“Metadata” Can Tell the Government More About You Than the Content of Your Phonecalls

George Washington's picture

“Metadata” Can Tell the Government More About You Than the Content of Your Phonecalls

The government has sought to “reassure” us that it is only tracking “metadata” such as the time and place of the calls, and not the actual content of the calls.

But technology experts say that “metadata” can be more revealing than the content of your actual phone calls.

For example, the ACLU notes:

A Massachusetts Institute of Technology study a few years back found that reviewing people’s social networking contacts alone was sufficient to determine their sexual orientation. Consider, metadata from email communications was sufficient to identify the mistress of then-CIA Director David Petraeus and then  drive him out of office.

 

The “who,” “when” and “how frequently” of communications are often more revealing than what is said or written. Calls between a reporter and a government whistleblower, for example, may reveal a relationship that can be incriminating all on its own.

 

Repeated calls to Alcoholics Anonymous, hotlines for gay teens, abortion clinics or a gambling bookie may tell you all you need to know about a person’s problems. If a politician were revealed to have repeatedly called a phone sex hotline after 2:00 a.m., no one would need to know what was said on the call before drawing conclusions. In addition sophisticated data-mining technologies have compounded the privacy implications by allowing the government to analyze terabytes of metadata and reveal far more details about a person’s life than ever before.

The Electronic Frontier Foundation points out:

What [government officials] are trying to say is that disclosure of metadata—the details about phone calls, without the actual voice—isn’t a big deal, not something for Americans to get upset about if the government knows. Let’s take a closer look at what they are saying:

  • They know you rang a phone sex service at 2:24 am and spoke for 18 minutes. But they don’t know what you talked about.
  • They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret.
  • They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour. But they don’t know what was discussed.
  • They know you received a call from the local NRA office while it was having a campaign against gun legislation, and then called your senators and congressional representatives immediately after. But the content of those calls remains safe from government intrusion.
  • They know you called a gynecologist, spoke for a half hour, and then called the local Planned Parenthood’s number later that day. But nobody knows what you spoke about.

Sorry, your phone records—oops, “so-called metadata”—can reveal a lot more about the content of your calls than the government is implying. Metadata provides enough context to know some of the most intimate details of your lives.  And the government has given no assurances that this data will never be correlated with other easily obtained data.

New York Magazine explains:

“When you take all those records of who’s communicating with who, you can build social networks and communities for everyone in the world,” mathematician and NSA whistle-blower William Binney — “one of the best analysts in history,” who left the agency in 2001 amid privacy concerns — told Daily Intelligencer. “And when you marry it up with the content,” which he is convinced the NSA is collecting as well, “you have leverage against everybody in the country.”

 

“You are unique in the world,” Binney explained, based on the identifying attributes of the machines you use. “If I want to know who’s in the tea party, I can put together the metadata and see who’s communicating with who. I can construct the network of the tea party. If I want to pass that data to the IRS, then I can do that. That’s the danger here.”

 

At The New Yorker, Jane Mayer quoted mathematician and engineer Susan Landau’s hypothetical: “For example, she said, in the world of business, a pattern of phone calls from key executives can reveal impending corporate takeovers. Personal phone calls can also reveal sensitive medical information: ‘You can see a call to a gynecologist, and then a call to an oncologist, and then a call to close family members.’”

 

“There’s a lot you can infer,” Binney continued. “If you’re calling a physician and he’s a heart specialist, you can infer someone is having heart problems. It’s all in the databases.” The data, he said, is “all compiled by code. The software does it all from the beginning — they have dossiers of everyone in the country. That’s done automatically. When you want to investigate or target somebody, a human becomes involved.”

 

***

 

“The public doesn’t understand,” Landau told Mayer. “It’s much more intrusive than content.”

The Guardian reports:

The information collected on the AP [in the recent scandal regarding the government spying on reporters] was telephony metadata: precisely what the court order against Verizon shows is being collected by the NSA on millions of Americans every day.

