Stanford researchers Jonathan Mayer and Patrick Mutchler sought to answer the question: Is telephone metadata sensitive? The question is of interest to them because of the debate over the National Security Agency’s telephone data collection program, which was revealed by former NSA contractor Edward Snowden. The researchers note that President Obama has said that such metadata is not sensitive information, while experts including former Federal Trade Commission chief technologist Edward Felten have said it is (pdf). Since November, the two asked volunteers to download and use the MetaPhone app to “measure how much of your Facebook information can be inferred from your phone records.” Now they’ve released their findings:
Since November, we have been conducting a study of phone metadata privacy. Participants run the MetaPhone app on their Android smartphone; it submits device logs and social network information for analysis. In previous posts, we have used the MetaPhone dataset to spot relationships, understand call graph interconnectivity, and estimate the identifiability of phone numbers.
At the outset of this study, we shared the same hypothesis as our computer science colleagues—we thought phone metadata could be very sensitive. We did not anticipate finding much evidence one way or the other, however, since the MetaPhone participant population is small and participants only provide a few months of phone activity on average.
We were wrong. We found that phone metadata is unambiguously sensitive, even in a small population and over a short time window. We were able to infer medical conditions, firearm ownership, and more, using solely phone metadata. [...] Read more »