Stanford researchers Jonathan Mayer and Patrick Mutchler sought to answer the question: Is telephone metadata sensitive? The question is of interest to them because of the debate over the National Security Agency’s telephone data collection program, which was revealed by former NSA contractor Edward Snowden. The researchers note that President Obama has said that such metadata is not sensitive information, while experts including former Federal Trade Commission chief technologist Edward Felten have said it is (pdf). Since November, the two asked volunteers to download and use the MetaPhone app to “measure how much of your Facebook information can be inferred from your phone records.” Now they’ve released their findings:
Since November, we have been conducting a study of phone metadata privacy. Participants run the MetaPhone app on their Android smartphone; it submits device logs and social network information for analysis. In previous posts, we have used the MetaPhone dataset to spot relationships, understand call graph interconnectivity, and estimate the identifiability of phone numbers.
At the outset of this study, we shared the same hypothesis as our computer science colleagues—we thought phone metadata could be very sensitive. We did not anticipate finding much evidence one way or the other, however, since the MetaPhone participant population is small and participants only provide a few months of phone activity on average.
We were wrong. We found that phone metadata is unambiguously sensitive, even in a small population and over a short time window. We were able to infer medical conditions, firearm ownership, and more, using solely phone metadata. […]
The degree of sensitivity among contacts took us aback. Participants had calls with Alcoholics Anonymous, gun stores, NARAL Pro-Choice, labor unions, divorce lawyers, sexually transmitted disease clinics, a Canadian import pharmacy, strip clubs, and much more. This was not a hypothetical parade of horribles. These were simple inferences, about real phone users, that could trivially be made on a large scale. […]
The dataset that we analyzed in this report spanned hundreds of users over several months. Phone records held by the NSA and telecoms span millions of Americans over multiple years. Reasonable minds can disagree about the policy and legal constraints that should be imposed on those databases. The science, however, is clear: phone metadata is highly sensitive.