 

***

 

Discussing the use of GPS data collected from mobile phones, an appellate court noted that even location information on its own could reveal a person’s secrets: “A person who knows all of another’s travels can deduce whether he is a weekly churchgoer, a heavy drinker, a regular at the gym, an unfaithful husband, an outpatient receiving medical treatment, an associate of particular individuals or political groups,” it read, “and not just one such fact about a person, but all such facts.”

Indeed, the government’s spying on our metadata arguably violates our right to freedom of expression, guaranteed by numerous laws and charters including the U.S. Constitution, the European Convention on Human Rights, the Canadian Charter of Rights and Freedoms, and international law, including articles 20 and 23 of the Universal Declaration of Human Rights, and Conventions 87 and 98 of the International Labor Organization.

Remember, a U.S. federal judge found that the statute allowing indefinite detention of Americans without due process has a “chilling effect” on free speech. Top reporters have said that they are less likely to interview controversial people, for fear of being accused of “supporting” terrorists.

Given the insanely broad list of actions and beliefs which may get one labeled as a “potential terrorist” by local, state or federal law enforcement, the free association of Americans is being chilled.   For example, people may be less willing to call  their niece calling to end the Fed, their Occupy-attending aunt, their Tea Party-promoting cousin, their anti-war teacher, or their anti-fracking uncle.

Spying on Americans’ metadata rolls back everything our freedom of association … and virtually everything the Founding Fathers fought for.

Indeed, computer experts have used an analogy to explain how powerful metadata is: the English monarchy could have stopped the Founding Fathers in their tracks if they only possessed “metadata” regarding which colonist talked to whom.

Postscript: The government is – in factgathering content, as well as metadata.

And mass surveillance doesn’t work to keep us safe. It does, however, set up a technological framework allowing for “turnkey tyranny”.

 

The Dirty Little Secret About Mass Surveillance: It Doesn’t Keep Us Safe

peeping tom eye hole


 

William Binney knows as much about spying as anyone alive.

Binney – a 32-year National Security Agency veteran – is the former head of the NSA’s global digital data gathering program, and a very highly-regarded cryptographer.

Binney told Daily Caller yesterday that the spying “dragnet” being carried out by the government is useless:

Daily Caller: There’s been some talk about the authorities having a recording of a phone call Tamerlan Tsarnaev had with his wife. That would be something before the bombing?

 

Binney: Before the bombing, yes. [This information comes from former FBI counterrorism agent Tim Clemente.]

 

Daily Caller: Then how would they have that audio?

 

Binney: Because the NSA recorded it.

 

Daily Caller: But apparently the Russians tipped off the FBI, which then did a cursory interview and cleared him. So how were they recording him?

 

Binney: Because the Russians gave a warning for him as a target. Once you’re on a list, they start recording everything. That’s what I’m saying.

 

Daily Caller: So why didn’t they prevent the bombing?

 

Binney: Once you’ve recorded something, that doesn’t mean they have it transcribed. It depends on what they transcribe and what they do with the transcription.

 

Daily Caller:  So it seems logical to ask: Why do we need all of this new data collection when they’re not following up obvious leads,  such as an intelligence agency calling and saying you need to be aware of this particular terrorist?

 

Binney: It’s sensible to ask, but that’s exactly what they’re doing. They’re making themselves dysfunctional by collecting all of this data. They’ve got so much collection capability but they can’t do everything.

 

***

 

Daily Caller: So what are they doing with all of this information? If they can’t stop the Boston marathon bombing, what are they doing with it?

 

Binney: Well again, they’re putting an extra burden on all of their analysts. It’s not something that’s going to help them; it’s something that’s burdensome. There are ways to do the analysis properly, but they don’t really want the solution because if they got it, they wouldn’t be able to keep demanding the money to solve it. I call it their business statement, “Keep the problems going so the money keeps flowing.” It’s all about contracts and money.

