideration here, there is obvisously an enormous range of other "corroborative data" (that is the "outside information" which to which the authors refer) which supplements the data which this study reviewed-- i.e. "mobility data".

But the part you quoted agrees with me, not you.

proximity1, on 14 Jun 2013 - 12:46, said:

As the authors write, concerning just that, the effects of augmenting the mobility data with "outside information":

 

"Modern information technologies such as the Internet and mobile phones, however, magnify the uniqueness of individuals, further enhancing the traditional challenges to privacy. Mobility data is among the most sensitive data currently being collected."

Yes, they are concerned about this. That doesn't mean that the information is considered private.

 

 

proximity1, on 14 Jun 2013 - 08:11, said:

@ 30 : "This thread is very much aimed at an almost procedural debate on the privacy of metadata."

 

Very well then,

 

What does "metadata" denote, mean, and include? And what, if anything, distinguishes "meta" in metadata from any other sort of data? That is, in other words, what about "metadata" essentially, intrinsically, different from so-called plain "data"-- and why ought anyone accept this distinction as worthy, valid?

The items delineated in the court order, which specifically do not include the person't name, address, financial information nor the content of the call.

proximity1, on 14 Jun 2013 - 08:11, said:

And, RE: "Is metadata private?", what is the significance of the term, as you intend it, of "private"?

 

Can this question be adequately discussed without a clear idea of what you mean by "private"?

In the context of the 4th amendment, as in a reasonable expectation of privacy.

[proximity1]

Corporations gather metadata on you, and some believe corporations are people.

 

The courts have already ruled (way back in 1979) that the phone numbers you dial are not private; you have no reasonable expectation of privacy and obtaining the numbers doesn't require a warrant.

http://supreme.justia.com/cases/federal/us/442/735/case.html

 

Justice Thurgood Marshall dissented from the majority opinion in this case and Justice William J. Brennan joined him in his dissenting opinion, in which Marshall wrote,

 

 

"Privacy is not a discrete commodity, possessed absolutely or not at all.

Those who disclose certain facts to a bank or phone company for a

limited business purpose need not assume that this information will be

released to other persons for other purposes."

Of course, when the people who debated the fine points of the United States Constitution eventually determined to add, as an amendment to improve their work, the Fourth Amendment,

 

"The right of the people to be secure in their persons, houses, papers,

and effects, against unreasonable searches and seizures, shall not be

violated, and no Warrants shall issue, but upon probable cause,

supported by Oath or affirmation, and particularly describing the place

to be searched, and the persons or things to be seized." (*)

 

they understood that there is nothing magical about these words, nothing that should in and of itself vouchsafe that generations later, the publics to whom they left this civil right, would understand it or care about it enough to keep it rather than shrugging it off as no longer convenient to their consumer-society of digital gadgetry.

 

(*) In J. Madison's earlier versions, the text and scope of the Fourth Amendment was even stronger than what was finally adopted. See Madison's Notes on the Constitutional Convention.)

[iNow]

Proximity - Just because you can cite the dissent of one Justice does not mean the courts ruling on overall constitutionality is somehow invalid.

[overtone]

 

The items delineated in the court order, which specifically do not
include the person't name, address, financial information nor the
content of the call.

Which leaves a whole lot of information - easily sufficient to identify a caller - not specifically excluded.

 

Such as the locations of the phones involved, say.

 

We don't know what they have been collecting and filing, is the point. Until we do, reassurances are empty. They concealed the scope of this program, they launched it under false pretenses (only foreign calls, if you remember), and they are using agencies and techniques not in the past permitted legally to monitor US citizens not suspected of crime. That is not a good situation. . We are entitled to know what they are up to,

 

The court order also specifically excludes the content
of the communication from the data collection, so your inclusion of
voice analysis is also not within the scope of the subject.

Where do you see metadata such as that excluded? Voice analysis, for example, is not content.

 

The kinds of analysis available from the equipment and software we know were installed back in W's time - and never afaik removed - would be largely metadata - not content. They would include indentification of individual callers, files kept under those identifications, and all manner of description of their calls short of recording them.

 

For example: You say names and addresses (at least of the callers) are not included, as if that were some kind of protection - but we have been specifically informed that the GPS locations of the calls - both made and received - are being collected and compiled. Reassurances about addresses become a bit comical, given that. If they are compiling metadata on a particular caller phoning from the SW corner office on the sixth floor of a particular building, say, whether or not they compile the address is not much significant.

 

 

And? This was a warrant, specifying the data to be seized.

The problem is exactly that it did not specify the data to be seized. It does not specify the location to be searched, either. And the court involved is not supposed to be dealing with US citizens withn the boundaries of the country and not suspected of international crime.

 

We know for sure three things: the program was kept secret from us, and its workings are still largely unknown; the program was launched under false pretenses, as a surveillance of foreigners.; nothing in the workings of the program that have been revealed to us prevents systematic as well as rogue agent abuses and invasions of privacy.

[Cap'n Refsmmat]

Where do you see metadata such as that excluded? Voice analysis, for example, is not content.

The NSA cannot perform voice analysis if the phone companies do not have to turn over the content of calls.

