Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Patents Communications IBM Privacy

IBM Uses Call-Detail Records To Identify "Friends" 116

theodp writes "Big Blue may know what you did last summer. Or at least who you called. In a move out of the NSA's playbook, IBM Research has been scrutinizing the call-detail records of 'one of the largest mobile operators in the world' (PDF). By analyzing who calls whom, and for how long, IBM claims its patent-pending snooping software can now identify circles of 'friends' who tend to exhibit the same profit-threatening behavior. 'We believe that our analysis is a first of its kind that exploits the underlying social network in a telecom call graph,' boasted a team of IBM researchers and a UMD prof. For now, IBM seems to have focused on using the info to see if your friends are churners, so you can be dealt with pro-actively lest you follow their lead and bolt. However, IBM suggests its SNAzzy data mining technology (Social Network Analysis for Telecom Business Intelligence) has a bright future, noting it 'is also capable of analyzing any kind of social network or graph, not just telecom networks.'"
This discussion has been archived. No new comments can be posted.

IBM Uses Call-Detail Records To Identify "Friends"

Comments Filter:
  • Without breaking our two year contract and sacrificing your deposit.

    • Uh-oh (Score:5, Insightful)

      by davidwr ( 791652 ) on Saturday August 01, 2009 @03:44PM (#28911637) Homepage Journal

      So if several of my friends have poor credit ratings or are frequently arrested for petty crimes, I may not get a job?

      Not good, not good at all.

      • Not at IBM - rejoice!
      • by evanbd ( 210358 )
        It's OK, though, because we're using the computer to do it. It's not bad, like it would be if we'd used some directly-observable thing that correlates with those, like your race, age, or music preferences.
        • Re: (Score:3, Interesting)

          by rtb61 ( 674572 )

          Instead and looking at your preferences it analysis social interactions and establishes a method by which they can mimic those social interactions in order to what, manipulate your choices and future social interactions.

          What is interesting is specially they are seeking to monitor non-customers ie. using customers as judas goats to analyse the behaviour of the people they contact. Reminds me of the whole g-mail thing, whose email is it, the person who sends it (a gmail customer), the person who receives i

        • The problem with stuff like this is it's intended to crush dissent against institutions like big business and governmental power, things which democracy and liberty in stuff like the Constitution of the United States were meant to keep the government stable and the people happy, because they would adjust their lives to the reality of their social and physical environment. If Americans all know they are being watched all the time and more and more "odd" behavior (not simply disliking your boss) they will ap
      • Not good, not good at all.

        Indeed. Let's face it - regardless of whether or not it supports open source, IBM has become a plain evil company. Again.

    • by Z00L00K ( 682162 )

      First you may explain the term "churn" when it comes to telecom.

      The only thing I get when running it to Googles translator is how to make butter.

    • Re:How can we churn? (Score:4, Informative)

      by Epsilon Moonshade ( 108853 ) on Saturday August 01, 2009 @04:07PM (#28911785)

      I actually read TFA! "Churn" is apparently when people switch from one carrier to another, presumably at the end of the contract. (This answers both the parent poster, and one in this same thread)

      That being said, it looks like they'd be using this data to identify who's likely to switch over, and sweeten their deals a bit to keep them - at least, in the context of cell phone companies and the like. Obviously, this has other implications outside of cell companies, but I'm sticking with the original thought on this one.

      So how do we game this system? Find people who have recently changed carriers and start having them call you. Free better phone for staying with a carrier you'd probably have already stayed with!

      Silly, yes, I know. Thanks.

      • I actually read TFA! "Churn" is apparently when people switch from one carrier to another, presumably at the end of the contract. (This answers both the parent poster, and one in this same thread)

        I'm not sure I understand. Is this an IBM version of Amazon's "Customers who bought this also bought ..." in a profit-threatening (whatever that means) context? If so, maybe we can integrate it into Slashdot's moderation system and identify basement dwellers, astroturfers, and Mac fanboys. ;-)

      • by Jurily ( 900488 )

        So how do we game this system? Find people who have recently changed carriers and start having them call you.

        So for only $500 worth of phone calls, you'll get a dollar off your monthly bill!

        P.S. This again shows how corporations think. I'm not a valued customer, I'm a dot in a graph who tends to exhibit profit-threatening behavior.

