Skip

Why the collision of big data and privacy will require a new realpolitik
March 26, 2013 10:10 AM   Subscribe

Why the collision of big data and privacy will require a new realpolitik:
The paper, entitled Unique in the Crowd: The privacy bounds of human mobility, took an anonymized dataset from an unidentified mobile operator containing call information for around 1.5 million users over 14 months. The purpose of the study was to figure out how many data points — based on time and location — were needed to identify individual users. The answer, for 95 percent of the “anonymous” users logged in that database, was just four.
posted by stoneweaver (17 comments total) 33 users marked this as a favorite

 
Not really sure what this has to do with "realpolitik."

A very good book about privacy and security concerns in the face of near-future real-time "big data" analysis is the novel "Rainbows End" by Vernor Vinge.
posted by grobstein at 10:22 AM on March 26, 2013 [3 favorites]


So if I know where a person goes on a regular basis I could use this information to find them in a big data set! This isn't finding a needle in a haystack, its finding a large multicoloured pole which you have specifically told exists in the haystack, in the haystack.

The fun game is if you are said coloured pole, how can you deviate from your regular path without being noticed by The Man. May I suggest going to the gym regularly and leaving your phone in a locker, committing you crimes/political freedom fighter activity, then returning to the gym.
posted by Damienmce at 10:31 AM on March 26, 2013 [1 favorite]


Nobody goes anywhere anymore, it's too crowded.
posted by chavenet at 10:33 AM on March 26, 2013 [4 favorites]




Yes, grobstein, I'm not sure what the author meant apart from "thinking realistically about policy," which I guess sort of fits.

David Brin's Transparent Society (nonfiction) is another good read. Or, ah, I thought so when I read it in high school. Please forgive me if it turns out that that bit of science-fiction-inflected futurology has been visited by the suck fairy in the intervening decade.

And he's already briefly come up in the Google Glass thread, but I think it bears repeating that Hannu Rajaniemi's Quantum Thief has a fascinating depiction of a society with ubiquitous surveillance (and a publicly-available "exomemory") but also ubiquitous, hard-wired privacy protocols (the "gevulot"). I've no idea how these privacy protocols could be implemented in practice, but it was an interesting depiction of surveillance and privacy might co-exist. Naturally the book's drama revolves in part around compromises in the gevulot/exomemory system.
posted by col_pogo at 10:36 AM on March 26, 2013 [1 favorite]


So if I know where a person goes on a regular basis I could use this information to find them in a big data set!

Yes, or, alternatively: if I can collect several days' worth of information about a person, and I have access to big, anonymized datasets, then I can figure out everywhere they've been in the last ten years!
posted by gurple at 10:37 AM on March 26, 2013 [7 favorites]


col_pogo: "David Brin's Transparent Society (nonfiction) is another good read. Or, ah, I thought so when I read it in high school. "

I enjoyed this too when it was published. Here's a summary in the form of a response to a critique by Schneier.
posted by chavenet at 10:48 AM on March 26, 2013


Yes, or, alternatively: if I can collect several days' worth of information about a person, and I have access to big, anonymized datasets, then I can figure out everywhere they've been in the last ten years!

And what prey tell is shocking about this? 1. Follow me, identify my IMEI in data 2. Find IMEI historical movements in data 3. Profit. Has every police procedural of the last 10 years taught us nothing?
posted by Damienmce at 11:03 AM on March 26, 2013


Yeah, "real-politik" means doing really nasty, cynical things in matters of foreign policy under the rationale that it serves the greater good. I don't quite see how that fits here.
posted by saulgoodman at 11:05 AM on March 26, 2013 [1 favorite]


Yes, or, alternatively: if I can collect several days' worth of information about a person, and I have access to big, anonymized datasets, then I can figure out everywhere they've been in the last ten years!

Even if you don't follow them around, their place of work and home address should be enough to do the trick. If you get a set of office locations from Linked-In, and then go through and try and find facebook or whatever profiles for those people that have very loose privacy settings and lots of check-ins, I bet you'd be able to get (Name, Office address, Approximate home location) sets for many people.

That's not even considering FB of FourSquare check-ins that match dates and locations.
posted by atrazine at 11:12 AM on March 26, 2013


And what prey tell is shocking about this?

*shrug* Nothing, for you, I guess? And so... you're saying we shouldn't talk about it? Or something? OK, then don't.