 

If you're alleging that the NSA performs data collection outside that contained in the court order, that's a separate surveillance program outside the scope of this thread. Here, the question is if the metadata in the court order is private.

[john5746]

I would say that because metadata is private, while such databases can exist they should be carefully overseen. I don't count "trust us, there's oversight, but it's top secret" as oversight. I don't see how secret oversight of a secret program offers any guarantee that abuse will be detected or punished.

I agree, which is why I made a proposal, rather than just support the status quo. Digital communications will just increase, with products(3D printing) being sent over the air. Threats will increase, so more and more metadata will be available and it will be easier and easier to pull a McCarthy on those in power or fighting power. But, suggesting the gathering of no data isn't a solution.

[ewmon]

Corporations gather metadata on you, and some believe corporations are people.

 

The courts have already ruled (way back in 1979) that the phone numbers you dial are not private; you have no reasonable expectation of privacy and obtaining the numbers doesn't require a warrant.

 

However, the phone companies don't tell us that they're giving the metadata to the government ... or anyone else for that matter. T Jefferson said to treat the government as our enemy. I agree. Do not give the phone numbers I call to the enemy.

 

Speaking of companies as people, Merck has been convicted of criminal fraud four times! Exactly where does the mens rea reside in a company, as it must exist for an action to be considered criminal? Companies should have an executive position with the title of "Patsy" so someone can actually go to prison for the company's crimes.

[proximity1]

 

> 40: "The items delineated in the court order, which specifically do not include the person't name, address, financial information nor the content of the call. In the context of the 4th amendment, as in a reasonable expectation of privacy."

 

__________________________

 

 

 

proximity1,

on 14 Jun 2013 - 14:05, said:

 

proximity1,

on 14 Jun 2013 - 08:11, said:

 

And, RE: "Is metadata private?", what is the significance of the term, as you intend it, of "private"?

 

 

 

Can this question be adequately discussed without a clear idea of what you mean

by "private"?

 

 

Swansont replies: “In the context of the 4th

amendment, as in a reasonable expectation of privacy.”

 

So, the practical up-shot, which now should be rather obvious, is that the Fourth Amendment, by your view of things, is constantly at

the mercy of an ever-changing and, in our times, certainly, ever-diminishing “reasonable expectation of privacy” such that, as technological evolution makes greater and greater intrusions on what it is possible to keep private, secret, from anyone technologically powerful enough to reach and inspect, especially, in a digitally-networked age, reach and inspect by secret and remote means, ETA: thus the meaning of "reasonable expectation of privacy" inexorably shrinks--and, I don't see how an expectation, once reduced, once "lost", is recoverable later as long as technology "thwarts" its "reasonableness"--as, of course, you define that, since I have yet to see you concede that anyone else's notion of reasonable is admissable here. Any example of that?

 

 

Since a person is susceptible to remote direct or indirect observation—those from cell-tower relay transmitters which detect and

log a cell phone’s nearest relay point, to trackers of page-views on any connection to the internet, whether the person connected takes any direct and

overt act to “publish” his or her publicly-viewable “opinion” or not—even at home, no one escapes the potential surveillance unless he or she effectively

disconnects from any and all “grid-points”: turn off the cell phone (and remove the battery, too?), close the computer connection—which means, if you are on a live-cable connection, you have to not only power-down, but disconnect the physical cable since many operations are possible without a so-called active log-on. Whenever the cable is connected, just as with a television set’s cable connection, the “service-provider”

remains constantly, continuously abreast of the television’s state from its “sleep-mode” sensing capacity; so the cable signals when the set is “off,” or “on,” and all operations which occur, whether by an actual present viewer or a programmed direction for recording in the viewer’s absences.

 

So, even while at home, and especially anywhere outside the home, no one ever has a complete “expectation of privacy” from the

potential or actual snooping capacities of technology. It thus becomes conceivable to reduce Fourth Amendment rights to a nullity, a meaningless cipher.

 

Thus we have the real-world implications of your view. Our right to privacy is a function of what we may, in your view, apparently, “reasonably expect” a concept which is under relentless open attack from the technology on the immediate horizon. I gather, too, that your view may also include that no private (LOL!) invidual should ever have an effective, that is, unilateral capacity for secrecy in one's behavior which is beyond officialdom's power to survey or somehow supervise.

 

__________________________

 

"What else except "knowing who the person is" does "uniquely identify 95% of the individuals" mean?"

 

RE: "AFAICT it means if you tagged that person with some label, like "subject

A", you have a 95% confidence that you keep track of him or her and not

get the subject mixed up with someone else.. But you don't know who the

person is without additional information. Just like it says in what you

quoted.

 

Read the text again: (abstract):

 

"We study fifteen months of human mobility data for one and a half

million individuals and find that human mobility traces are highly

unique. In fact, in a dataset where the location of an individual is

specified hourly, and with a spatial resolution equal to that given by

the carrier's antennas, four spatio-temporal points are enough to

uniquely identify 95% of the individuals. We coarsen the data spatially

and temporally to find a formula for the uniqueness of human mobility

traces given their resolution and the available outside information.

