Article Lead Image

Why you need this simple app that hands over all your metadata

The value of metadata has been hotly contested in security and surveillance circles, but these researchers are aiming to settle that debate.

 

Aaron Sankin

Tech

Posted on Nov 22, 2013   Updated on Jun 1, 2021, 1:23 am CDT

Researchers at Stanford want you to let them spy on you. But don’t worry; it’s for a good cause.

A team at the Stanford Security Laboratory led by doctoral student Jonathan Mayer recently launched the Metaphone project, the aim of which is to determine just how much it’s possible to find out about a person’s life by tracking their cellphone metadata. Amid revelations of the National Security Agency’s large-scale collection of the cellphone metadata of hundreds of millions of American citizens unconnected with any criminal activity, questions about the insight provided by metadata are particularly relevant.

Metadata is loosely defined as “information about information.” In the case of a cellphone call, it can refer to things like the phone number of each caller, the unique serial numbers of the physical devices involved, the time and duration of the call, the precise geographic location of the callers, and any calling cards used to make the connection.

‟Our hypothesis is that phone metadata reflects personal information, such as your location, age, gender, employment, relationships, and interests,” Mayer explained. ‟In some instances, a single call to a sensitive number may be revealing. Patterns of calls, that is, who, when, how long, and how often, could also enable inferences.”

Since the Stanford Security Lab is neither an intelligence agency nor a telecom company, researchers aren’t able to access phone records to test their hypothesis. Instead, they’re crowdsourcing the effort by encouraging members of the public to download a smartphone app that collects all the metadata produced by the given device and then transmits it to the Stanford team.

‟Some NSA supporters have taken the position that phone metadata is not sensitive. Many computer security researchers hold the opposite view,” Mayer noted. ‟Our aim is to provide empirical evidence in this debate, especially since all three branches of the federal government are presently weighing how to respond.”

Mayer said all data collected would be destroyed at the conclusion of the study, which has so far registered more than 200 participants.

The government’s metadata collection was first made public by the British newspaper The Guardian based on documents leaked by former NSA contractor Edward Snowden. The revelations have led many to believe that the NSA is maintaining records for every cellphone call originating and/or terminating in the United States.

According to statements made by members of Congress, the program has reportedly been in place since 2006.

The Obama Administration has attempted to reassure the public that, despite the pervasive nature of the metadata surveillance program, its actual intrusion into the privacy of average Americans is fairly limited. ‟The order … does not allow the government to listen in on anyone’s telephone calls,” insisted White House Deputy Press Secretary Josh Earnest during an informal press conference aboard Air Force One in June. ‟The information acquired does not include the content of any communications or the name of any subscriber. It relates exclusively to call details, such as a telephone number or the length of a telephone call.”

‟Nobody is listening to your telephone calls. That’s not what this program’s about,” added President Obama himself, shortly after news of the program was first published. ‟What the intelligence community is doing is looking at phone numbers and durations of calls. They are not looking at people’s names, and they’re not looking at content. But by sifting through this so-called metadata, they may identify potential leads with respect to folks who might engage in terrorism.”

However, a bevy of tech experts from across the ideological spectrum have repeatedly spoken out against this downplaying of how metadata collection can actually be quite intrusive.

In a declaration supporting an American Civil Liberties Union lawsuit against the NSA regarding the program, Princeton University computer science professor Edward Felten wrote, ‟The proliferation of metadata-producing devices, such as phones, have produced rich metadata trails. Many details of our lives can be gleaned by examining those trails, which often yield information more easily than do the actual content of our communications.”

Felten charges that the structured nature of telephone metadata makes it comparatively easy to analyze on a large scale using data-mining software and link-analysis tools like IBM’s Analyst Notebook and Pen-Link. In contrast, if the NSA were simply listening in to the contents of phone calls, the agency would have first to transcribe the every conversation, determine the meaning of each individual phrase, and figure out which parts of the call were relevant, all before being able to analyze vast quantities data in a way that could yield actionable results.

Even so, some legislators have pushed back against the whole concept of metadata collection being a particularly useful tool in the fight against terrorism. Earlier this week, Senators Ron Wyden (D-Oregon), Mark Udall (D-Utah), and Martin Heinrich (D-New Mexico) filed an amicus brief supporting a lawsuit against the NSA by a coalition of religious and other nonprofit groups arguing that the lawmakers “have seen no evidence that the bulk collection of Americans’ phone records has provided useful intelligence unobtainable through less intrusive means.”

Readers interested in participating in the Metaphone study can download the app from the Google Play store.

Photo by Phil Roeder/Flickr

Share this article
*First Published: Nov 22, 2013, 10:20 am CST