Research demonstrates long reach of phone record surveillance

Mar 13, 2014 by Clifton B. Parker
National Security Agency.

(Phys.org) —Two computer science graduate students have found that the NSA's mass collection of phone records can yield much more information about people's private lives than the U.S. government claims. New research shows how "metadata" surveillance can be used to identify information about callers including medical conditions, financial and legal connections, and even whether they own a gun.

The National Security Agency's mass surveillance of telephone metadata could yield detailed information about the private lives of individuals far beyond what the claims, according to new Stanford research.

Two Stanford computer science students were able to acquire detailed information about people's lives just from telephone metadata – the of the caller and recipient, the particular serial number of the phones involved, the time and duration of calls and possibly the location of each person when the call occurred.

The researchers did not do any illegal snooping – they worked with the of 546 volunteers, matching phone numbers against the public Yelp and Google Places directories to see who was being called.

From the phone numbers, it was possible to determine that 57 percent of the volunteers made at least one medical call. Forty percent made a call related to financial services.

The volunteers called 33,688 unique numbers; 6,107 of those numbers, or 18 percent, were isolated to a particular identity.

Privacy issues

The metadata issue has taken on urgency in the wake of last summer's revelations about surveillance of American citizens by the NSA. Privacy experts have questioned the federal government's assertions on the subject.

President Obama has said, "They are not looking at people's names, and they're not looking at content."

Federal judges have split on the legality of the NSA's telephone metadata program.

Computer scientists like Stanford's Jonathan Mayer say that metadata are extremely sensitive and revealing.

Mayer is a doctoral student in computer science and a cybersecurity fellow at the Center for International Security and Cooperation at the Freeman Spogli Institute for International Studies. His co-author on the research paper is Patrick Mutchler, also a doctoral student in computer science at Stanford. Their faculty adviser is John C. Mitchell, a computer science professor.

They contend their research shows that metadata from phone calls can yield a wealth of detail about family, political, professional, religious and sexual associations.

"It would be no technical challenge to scale these identifications to a larger population," said Mayer.

At the outset, Mayer said, they asked, "Is it easy to draw sensitive inferences from phone metadata? How often do people conduct sensitive matters by phone? We turned to our crowdsourced MetaPhone dataset for empirical answers."

They crowdsourced the data using an Android application and conducted an analysis of individual calls made by the volunteers to sensitive numbers, connecting the patterns of calls to emphasize the detail available in telephone metadata, Mayer said.

"A pattern of calls will, of course, reveal more than individual call records," he said. "In our analysis, we identified a number of patterns that were highly indicative of sensitive activities or traits."

For example, one participant called several local neurology groups, a specialty pharmacy, a rare-condition management service, and a pharmaceutical hotline used for multiple sclerosis.

Another contacted a home improvement store, locksmiths, a hydroponics dealer and a head shop.

'Unambiguously sensitive'

The researchers initially shared the same hypothesis as their colleagues, Mayer said. They did not anticipate finding much evidence one way or the other.

"We were wrong. Phone metadata is unambiguously sensitive, even over a small sample and short time window. We were able to infer , firearm ownership and more, using solely metadata," he said.

All three branches of the federal government are now considering curbs on access to telephone metadata, Mayer noted. Consumer privacy concerns are also salient as the Federal Communications Commission assesses telecom data sharing practices, he added.

Explore further: Experiment shows connecting names with phone metadata is easy

add to favorites email to friend print save as pdf

Related Stories

Metadata and the law: What your smartphone really says about you

Mar 03, 2014

Metadata related to lawful interception has been in the news a bit lately. You may have seen last week the Australian Federal Police (AFP) called for more access to electronic metadata as a Senate committee evaluates Australian mass surveillance laws. ...

Ex-CIA boss: Telecoms should store metadata, not NSA

Jan 14, 2014

Telephone "metadata" controversially scooped up by a US intelligence agency should not be destroyed but stored by private telecom giants, a former CIA chief said Tuesday days before President Barack Obama ...

Proposed spy phone record shift draws resistance

Jan 14, 2014

Telephone companies are quietly balking at the idea of changing how they collect and store Americans' phone records to help the National Security Agency's surveillance programs. They are worried about their exposure to lawsuits ...

Recommended for you

Forging a photo is easy, but how do you spot a fake?

Nov 21, 2014

Faking photographs is not a new phenomenon. The Cottingley Fairies seemed convincing to some in 1917, just as the images recently broadcast on Russian television, purporting to be satellite images showin ...

Algorithm, not live committee, performs author ranking

Nov 21, 2014

Thousands of authors' works enter the public domain each year, but only a small number of them end up being widely available. So how to choose the ones taking center-stage? And how well can a machine-learning ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.