This formula shows that the uniqueness of mobility traces decays

approximately as the 1/10 power of their resolution. Hence, even coarse

datasets provide little anonymity. These findings represent fundamental

constraints to an individual's privacy and have important implications

for the design of frameworks and institutions dedicated to protect the

privacy of individuals."

 

According to your asserted interpretation, the text in bold above is simply nonsense, since "individuals" as you interpret it, never means people whose actual real-life identities are either known or knowable necessarily to the researchers (or anyone else in their comparable circumstances). In that interpretation, why do the authors write that "even coarse datasets "provide little anonymity"? As I read your interpretation, at no point in the course of the study is the anonymity of these individuals' ever breached, compromised, or lost. And, again, according to that "reasoning", the authors' writing that ..."These findings represent fundamental constraints to an individual's privacy" is also nonsense.

 

How do you account for that?

 

It seems to me you're embarked on what amounts to desperate rationalizing which, as you proceed, becomes more and more ridciculous.

 

It occurs to me that a simple and direct course is to simply ask one of the research team whether your interpretation is correct.

 

 

Edited June 16, 2013 by proximity1

[overtone]

 

The NSA cannot perform voice analysis if the phone companies do not have to turn over the content of calls

The phone companies all have - since W's program in the early 2000s - installed capacity for a variety of analyses of calls.

 

Voice analysis may or may not be one of them. If it is, nothing in this NSA domestic dragnet prevents them from turning it over - or any of the other metadata acquisitions they may or may not be engaged in, in W's time at government "request".

 

That is in addition to the known information - the location, in particular, would usually be sufficient for tracking individual callers. Cell phones seldom have very many different callers.

 

In the case of other ostensibly "public" information, such as car license numbers and owners, we have recognized the problem and insisted on oversight, policy, and transparency. We expect abuses, of course, and guard against them. In Minnesota we recently had a case of unauthorized surveillance via car license and driver's license info - stalkers on the police force were accessing this information in cases where no law enforcement need was present. They got caught, and suffered consequences, and the victims were able to seek redress and obtain a full report of the activity.

 

No such oversight, capability of victims, prosecution, and in fact no such policies in the first place, are visible here. .

[swansont]

by your view of things

 

…

 

Thus we have the real-world implications of your view.

 

Um, no. Not "my view". The legal view. I did not ask if metadata should be private. I asked if it was private. And I was able to find my answer: no, it's not. I wanted to understand the reasoning behind that. I think I do.

 

 

__________________________

 

"What else except "knowing who the person is" does "uniquely identify 95% of the individuals" mean?"

 

 

Just as I said. It means being able to tag a subject with high confidence, It doesn't give you their name.

 

If the study had found that you couldn't do this, would there be any point in gathering the data?

 

RE: "AFAICT it means if you tagged that person with some label, like "subject

A", you have a 95% confidence that you keep track of him or her and not

get the subject mixed up with someone else.. But you don't know who the

person is without additional information. Just like it says in what you

quoted.

 

Read the text again: (abstract):

 

"We study fifteen months of human mobility data for one and a half

million individuals and find that human mobility traces are highly

unique. In fact, in a dataset where the location of an individual is

specified hourly, and with a spatial resolution equal to that given by

the carrier's antennas, four spatio-temporal points are enough to

uniquely identify 95% of the individuals. We coarsen the data spatially

and temporally to find a formula for the uniqueness of human mobility

traces given their resolution and the available outside information.

This formula shows that the uniqueness of mobility traces decays

approximately as the 1/10 power of their resolution. Hence, even coarse

datasets provide little anonymity. These findings represent fundamental

constraints to an individual's privacy and have important implications

for the design of frameworks and institutions dedicated to protect the

privacy of individuals."

 

According to your asserted interpretation, the text in bold above is simply nonsense, since "individuals" as you interpret it, never means people whose actual real-life identities are either known or knowable necessarily to the researchers (or anyone else in their comparable circumstances). In that interpretation, why do the authors write that "even coarse datasets "provide little anonymity"? As I read your interpretation, at no point in the course of the study is the anonymity of these individuals' ever breached, compromised, or lost. And, again, according to that "reasoning", the authors' writing that ..."These findings represent fundamental constraints to an individual's privacy" is also nonsense.

 

Anonymous, in this context, means you can't be traced.

 

"A simply anonymized dataset does not contain name, home address, phone number or other obvious identifier. Yet, if individual's patterns are unique enough, outside information can be used to link the data back to an individual."

 

Were they lying when they said this?

 

How do you account for that?

 

It seems to me you're embarked on what amounts to desperate rationalizing which, as you proceed, becomes more and more ridciculous.

 

It occurs to me that a simple and direct course is to simply ask one of the research team whether your interpretation is correct.

 

 

 

Do that. Ask them what they meant by "outside information" and if they could get the name from the tracking data.

[proximity1]

> 49: "Do that. Ask them what they meant by "outside information" and if they could get the name from the tracking data."

 

I sent a request via e-mail to the study's designated author-for-replies-to-queries, with this question and a request for permission to quote his answer. At this writing I have not seen a reply to that. More later if I learn anything on it.