      • The patent application makes for interesting reading, and they have certainly developed a clever system for monitoring their customers and the relationships they have with other callers. The application states the obvious: It is easier to retain customers than to search for new ones, and with church rates of possibly 50% to 70% of subscribers per year, this is something that mobile providers have to worry about.

        But I think this misses the point completely. Why are people churning? Could it be that mobile

    • By not getting a 2-year contract but a simple phone and a prepaid contract that can be left whenever you feel like it. It saves you enough to buy a new phone in a few years without getting tied down by the telco's.

      Ofcourse, if you're one of those people who can't live without a *new* phone each year, by all means enjoy your slavery.

    • Re: (Score:3, Insightful)

      by cymen ( 8178 )

      In the USA, whenever one of the two parties in a contract wants to change the terms, the new terms must be agreed to by both parties or the contract can be cancelled. Typically, the verbiage that one can cancel the contract and get out of the terms without loosing the deposit is buried in all the other legalese. But it should be there.

  • I mean, what can you expect from a company that was perfectly willing to profit from the Holocaust? [amazon.com]
    • BULLSHIT (Score:1, Informative)

      by Anonymous Coward

      This bullshit accusation comes up every time anyone mentions IBM and is a great way to get guaranteed mod points on oh-so-politically-correct-slashdot. Here's what "Foobar of Borg" doesn't tell you:

      - the book was written by the former publisher of "OS/2 magazine", Edwin Black, who profited from his association with IBM for many years until its folding in 96 [os2bbs.com]
      - Black also "co-incidentally" launched a high profile lawsuit against IBM that was summarily thrown out of court, but the press did not cover this fact

      • Ultimately Black's assertions are like claiming that gun manufacturers are responsible for the murders that are committed with their products, or that manufacturers of crowbars are responsible for breakins, or that people who write Linux are morally responsible for the many people who die when it is used by the US military.

        Even if some of the accusations in Black's book are not provable, it has been well substantiated that IBM was more than happy to sell the Nazis Hollerith tabulated punch card machines, ev

    • by hawk ( 1151 )

      Oh, yes. The same people are in control of IBM today as were sixty years ago.

      hawk

      • No, the people that were running it 60 years ago were unethical, but smart. This bunch is unethical without the smarts.

    • (Posting this to undo accidental moderation, sorry.)

  • by Anonymous Coward

    "UMD prof"

    If this was an academic study, then the raw data was (or should have been) typified (anonymized). Therefore it would not be useful for identifying real world "friends" responsible for "profit-threatening behavior". Rather, it would be a group analysis tool.

    Not to say I'd give my informed consent to any of this analysis, but clarity on how the raw was handled.

    • If this was an academic study, then the raw data was (or should have been) typified (anonymized).

      Yeah, but how hard would it be for the computing power of IBM to hang real names on a large amount of pattern data? Maybe they could just line up the typified data with say...their own cellular bills. It wouldn't be that difficult to start attaching employee names to the anonymous data. Just like code breaking. The more data points you can fill in, the more real names you assign with a high degree of conf

    • There have been some really important results from social network analysis.

      The Collective Dynamics of Smoking in a Large Social Network http://content.nejm.org/cgi/content/full/358/21/2249 [nejm.org]

      The Spread of Obesity in a Large Social Network over 32 Years http://content.nejm.org/cgi/content/full/357/4/370 [nejm.org]

      However, in these studies, all the subjects had joined the study and given permission in writing for the researchers to use their personal data.

      It would clear a lot of things up if we could see the docume

    • by Dogtanian ( 588974 ) on Saturday August 01, 2009 @05:00PM (#28912137) Homepage

      If this was an academic study, then the raw data was (or should have been) typified (anonymized). Therefore it would not be useful for identifying real world "friends" responsible for "profit-threatening behavior". Rather, it would be a group analysis tool.

      Except that there has been at least one Slashdot story in the past year or so explaining how supposedly "anonymized" data can be associated with real people, or at least different accounts on websites associated with each other.

      And if anonymized accounts can be associated with each other, it's quite possible- if not probable- that they could be associated with one or more non-anonymized accounts- even if that particular account was used for some innocuous purpose- destroying the anonymity of them *all*.

      Of course, you couldn't do this by hand; but that's what computers are for- data processing is a great way to spot patterns and guess which accounts might be the same person. The more advanced data mining software gets, the easier it becomes to have it automatically associate different accounts via patterns and trends.

