Experiment shows connecting names with phone metadata is easy

Dec 28, 2013 by Nancy Owano weblog

(Phys.org) —What kind of telephone activity does the NSA collect on people? Metadata. How harmful is it to your privacy health? Nada. It is only metadata. That has been the line drawn in the sand by government supporters of NSA activities in monitoring calls. Now a Stanford study by two researchers at Stanford has its own message: Individuals can be easily identified through phone numbers. Connecting metadata with individual names is not just easy; they found it was "trivial." Jonathan Mayer along with Patrick Mutchler, the researchers, earlier this week on the blog Web Policy, which covers technology, policy, and law, posted their findings under the headline, "MetaPhone: The NSA's Got Your Number."

They described their experiment to find out just how easy it might be through an Android app called MetaPhone, which garnered 5,000 phone numbers. MetaPhone is defined by the researchers as a "crowdsourced study of phone metadata." In November, as a project of the Stanford Security Lab, the two posted a notice, "We're studying the National Security Agency, and we need your help." They referred to the NSA's confirmation that it collects American phone records, and with little privacy impact. Nonetheless, they noted, "Phone metadata is inherently revealing. We want to rigorously prove it—for the public, for Congress, and for the courts." In turn they said they sought to crowdsource the data for their study. to measure what can be inferred from phone records."Participation takes just a few minutes," they said. "You're eligible if you're in the United States, use an Android smartphone, and have a Facebook account."

The results of their MetaPhone trial and other research steps are in. "We randomly sampled 5,000 numbers from our crowdsourced MetaPhone dataset and queried the Yelp, Google Places, and Facebook directories," they reported.

Querying those three sources, they matched 1,356 (27.1%) of the numbers—378 hits (7.6%) on Yelp, 684 (13.7%) on Google Places, and 618 (12.3%) on Facebook.

Then they took a next step with a random sample of 100 numbers from the dataset, to run Google searches on each. That effort did not even take an hour, where they were able to associate an individual or a business with 60 of the 100 numbers.

Finally, they proceeded to run the numbers using Intelius. "Between Intelius, Google search, and our three initial sources, we associated a name with 91 of the 100 numbers."

The authors commented, "If a few academic researchers can get this far this quickly, it's difficult to believe the NSA would have any trouble identifying the overwhelming majority of American numbers."

Mayer is a PhD student in computer science at Stanford , where he received his J.D. in 2013,

Reacting to the report, Gregory Ferenstein in TechCrunch, said, "People may disagree about whether or not government agencies should have private information, but let's not pretend they can't learn anything they want from what information they have."

Meanwhile, a federal judge ruled on Friday that the National Security Agency's collection of telephone records is lawful. Federal Judge William Pauley said there was no evidence that the Government has used any of the bulk metadata for any purpose other than investigating and disrupting terrorist attacks.

Explore further: Federal judge rules NSA phone surveillance legal (Update)

More information: webpolicy.org/2013/12/23/metap… sas-got-your-number/

Related Stories

NSA: No better way to protect US than surveillance

Dec 11, 2013

The NSA chief said Wednesday he knows of no better way his agency can help protect the U.S. from foreign threats than with spy programs that collect billions of phone and Internet records from around the ...

Judge's word on NSA program won't be the last

Dec 17, 2013

A federal judge is making headlines by declaring that the National Security Agency's bulk collection of millions of Americans' telephone records is likely unconstitutional. But even he realizes his won't be the last word on the issue. ...

Judge says NSA program is likely unconstitutional

Dec 16, 2013

In the first ruling of its kind, a federal judge declared Monday that the National Security Agency's bulk collection of Americans' telephone records is likely to violate the U.S. Constitution's ban on unreasonable ...

'NSA eavesdropped on 35 world leaders'

Oct 24, 2013

US spies eavesdropped on the phone conversations of 35 world leaders after White House, Pentagon and State Department officials gave them the numbers, The Guardian reported Thursday.

ACLU will appeal NY NSA phone surveillance ruling

Dec 27, 2013

A civil rights lawyer says the American Civil Liberties Union is very disappointed that a New York judge has found that a government program that collects millions of Americans' telephone records is legal. ...

Recommended for you

Microsoft drops Nokia name from smartphones

just added

Microsoft said Friday it was dropping the Nokia name from its Lumia smartphones, rebranding following the acquisition earlier this year of the Finnish group's handset division.

Amazon's loss makes holidays a question mark

17 minutes ago

Amazon's trademark smile icon is becoming more of a grimace. The world's largest online retailer reported a wider third-quarter loss than analysts expected and gave a disappointing holiday forecast.

Students win challenge for real-time traffic app

31 minutes ago

Three University of Texas at Arlington Computer Science and Engineering students have won a $10,000 prize in the NTx Apps Challenge for a smart traffic light network that adjusts traffic light schedules to ...

New oscillator for low-power implantable transcievers

2 hours ago

Arash Moradi and Mohamad Sawan from Polytechnique Montreal in Canada discuss their new low-power VCO design for medical implants. This oscillator was implemented to provide the frequency deviation of frequency-shift-keying ...

User comments : 5

Adjust slider to filter visible comments by rank

Display comments: newest first

aksdad
5 / 5 (2) Dec 28, 2013
It looks like the researchers are attacking an argument the NSA has never made. To clarify, the phone metadata the NSA is scanning in this program contains phone number, time, length of call, and perhaps even location. It is not eavesdropping on the actual content of the call. I don't recall the NSA taking the position that it was difficult to connect phone metadata to personal information. If it were tediously complicated it would defeat the purpose of trying to identify patterns of phone calls that indicate possible terrorist activity and track the individuals involved.
davidivad
5 / 5 (1) Dec 28, 2013
aksdad;

you couldn't have said it better.
FMA
not rated yet Dec 29, 2013
By collecting individuals' information such as the most frequent website people had been to, dynamic IP address, ...some very easy obtained info; you can narrow down the target to only a dozen to few people easily. There is no privacy at all.
nkalanaga
not rated yet Dec 29, 2013
Remember when phone calls had to go through human operators? Or when rural areas were on party lines? Nobody seemed to worry about privacy then, because they KNEW that anything said on a phone was probably being listened to. Just treat your cell phone as a party line and you'll be safe.
nastygash
not rated yet Dec 29, 2013
Here's a sobering thought: NSA collects metadata, both phone and internet, extracts that of judges and their relatives and determines their activity. They find a few "suspicious" or "compromising" activities which they can use for blackmail. They find such activity of the judge in a suit against the NSA and threaten to "expose" her in the case of a ruling unfavorable to NSA. They target politicians and journalists for the same purpose.

Is this speculation? Yes. Is it absurd? I don't believe so.