our relationships. It’s quite obvious that you can be uniquely identified by your
location data. With 24/7 location data from your cell phone, your name can be uncovered
without too much trouble. You don’t even need all that data; 95% of Americans can
be identified by name from just four time/date/location points.
The obvious countermeasures for this are, sadly, inadequate. Companies have anonymized
data sets by removing some of the data, changing the time stamps, or inserting deliberate
errors into the uniqueID numbers they replaced names with. It turns out, though, that these sorts of tweaks
only make de-anonymization slightly harder.
This is why regulation based on the concept of “personally identifying information”
doesn’t work. PII is usually defined as a name, unique account number, and so on,
and special rules apply to it. But PII is also about the amount of data; the more
information someone has about you, even anonymous information, the easier it is for
her to identify you.
For the most part, our protections are limited to the privacy policies of the companies
we use, not by any technology or mathematics. And being identified by a unique number
often doesn’t provide much protection. The data can still be collected and correlated
and used, and eventually we do something to attach our name to that “anonymous” data
record.
In the age of ubiquitous surveillance, where everyone collects data on us all the
time, anonymity is fragile. We either need to develop more robust techniques for preserving
anonymity, or give up on the idea entirely.
4
The Business of Surveillance
O ne of the most surprising things about today’s cell phones is how many other things
they also do. People don’t wear watches, because their phones have a clock. People
don’t carry cameras, because they come standard in most smartphones.
That camera flash can also be used as a flashlight. One of the flashlight apps available
for Android phones is Brightest Flashlight Free, by a company called GoldenShores
Technologies, LLC. It works great and has a bunch of cool features. Reviewers recommended
it to kids going trick-or-treating. One feature that wasn’t mentioned by reviewers
is that the app collected location information from its users and allegedly sold it
to advertisers.
It’s actually more complicated than that. The company’s privacy policy, never mind
that no one read it, actively misled consumers. It said that the company would use
any information collected, but left out that the information would be sold to third
parties. And although users had to click “accept” on the license agreement they also
didn’t read, the app started collecting and sending location information even before
people clicked.
This surprised pretty much all of the app’s 50 million users when researchers discovered
it in 2012. The US Federal Trade Commission got involved, forcing the company to clean
up its deceptive practicesand delete the data it had collected. It didn’t fine the company, though, because
the app was free.
Imagine that the US government passed a law requiring all citizens to carry a tracking
device. Such a law would immediately be found unconstitutional. Yet we carry our cell
phones everywhere. If the local police department required us to notify it whenever
we made a new friend, the nation would rebel. Yet we notify Facebook. If the country’s
spies demanded copies of all our conversations and correspondence, people would refuse.
Yet we provide copies to our e-mail service providers, our cell phone companies, our
social networking platforms, and our Internet service providers.
The overwhelming bulk of surveillance is corporate, and it occurs because we ostensibly
agree to it. I don’t mean that we make an informed decision agreeing to it; instead,
we accept it either because we get value from the service or because we are offered
a
Andrew Cartmel
Mary McCluskey
Marg McAlister
Julie Law
Stan Berenstain
Heidi Willard
Jayden Woods
Joy Dettman
Connie Monk
Jay Northcote