      (Of course, in some cases, it's not even that hard- searching for names- ego-surfing or looking up friends and family- is a big clue if not complete giveaway to anyone looking at (e.g.) a Google search history, if that info hasn't been anonymized as well).

      Even if the websites were unwilling to share account info with each other, I suspect that one could write a screen-scraper for information and posts on the most popular sites, and group all the public info associated with a particular account anyway- which is probably enough.

      To reiterate the point above- if you have a large number of anonymous or anonymised accounts that you reckon are associated with each other, you only need to make a connection between *one* of them and some non-anonymous source for anonymity to be blown on all of them.

      And even if you were to take more care from now on, there's probably a mass of info you've left out there already, and it won't all go away in a hurry, if at all. And even if today's data mining wasn't powerful enough to tie it all together, it's quite plausible that it could improve significantly in the near future, changing its nature completely.

      Things are changing all the time- this story being just one demonstration. Assuming you'll be safe because you're using anonymous or anonymised accounts gives a very dangerous sense of false security.

      • It's true that anonymised data can sometimes be traced to real people. And if not real individuals, then real groups of people with whom you may be later associated - that still affects your credit rating (and therefore the cost of living), and other personal reputation metrics.

        But unless that's fundamental to all possible forms of anonymisation, it's an argument that the anonymisation should be better and held to higher standards, not an argument against collecting data at all.

    • by dezgot ( 1176679 )
      I feel inclined to note that this is not a "UMD" (University of Maryland) professor, but a UMBC (UM, Baltimore County) professor. UMBC is not a satellite campus of UMD.
  • Threats to Profit! (Score:2, Insightful)

    by jhhl ( 513935 )

    NSA: we snoop to find terrorist threatS (and whatever else we run into)
    IBM: We snoop to find profit threats (and whatever else we run into)

  • by Trepidity ( 597 ) <{delirium-slashdot} {at} {hackish.org}> on Saturday August 01, 2009 @03:47PM (#28911665)

    This sort of data-mining of quasi-private data to spot anomalous behavior is sometimes referred to as "terrorism informatics" [amazon.com], since lots of the funding for it and interest in it comes from the case where anomalous=terrorist. Not sure it's going to be good for society to be applying the same sorts of intrusive analysis to legal things that are merely bad for business.

    Of course, it's a tricky regulatory issue. On the one hand you might say that a business should be able to analyze its internal data however it wants. But on the other hand, most people view the phone companies as infrastructure, and people don't expect them to be analyzing their calls--- just providing them with service at the stated rates. And since they form a oligopoly of sorts with very high barriers to entry, it's not clear that "just don't do business with the shady ones" is a feasible solution.

  • Well, back to snail mail then. AC proof using gloves and cleanroom techniques. Unless all mailboxes come with mandatory cameras these days. But then again, just ask the neighbour to put the envelope in.

    • by Z00L00K ( 682162 )

      Just wear a black mask and black dress and do it at night to be sure.

      There is no law against being clad as a ninja yet. (as long as you leave the weapons at home)

      • The mask would be illegal in Louisiana.
        • Re: (Score:2, Funny)

          by davester666 ( 731373 )

          Yes. In Louisiana, you must wear a white hood when you are out at night...

        • by Z00L00K ( 682162 )

          So it's illegal to wear a Burqa in Louisiana then.

          Just wear a rubber mask of George W Bush or Reagan then... Put some small stones in one shoe to give yourself a limp and you are all set.

    • Re: (Score:3, Interesting)

      by nbauman ( 624611 )

      Unless all mailboxes come with mandatory cameras these days.

      U.S. post offices have security cameras these days. You can't mail anything that weighs >15 ounces without getting photographed, whether you know it or not.

      A woman who worked for the Republican Party had an attack of conscience and mailed some documents to the Democrats, in an Express Mail envelope. She was prosecuted for theft, and part of the evidence was the Post Office security cameras. (Although I can't understand why she used Express Mail, where you have to fill out a return address and get a rec

      • U.S. post offices have security cameras these days. You can't mail anything that weighs >15 ounces without getting photographed, whether you know it or not.

        Scary. You have a reference for that?