 

Daily Caller: But isn’t data collection getting easier and processing speeds getting faster and data collection cheaper? Isn’t the falling price one of the reasons they can collect data at this massive level?

 

Binney: Yes, but that’s not the issue. The issue is, can you figure out what’s important in it? And figure out the intentions and capabilities of the people you’re monitoring? And they are in no way prepared to do that, because that takes analysis. That’s what the big data initiative was all about out of the White House last year. It was to try to get algorithms and figure out what’s important and tell the people what’s important so that they can find things. The probability of them finding what’s really there is low.

Similarly, Fortune notes that the NSA’s “big data” strategy is ineffective:

The evidence for big data is scant at best. To date, large fields of data have generated meaningful insights at times, but not on the scale many have promised. This disappointment has been documented in the Wall Street Journal, Information Week, and SmartData Collective.

 

***

 

According to my firm’s research, local farmers in India with tiny fields frequently outperform — in productivity and sustainability — a predictive global model developed by one of the world’s leading agrochemical companies. Why? Because they develop unique planting, fertilizing, or harvesting practices linked to the uniqueness of their soil, their weather pattern, or the rare utilization of some compost. There is more to learn from a local Indian outlier than from building a giant multivariate yield prediction model of all farms in the world. The same is true for terrorism. Don’t look for a needle in a giant haystack. Find one needle in a small clump of hay and see whether similar clumps of hay also contain needles.

 

You need local knowledge to glean insights from any data. I once ran a data-mining project with Wal-Mart (WMT) where we tried to figure out sales patterns in New England. One of the questions was, “Why are our gun sales lower in Massachusetts than in other states, even accounting for the liberal bias of the state?” The answer: There were city ordinances prohibiting the sale of guns in many towns. I still remember the disappointed look of my client when he realized the answer had come from a few phone calls to store managers rather than from a multivariate regression model.

 

So, please, Mr. President, stop building your giant database in the sky and quit hoping that algorithm experts will generate a terrorist prevention strategy from that data. Instead, rely on your people in the field to detect suspicious local patterns of behavior, communication, or spending, then aggregate data for the folks involved and let your data hounds loose on these focused samples. You and I will both sleep better. And I won’t have to worry about who is lurking in the shadows of my business or bedroom.

Likewise, Nassim Taleb writes:

Big data may mean more information, but it also means more false information.

 

***

 

Because of excess data as compared to real signals, someone looking at history from the vantage point of a library will necessarily find many more spurious relationships than one who sees matters in the making; he will be duped by more epiphenomena. Even experiments can be marred with bias, especially when researchers hide failed attempts or formulate a hypothesis after the results — thus fitting the hypothesis to the experiment (though the bias is smaller there).

 

This is the tragedy of big data: The more variables, the more correlations that can show significance. Falsity also grows faster than information; it is nonlinear (convex) with respect to data (this convexity in fact resembles that of a financial option payoff). Noise is antifragile. Source: N.N. Taleb

If big data leads to more false correlations, then mass surveillance may lead to more false accusations of terrorism.

Professor Jonathan Turley – one of the nation’s top constitutional and military law expertsnoted after the Boston bombing:

For civil libertarians, all terrorist attacks come in two equally predictable parts.

 

First, there is the terrorist attack itself — a sad reality of our modern life. Second, comes the inevitable explosion of politicians calling for new security measures and surveillance. We brace ourselves for this secondary blow, which generally comes before we even fully know what occurred in an attack or how it was allowed to occur.

 

Politicians need to be seen as actively protecting public safety and the easiest way is to add surveillance, reduce privacy and expand the security state. What they are not willing to discuss is the impossibility of detecting and deterring all attacks. The suggestion is that more security measures translate to more public safety. The fact is that even the most repressive nations with the most abusive security services, places such as China and Iran, have not been able to stop terrorist acts.

