Is anonymised cell phone data really what it says?

Worries over the health issues caused by frequent cell phone usage seem to have abated. Having said this, a blitz of indepth studies will probably appear this week claiming handsets are absolutely safe, or the reverse.

Doing my best to sidestep this long-running and seemingly inconclusive debate, I would like to point you towards something that might take the place of our concerns for health: namely, whether anonymised cell phone data is what it claims to be.

Given the hype surrounding mobile operators' use of big data, and the associated privacy issues, it's troubling that researchers have been able to uniquely identify 95 per cent of the users from anonymised data collected over 15 months from 1.5 million people.

These MIT and the Catholic University of Louvain researchers found that it took only a few items of data to uniquely identify this high percentage of users based upon their activity.

The study claims that, based on hourly updates of a user's location provided by the cellular network, it was possible to identify the individual from just four data points. Using only two data points, the researchers could identify about 50 per cent of users.

The study, published in Scientific Reports, discusses the research conducted in an unidentified European country, with Belgium being a likely contender, and involved anonymised data collected by mobile operators between 2006 and 2007.

The data analysed did not contain names, home addresses, phone numbers or other obvious identifiers. Yet, if an individual's pattern was unique enough, outside information could be used to link the data back to a person, according to the article.

It's true that establishing a user's approximate location has been possible since cellular was first deployed using relatively crude triangulation. However, this new study claims that the advent of smartphones and other means of data collection has made mobility tracing broadly available. It points, as an example, to Apple's recent update to its privacy policy to allow sharing of the spatio-temporal location of its users with its "partners and licensees."

Google has also acknowledged collecting and storing user location data.

When m-commerce transactions and Wi-Fi access are added to cellular location, then the ability to determine the behaviour and whereabouts of users becomes evermore precise.

The study claims that potentially commercially sensitive and personal location data, including movements of a competitor sales force and attendance of a particular church, have been tracked using cell phone and associated data patterns.

The MIT and Catholic University of Louvain researchers wisely duck the question of where this all leads, apart from concluding that "knowing the bounds of individual's privacy will be crucial in the design of both future policies and information technologies."

The mobile telecoms industry can be rightly praised for its innovation, but this ability to establish a user's indentify, location and activities is open to abuse.

The regulators, albeit lagging behind the curve, would certainly leap at the chance to crush what is a potentially highly useful development that has numerous applications. --Paul