  • These are well-known techniques in the telephony world. AT&T has been using this for many years to combat telecom fraud; knowing who you call means that if you don't pay your bill but another phone number starts calling people in your circle of friends, they can identify that it's you making those calls. Communities of interest have also been examined in the context of IP networks [isoc.org] and email [patrickmcdaniel.org]. It's an interesting field of research and this seems like a novel analysis, though I'm sure they are doing somet
  • Profiles (Score:2, Insightful)

    by Wowsers ( 1151731 )

    Did people learn nothing from the last time IBM helped "profile" people.... in 1939-45?

  • . . . I hit a Non-maskable interrupt right there.

    The only down side, is that it requires everyone to use LU 6.2 http://en.wikipedia.org/wiki/LU_6.2 [wikipedia.org]

    . . . has anyone seen a IBM 3745 in action recently . . . ?

  • i been making excuses to hang up on people that waste my $airtime$ for years
  • You want to know what weakly superhuman AI looks like? It's here. We call them major corporations. We need to shoot these things in the head while there's still time.
  • by Anonymous Coward

    See Matt Blaze's post The Metadata is the Message [crypto.com] which gives a phone company placard saying among other things: Secrecy of communicatins is a basic requirement and important company policy. It includes divulging neither the conversation nor the fact that a call was made between two telephones.

    The current dotcom culture towards privacy seems to be that anything not nailed down is theres. Screw 'em. We need completely anonymized peer to peer communication.

  • to analyze who the f*ck keeps calling me on my do not call listed cell offering crappy cheapo health care. A few months ago it was auto warranties. Hope this can track down the various unlisted/spoofed numbers I get these calls from.
    • Since they keep calling, and you keep telling them to go away, you've maintained a call for at least a few seconds. They are therefore your friends in the IBM database. :)

      Ahhh, guilt by association is a wonderful thing. You'd be amazed at how many things I'd be guilty of. Oh wait, it'll become public information pretty soon when the IBM lists get leaked.

      I'd trust the NSA to not accidentally leak the lists. IBM has offshored just about all of their work to cou

  • by hardie ( 716254 )

    University of Mass Destruction

  • by weeboo0104 ( 644849 ) on Saturday August 01, 2009 @04:23PM (#28911871) Journal

    As a former IBM employee, I am disappointed to see the company that gave us some of the best typewriters in the world, the mainframe and the Personal Computer, producing this sort of drek after slashing jobs in the US.

    I guess it was a matter of time before "IBM India Research Lab" produced something like this. They certainly haven't been producing any real business machines or providing decent customer service to IBM Global Services customers.

    Look for more of the same from IBM. IBMs CEO Sam Palmisano has said repeatedly in the past year that IBM will be focusing more on "analytics".

    • Re: (Score:3, Insightful)

      by v1x ( 528604 )

      I guess it was a matter of time before "IBM India Research Lab" produced something like this. They certainly haven't been producing any real business machines or providing decent customer service to IBM Global Services customers.

      I fail to understand the rationale (if there is one) behind how the geographic location of a research project might make a difference, but even so, it would appear that the corresponding author in the manuscript is from 'University of Maryland, Baltimore County.' Apart from the abo

  • by TomRC ( 231027 ) on Saturday August 01, 2009 @04:24PM (#28911879)

    Years ago, when I (and others) pushed the idea that personal information generated as one goes about one's life should be considered private property, this is the sort of thing I expected. We should have always owned the copyright on all information generated by living our lives - "I am the author of my own history", and derivative works like IBM's should be a copyright violation.

    Now it's too late - the corporations own your personal life log, and they can do whatever they want with it so long as they don't tell anyone else "personally identifying information". They can even, in some cases, deny you the right to see what they know about you, and they certainly have no requirement to actively inform you about what they're tracking about you.

    The relationship should have always been the other way around - "I'm letting you use THIS specific information you gather about me for THESE purposes - anything else you want to collect or do with data I've allowed you to collect, you have to ask, same as with any other private property." Someday, some corporation will overstep somehow, and people will get angry enough to force some change.

    • by Trepidity ( 597 ) <{delirium-slashdot} {at} {hackish.org}> on Saturday August 01, 2009 @09:29PM (#28913621)

      I think we (as a society) still haven't worked out what we want to do about this as the problems become more apparent. I wouldn't call the ownership-of-information view as dead as you seem to think it is. If anything, it has considerable support among moderate conservatives or libertarians who agree that we need to do something about privacy and large aggregate databases of personal information, but are wary of more centralized, paternalist solutions based solely around regulation. If you have that combination of traits---want something done, but want it not to be paternalist---a property right in personal information is an attractive idea. It's a few years old now, but this book [amazon.com] has a good concise overview (pp. 76-79; might be able to get enough of an excerpt on Google Books if you're lucky) of a bunch of the proposals.