 

While police were still combing through the wreckage from the Boston Marathon, politicians ran to cameras to pledge more security measures and surveillance. Indeed, Chicago Mayor Rahm Emanuel demanded more cameras in response to the Boston attack. Chicago already is one of the most surveilled cities in the United States. Emanuel’s solution: add some more. It is a perfectly Pavlovian response of politicians eager to appear as champions of public safety.

 

We need to resist the calls for a greater security state and put this attack into perspective. These two brothers built homemade bombs with over-the-counter pressure cookers. They placed the devices in one of the most surveilled areas of Boston with an abundance of police and cameras [Proof here]. There is only so much that a free nation can do to avoid such an attack. Two men walked in a crowd and put two bags down on the ground shortly before detonation.

 

No one is seriously questioning the value of having increased surveillance and police at major events. That was already the case with the Boston Marathon. However, privacy is dying in the United States by a thousand papercuts from countless new laws and surveillance systems. Before we plunge ahead in creating a fishbowl society of surveillance, we might want to ask whether such new measures or devices will actually make us safer or just make us appear safer.

Not only did mass surveillance fail to stop the Boston bombing, it also failed to stop 9/11:

Widespread spying on Americans began before 9/11 (confirmed here and here. And see this  [and this.])

 

And U.S. and allied intelligence heard the 9/11 hijackers plans from their own mouths:

  • An FBI informant hosted and rented a room to two hijackers in 2000. Specifically, investigators for the Congressional Joint Inquiry discovered that an FBI informant had hosted and even rented a room to two hijackers in 2000 and that, when the Inquiry sought to interview the informant, the FBI refused outright, and then hid him in an unknown location, and that a high-level FBI official stated these blocking maneuvers were undertaken under orders from the White House. As the New York Times notes:

    Senator Bob Graham, the Florida Democrat who is a former chairman of the Senate Intelligence Committee, accused the White House on Tuesday of covering up evidence ….The accusation stems from the Federal Bureau of Investigation’s refusal to allow investigators for a Congressional inquiry and the independent Sept. 11 commission to interview an informant, Abdussattar Shaikh, who had been the landlord in San Diego of two Sept. 11 hijackers.

  • The National Security Agency and the FBI were each independently listening in on the phone calls between the supposed mastermind of the attacks and the lead hijacker. Indeed, the FBI built its own antenna in Madagascar specifically to listen in on the mastermind’s phone calls
  • According to various sources, on the day before 9/11, the mastermind told the lead hijacker “tomorrow is zero hour” and gave final approval for the attacks. The NSA intercepted the message that day and the FBI was likely also monitoring the mastermind’s phone calls
  • According to the Sunday Herald, two days before 9/11, Bin Laden called his stepmother and told her “In two days, you’re going to hear big news and you’re not going to hear from me for a while.” U.S. officials later told CNN that “in recent years they’ve been able to monitor some of bin Laden’s telephone communications with his [step]mother. Bin Laden at the time was using a satellite telephone, and the signals were intercepted and sometimes recorded.” Indeed, before 9/11, to impress important visitors, NSA analysts would occasionally play audio tapes of bin Laden talking to his stepmother.
  • And according to CBS News, at 9:53 a.m on 9/11, just 15 minutes after the hijacked plane had hit the Pentagon, “the National Security Agency, which monitors communications worldwide, intercepted a phone call from one of Osama bin Laden’s operatives in Afghanistan to a phone number in the former Soviet Republic of Georgia”, and secretary of Defense Rumsfeld learned about the intercepted phone call in real-time (if the NSA monitored and transcribed phone calls in real-time on 9/11, that implies that it did so in the months leading up to 9/11 as well)

But even with all of that spying, the government didn’t stop the hijackers … even though 9/11 was entirely foreseeable.

If you have a hard time believing that the government would push a program on the basis of national security which impinges on our freedoms and yet is ineffective in keeping us safe, please review the following statements by top national security experts saying that the following government programs do nothing at all to make us safer: