Skip to main content
VentureBeat Homepage
  • Events
  • GamesBeat
  • Data Pipeline
  • Transform 2022
  • Account Settings
  • Log Out
  • Become a Member
  • Sign In

VentureBeat Homepage

VentureBeat

  • AR/VR
  • Big Data
  • Cloud
  • Commerce
  • DataDecisionMakers
  • Dev
  • Enterprise
  • Entrepreneur
  • Marketing
  • Media
  • Mobile
  • Security
  • Social
  • Transportation

Follow

follow us on Twitter follow us on Facebook follow us on LinkedIn Follow us on RSS

The Machine

  • AI
  • Machine Learning
  • Computer Vision
  • Natural Language Processing
  • Robotic Process Automation

Follow

Follow us on RSS

GamesBeat

  • Games
  • Esports
  • PC Gaming

Follow

follow us on Twitter Follow us on RSS

Events

  • Upcoming
  • Media Partner
  • Webinars

General

  • Newsletters
  • Got a news tip?
  • Advertise
  • Press Releases
  • Guest Posts
  • Contribute to DataDecisionMakers
  • Deals
  • Data Pipeline
  • Jobs
  • VB Lab
  • About
  • Contact
  • Privacy Policy

Join the VentureBeat Community

Free: Join the VentureBeat Community for access to 3 premium posts and unlimited videos per month.

Learn More

Sign up with your business e-mail to continue with ticket purchase

Please wait...

Share

  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn
  • VentureBeat Homepage
  • Newsletters
  • Events

Metadata contains lots of sensitive information, say Stanford researchers

Barry Levine@xBarryLevine
March 14, 2014 11:50 AM
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!


Information about the logistics of phone calls — metadata — may lead to personally sensitive details.

The U.S. National Security Agency (NSA) and others have essentially said “it’s only metadata,” but a new study from Stanford University’s Security Lab disagrees.

Computer science doctoral students Jonathan Mayer and Patrick Mutchler used only telephone metadata, some public social networks, and basic pattern matching to reveal sensitive information.

The study didn’t require any spying, only the phone records of 546 volunteers. Metaphone, an Android app called on participants’ phones, sent device logs.

Using data obtained since last November, they published their results so far this week:

“At the outset of this study, we shared the same hypothesis as our computer science colleagues—we thought phone metadata could be very sensitive. We did not anticipate finding much evidence one way or the other, however, since the MetaPhone participant population is small and participants only provide a few months of phone activity on average.

“We were wrong. We found that phone metadata is unambiguously sensitive, even in a small population and over a short time window. We were able to infer medical conditions, firearm ownership, and more, using solely phone metadata.”

The metadata included the caller’s and recipient’s phone numbers, the serial numbers of the phones they used, the call time and duration, and on occasion, the physical location of each caller.

At one level, simply understanding who got calls led to some rudimentary inferences. A call to a political campaign, for instance, most likely means the person supports the candidate, and a call at length to a religious institution implies the person is of that faith.

Other inferences were derived, for instance, by using the metadata in conjunction with public data from Facebook, Yelp, and Google Places.

The 546 participants collectively contacted 33,688 unique numbers. Of those 33,688, the researchers were able to find the identity of 18 percent of those called.

In many cases, they were also able to determine if the caller was in a relationship and, if so, the number of the significant other.

They also found inferences from series of calls. One caller’s sequence indicated an apparent heart problem, another had or knew someone with multiple sclerosis, a third showed a keen interest in the AR semiautomatic rifle, and a fourth – well, you can infer from calls to a home improvement store, a locksmith, a hydroponics dealer, and a head shop.

Yet another participant had a “long, early morning call with her sister,” followed by several calls over the next few weeks with the local branch of Planned Parenthood.

Keep in mind three major differences between this study and the NSA. First, participants knew they were being watched. Second, the NSA has access to system-level metadata from hubs at phone and Internet companies, not just device logs and public social media. Third, the NSA has the world’s most sophisticated computer systems.

Metadata can be revealing even without computers or phones. As a thought experiment, for instance, Kieran Healy, an associate professor in sociology at Duke University, decided to find out if metadata could have impacted the kind of people who went on to author the Fourth Amendment that prohibits “unreasonable search and seizure.”

Writing as a Loyalist in the American colonies of 1775, he mathematically analyzed overlapping membership metadata from various suspected organizations to reveal the social network of 256 social active Bostonians.

The trail eventually led him to “the name of a traitor like Paul Revere.”

Hopefully, the Stanford research and similar efforts will help to eliminate from our public discourse the expression “it’s only metadata.”

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.

Author
Barry Levine
Topics
Business Security

Transform 2022 Registration is Live

Hear from senior executives at some of the world’s leading enterprises about their experience with applied Data & AI and the strategies they’ve adopted for success.

Register Here

Transform 2022

Join AI and data leaders for insightful talks and exciting networking opportunities in-person July 19 and virtually July 20-28.

Register Now

Join forces with VentureBeat at our upcoming AI & data events

Sponsor VB Events
  • VentureBeat Homepage
  • Follow us on Facebook
  • Follow us on Twitter
  • Follow us on LinkedIn
  • Follow us on RSS
  • VB Lab
  • Newsletters
  • Events
  • Special Issue
  • Product Comparisons
  • Jobs
  • About
  • Contact
  • Careers
  • Privacy Policy
  • Terms of Service

© 2022 VentureBeat. All rights reserved.

×

We may collect cookies and other personal information from your interaction with our website. For more information on the categories of personal information we collect and the purposes we use them for, please view our Notice at Collection.