Telephone metadata surveillance likely reveals a lot more information about people and ensnares more Americans than spy agencies and the Obama administration have let on, a new study finds.
In fact, depending how such surveillance is carried out, analyzing telephone metadata could allow agencies to infer Americans’ medical diagnoses and firearm purchases, the study found.
The research, published on Monday in the journal Proceedings of the National Academy of Sciences, calls into question the Obama administration’s argument that metadata surveillance, which is currently carried out by the National Security Agency (NSA), does not infringe upon Americans’ rights to privacy, since it does not include call contents.
Scientists at Stanford University’s Computer Security Laboratory and the Stanford Law School used easily accessible information databases, including social media and popular search engines, plus telephone metadata they received from willing participants in their study.
The National Security Agency (NSA) headquarters at Fort Meade, Maryland.
Image: Saul Loeb/AFP/Getty Images
They found that significant inferences can be made about individuals using metadata, including where people live, who they are related to and whether they have a heart condition.
This study is the first to look only at metadata and explore the breadth of information that it can help unveil. It says the findings emphasize “the need for scientifically rigorous surveillance regulation.”
There’s an important distinction between phone call metadata and content in the NSA’s collection program, which President Barack Obama discussed in a 2014 speech.
“This program does not involve the content of phone calls, or the names of people making calls,” he said. “Instead, it provides a record of phone numbers and the times and lengths of calls — metadata that can be queried if and when we have a reasonable suspicion that a particular number is linked to a terrorist organization.”
The problem, this study found, is that it’s easy to unintentionally sweep up innocent Americans’ metadata with the data from people suspected of being involved with a terrorist network.
Stanford researcher and study coauthor Patrick Mutchler told Mashable in an interview that the results of this study imply the NSA’s surveillance methods are more intrusive than they suggest.
“One of the justifications for these programs is the claim that metadata is not as sensitive as traditional content,” he said. “And I think this claim isn’t empirically valid.”
Research findings
In their study, Stanford University researchers asked participants to sign up for a private metadata-tracking app, which collected call and text information from more than 800 people, tallying over 250,000 phone calls and 1 million text messages.
While it was not a random representative sample of the U.S. population, results are generalizable and strongly suggestive of the majority of the population.
Using only this metadata, researchers turned to limited resources — web and database searches — to “identify the overwhelming majority of numbers.”
For example, if participants placed calls to businesses, researchers could determine the approximate location of the participants by identifying those businesses using Yelp or Google Places.
Researchers could identify 82% of numbers researched
Researchers also could identify individuals if their phone numbers were available on Facebook. Using automated sources like Google Places, Yelp and Facebook, researchers could identify 31.9% of numbers searched.
If you add Google search and the inexpensive database Intelius into the mix, that number jumps to 82%.
Based on this, the study says, “telephone numbers are trivially re-identifiable.”
Substantial inferences
By presenting only the information derived from their metadata collection and basic research, the researchers were able to create these vignettes of people’s lives, showing how intrusive metadata can actually be when put to use.
In one case, the information pertained to an individual’s heart health:
Participant B received a long phone call from the cardiologygroup at a regional medical center, talked briefly with amedical laboratory, answered several short calls from a localdrugstore, and made brief calls to a self-reporting hotline fora cardiac arrhythmia monitoring device.
Another revealed insights about gun purchases:
“Participant C placed frequent calls to a local firearm dealer that prominently advertises a specialty in the AR semiautomatic rifle platform,” the study found. “
He also placed lengthy calls to the customer support hotline for a major firearm manufacturer; the manufacturer produces a popular AR line of rifles.”
And other metadata revealed a participant’s visits to a Planned Parenthood clinic:
“Participant E made a lengthy phone call to her sister early one morning. Then, two days later, she called a nearby Planned Parenthood clinic several times. Two weeks later, she placed brief additional calls to Planned Parenthood, and she placed another short call one month after”
And then there’s this one:
“Participant D placed calls to a hardware outlet, locksmiths, a hydroponics store and a head shop in under three weeks.”
With this information, it’s rather easy to infer that Participant C may be interested in buying an assault rifle, Participant E may have had a procedure at Planned Parenthood, and Participant D may be working on an illegal home-growing operation.
President Barack Obama delivers remarks on the signals intelligence program in the Great hall at the Department of Justice in Washington, DC in January 2014.
Image: SHAWN THEW/EPA
In addition, the authors were able to identify one participant who, judging from their call records, likely has a heart condition requiring medical treatment.
“We were able to make more or less a diagnosis of cardiac arrhythmia,” Mutchler said.
The NSA’s reach
The president’s Review Group on Intelligence and Communications Technologies recommended changes be made to the NSA’s metadata program, among other controversial intelligence agency activities, in a 2013 report.
In response, the Obama administration then restricted the agency’s ability to access and store metadata, but the NSA’s surveillance program still reaches pretty far.
The NSA doesn’t get to grab metadata from any phone number it wants. But even within the restrictions established in 2014, if the agency gets a subpoena for a single phone number, that could lead to the access of records for around 25,000 numbers, the study found.
This is because of the NSA’s two-hop rule.
When the NSA looks at a single number’s metadata, that number is called a “seed,” and the NSA then is allowed to look at the data two “hops” away from the seed.
To the understanding of the researchers, that means an agency analyst can retrieve the communication records of every number seen in the seed’s records, and then do that again one more step, or hop, away.
That’s a lot of metadata.
Prior to 2014’s reforms, the NSA had a three-hop rule and could dig up records from up to five years prior — currently the NSA can only reach back 18 months.
The NSA could also freely subpoena what are referred to as “high degree nodes,” which include spam numbers that call a lot of phone numbers, telemarketing numbers and automated services like Google Authenticator.
“Everyone is then connected through this Google Authenticator number despite living across the country from one another and never meeting each other,” Mutchler said.
These high degree nodes aren’t necessarily off-limits now, though, as the NSA only has to identify them, not necessarily limit their use of them. The agency does have an interest in limiting their use, though, since it could lead to a wealth of metadata from people it is not seeking information on.
Employees inside the National Security Agency (NSA) headquarters in Fort Meade, Maryland outside Washington, DC.
Image: Corbis via Getty Images
The study reveals significant privacy concerns continue despite the reforms that were passed.
“It’s clear from our results that even in the revised program as it exists today it’s possible to access a large number of records from people,” Mutchler said.
Of course, there is the need to meet national security needs — telephone metadata can be used to pinpoint threats and help law enforcement and military stop potential or further attacks, proponents say.
“If a bomb goes off in one of our cities and law enforcement is racing to determine whether a network is poised to conduct additional attacks, time is of the essence,” Obama said in 2014.
“Being able to quickly review phone connections to assess whether a network exists is critical to that effort.”
Additional reporting by Andrew Freedman.
Have something to add to this story? Share it in the comments.
Want to join the discussion?
Feel free to contribute!