I'm not personally ultra-worried about the government tracking me, though I'm very worried about the government tracking people in a broader sense. But I am personally very concerned about my movements, and my daughters', being casually tracked by corporations that might have an interest in them. Insurance companies, for instance. Banks, lenders. Colleges. Worry is limited only by imagination. It's one thing for it to be theoretically possible to do this; it's another for it to be easy. The easier it is, the more harm I worry about.
posted by gurple at 11:14 AM on March 26, 2013 [4 favorites]


And what prey tell is shocking about this? 1. Follow me, identify my IMEI in data 2. Find IMEI historical movements in data 3. Profit. Has every police procedural of the last 10 years taught us nothing?

The core problem the paper is pointing out is that people treat this data as "anonymized" just because the data isn't labeled with any personally identifiable information, when the data itself is inherently highly non-anonymous. It would be like putting a keylogger on everyone's computer and giving out the raw data to people, in that there's no possible way to anonymize it properly if it shows that someone typed in "jfendersonsmen@gmail.compAssW0rd" every day.
posted by burnmp3s at 12:36 PM on March 26, 2013 [2 favorites]


Predictive Smartphone Assistant Gives You A Heads Up
Google Now, an app for Android smartphones that serves up useful information such as flight details when it thinks you need it, is getting some competition from a former Googler.

Sherpa, a free smartphone app, mines your e-mails, calendar, and location data to determine the best time and place to let you know something like your flight information and help with next steps, such as getting a cab to the airport.
People will be onboard because the technology smooths the way, offloading decision-making.
Ferrell also envisions Sherpa offering additional features. It’s currently testing one at a Philz Coffee in downtown Palo Alto: if you tend to get coffee there each morning, Sherpa can alert you when you’re about 500 meters away from the shop and ask if you want your regular cup. If you respond yes, it will be ready for you when you walk in the door.
posted by the man of twists and turns at 12:37 PM on March 26, 2013


Sherpa can alert you when you’re about 500 meters away from the shop and ask if you want your regular cup. If you respond yes, it will be ready for you when you walk in the door.

Ahem:

... they have the capacity to see dimly into the immediate future, which enables the elevator to be on the right floor to pick you up even before you knew you wanted it, thus eliminating all the tedious chatting, relaxing and making friends that people were previously forced to do while waiting for elevators.
posted by gurple at 12:47 PM on March 26, 2013 [6 favorites]


"There needs to be better regulation that works in practice – unlike Europe’s messy cookie law or the 'right to be forgotten'."

Right to be forgotten on the web unworkable, argue data watchdogs
posted by homunculus at 5:37 PM on March 26, 2013


I thought that the meaning of realpolitik in European history was when you dropped diplomatic niceties like respect for sovereignty or tradition or reverence for the distant blood ties the monarchies of two nations might have, or dispensed with concern for one's own national honor and saving face in the interest of moving forward, or stopped trying to exact justice for a grievance that isn't realistically going to be redressed.

So despite all the fuss about demanding just reparations from the losers of World War I, we're not going to talk about the fact that the Allies subsequently took their still-active forces and tried to intervene militarily in the Russian Civil War against the Bolsheviks; because the Bolsheviks aren't going to be unseated from power but also aren't going to be compensated in any way for having been invaded. Or, we aren't going to oppose Hitler taking the Sudetenland because in reality there's no way to stop him without repeating World War I, which we aren't willing to do (yet).

So in the context of the OP it's saying that if you can completely de-anonymize someone's phone records using only four data points, if we continue to pretend that the person's privacy is being respected because their name isn't directly attached to the data, that nominal state of privacy will be a complete falsehood because anyone looking at the records can figure out everyones' names by correlating a very small, easily-available amount of information from other sources.

tl;dr And thus rather than maintaining a pretense that people have absolute privacy and anonymity simply because a law somewhere says that they must, we should develop laws and policies and practices that protect peoples' interests in a world where due to the sheer volume of information being recorded electronically they realistically have something less than complete privacy no matter what it says on paper.
posted by XMLicious at 9:05 PM on March 26, 2013 [3 favorites]




« Older SCOTUS Hears Oral Arguments in Prop 8 Case   |   "...What sweet music they make." Newer »


This thread has been archived and is closed to new comments



Post