      An interesting variant are those that revolve around the idea of default implied contracts. The way that in normal contract law, there are all sorts of implied things for what happens if the contract doesn't explicitly specify terms governing a particular situation, some of the proposals would have default terms include some sensible governance for ownership and use of private information, and require deviation from those to actually be agreed by both sides (this might require broader EULA reform, though, to make sure people really do know what they're agreeing to).

      To be fair, the book also (pp. 81-92) has a decent summary of problems and criticisms of these proposals. Some are from people who'd love to aggregate huge databases of information and use it without any restraints, but there are a number from well-meaning people too. The problem is that the property rights are really the means, not the end--- it's not that we think having property rights in information is an inherent ethical good, but that we want to avoid some sort of dystopian surveillance society, and having property rights in your personal information is one possible proposal for how to avoid that. But designing markets is tricky, and subject to unintended consequences and loopholes, or just failing to really produce what we'd like them to produce.

  • I like the bit about identifying "profit-threatening" behavior. How long before telcos use this to identify your friends and come up with cheap excuses why you can't choose those numbers for the "circle of friends" free calls so many of them offer. Not that talk-time matters much, most people that I know that are my age (22) use their phones for text messages more than for calling anyway. It's been at least two years since I used my phone to call more than I did to text. Not that I think it would require t
    • A phone company might actually use this data for consumer friendly purposes such as offering increased incentives for
      the other members of the social network to stay such as any-network calling circles and lowering rates. The competitor
      might offer "Bring your friends" deals to the switcher. It would be idiotic for a telco to not allow you to have your friends number.

      • by kent_eh ( 543303 )

        A phone company might actually use this data for consumer friendly purposes

        Given your observations of corporate behavior in recent years, how likely do you really think that is?

        • Quite likely. Offers like "we can give you and your friend £50 if you introduce your friend to us" are getting more common. This sort of data mining lets them profitably offer you £100 each, if your friend is a probable churner. Which is a net profit for the phone company (if it attracts customers), and net profit for some of the people involved.

      • A phone company might actually use this data for consumer friendly purposes such as offering increased incentives for
        the other members of the social network to stay such as any-network calling circles and lowering rates. The competitor
        might offer "Bring your friends" deals to the switcher. It would be idiotic for a telco to not allow you to have your friends number.

        More likely IMHO would be them refusing to offer you anything but a long-term, locked-down, hard-to-leave contract based on the fact that you ta

    • by Junta ( 36770 )

      I confess to being unable to guess productive things a company can do with its data.

      The forbidding of 'circle of friends' calling seems useless, it's not like the carriers did that and would have been shocked that, amazingly, people choose numbers they frequently call when given the option of selecting favorite numbers for more talk time. Giving the feature, then restricting it based on your calling patterns just makes it stupid and counter-productive than never having the feature at all. Of course, carri

  • That guy from Numbers does this almost every week.

  • I don't know about the majority of /. people, but I know that none of my friends spend much time churning milk into butter.

    Switching networks? Dunno.
  • Good reason not to use anything they touch.
  • Ha! (Score:3, Funny)

    by Anonymous Coward on Saturday August 01, 2009 @05:30PM (#28912339)

    Good luck IBM, I don't HAVE any friends!

  • They could probably get a pretty good idea of who betrays confidences, gossips, etc. A lot of people would pay for that service-- really, even an "Ear Burning" notification when your name comes up in voice or text conversations. Google could deploy that by Tuesday if they wanted.

    Oh, but I guess there are still a few of us who would see a downside to that.

    Profit Threatening is not a crime (yet).
  • ... but they used the automatically-generated list of friends to give you a discount on calling those numbers. Great for bulletin boards.

  • by mstrcat ( 517519 )
    I'd be interested to know what telecom gave the researchers the data. If I'd been a customer of that company, I sure wouldn't any longer. I think I'll switch cell phone companies and phone numbers, just to become part of the churners.

"Oh what wouldn't I give to be spat at in the face..." -- a prisoner in "Life of Brian"

Working...