Stanford's MetaPhone Project: Crowdsourcing Metadata To Challenge the NSA 96
An anonymous reader writes "'When the first NSA surveillance story broke in June,' writes Dennis Fisher at Threatpost, 'most people likely had never heard the word metadata before. Even some security and privacy experts weren't sure what the term encompassed.' The NSA and its supporters have, of course, emphasized that phone records collection is 'not surveillance.' Researchers at Stanford are now crowdsourcing data to incontrovertibly establish just how much the NSA knows. 'Phone metadata is inherently revealing,' says a study author. 'We want to rigorously prove it—for the public, for Congress, and for the courts.' If you have an Android phone and a Facebook account, you can grab the MetaPhone app on Google Play."
Hmm (Score:5, Funny)
Nice try, NSA
Re: (Score:1)
Did they smack the sense of humor out of you?
If you were paranoid about the NSA having it (Score:5, Insightful)
I understand their point, but uh no.
Re:If you were paranoid about the NSA having it (Score:5, Insightful)
Re: If you were paranoid about the NSA having it (Score:5, Funny)
Hi, I work for the NSA
I just checked and I know for a fact that you rarely call your grandma. In fact I see she calls you and you don't pick up
I sent a note to your local police department to harass you until you call her. And I set your phone on autodial her number to help you out
Re: (Score:2)
That knock on your door? It's 300 pizzas. Have a nice day. Those new car payments, well, this Lambo's going to be fun to drive around until we crash it and leave your ID with it. And don't worry about the photoshopped pics of you on your Linked-in profile. Just a little fun.
Re: (Score:3, Interesting)
And decades of horrible precedent have distorted the meaning of "legal" so that the 4th Amendment is able to be ignored by anyone in gov't who wishes to do so. It's time to start over.
I don't think it's necessary to start over, as The Constitution does provide a great framework.
Perhaps what is needed is an Article V Convention [wikipedia.org] to iron out a few of the problems. An amendment to entirely disband the NSA and prohibit the creation of any agency with a similar purpose might be a good start. Follow up with an amendment to absolutely prohibit all trade with any country having a local equivalent to the NSA.
Don't be fooled, it won't be the end of spying. The roaches exposed with these amendments
Re:If you were paranoid about the NSA having it (Score:5, Insightful)
That won't do it. What you need to do is put some teeth in the Constitution. Simply define any violation of the Constitution by an agent or employee of the government as treason and put every non-unanimous SCOTUS decision to a popular vote. If 4/5 of voters agree that one side or the other obviously violated the Constitution with their opinion (be it the winning or losing side), they also go on trial for treason.
Kiss that rubber stamp from the courts goodbye. No more Citizens United or Kelo decisions. And good luck getting any sizable number of people on board with blatantly illegal activities that violate the Constitution when everyone who participates in any way in anything questionable is risking their lives. Today, anyone can willfully disregard the highest law of the land with no consequence. The higher up they are, the larger and more grand their golden parachute is should they ever be required to take a dive for the folks upstairs. Watch in utter amazement how few government lawyers will jump to write position papers defending secret surveillance, detainment, and torture of US citizens when doing so is automatic treason.
And who handles the prosecution and holds the trial? A semi-random group of citizens selected automatically for the task. No more inside group who would never go after one another. No more buddy-buddy side deals that make everything go away because they're from the right family or have the right connections. Just regular people applying common sense and decency to keep everyone in government in line. You walk the straight and narrow or the citizens come calling.
Anything less, you can forget it working. These idiots responded to "the right to keep and bear arms shall not be infringed" by banning guns and they responded to "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated" by launching secret surveillance programs to watch us every minute of every day to the greatest extend currently possible.
If you think this is all coming from a lack of clarity, then you haven't been paying attention. It's coming from a lack of consequences.
Re: (Score:3, Insightful)
I've been called a nut job here on /. and elsewhere for suggesting that the biggest flaw the founding fathers made was
forgetting the teeth in the Constitution. Glad I'm not the only one waking up to the realization that this is a serious
failure. They simply didn't consider that courts would be as corruptible as the rest of government.
Re: (Score:3)
Well, that, and, cynical about their fellow men as they were, they couldn't conceive that the citizenry would be so lax in their duties as to let things get so far out of whack. The "common man", as stupid (that's asleep, in old speak; oblivious in the new), parochial, and lazy outside their own very narrow immediate situation, still had some balls back then. Even, on rare occasions, some sense of duty towards the commonweal. Nowadays? Pfui.
As pointed out below, treason doesn't cover it. But things suc
Re: (Score:1)
Stupid Americans. Let's talk about that.
Back during the revolution, a group of over a 1000 citizens marched on the Governor of Massachusetts' house to lynch him and burn down his house (with his family inside of course). He met them on his front porch and they had a discussion. Then the 1000 men, armed with torches and a rope, listened to his argument as to why he should not be lynched, his family burned alive, took a vote and right there and then, decided to turn around and go home.
Americans today aren't r
Re: (Score:2)
Ah, yes, the Grand Old Republic. Nice, eh? I think you furnished a pretty good precis (if that's the right word.) And thanks, I'd clean forgotten the Mass. Guv thing.
Re: (Score:2)
Add teeth to the constitution is a meaningless act if those teeth are blunted by lack of feasibility of enforcement of whatever teeth you want to add in. It's already the case that your government is breaking the law by breaching the constitution because it's not enforced either because of a corrupt politically appointed judiciary or because of effective use of weasel words and interpretations of the law that make literally zero sense (sexual relations that aren't, but actually were).
What you actually need
Re: (Score:2)
No, they did count on the courts being corruptible -- that's why we have three equal powered parts to the government. The Federalists, knew rightly that a weak central government was the quickest path to corruption. Like what we have now; states outbidding each other to lower standards for companies to move there.
When Clarence Thomas' wife made about $700,000 consulting for a Koch owned puppet company that was behind "Citizen's United" the justice department led by SOMEONE would have come on down on him lik
Re: (Score:2)
You can't do that. Treason is already defined in the Constitution (and your definition doesn't fit). You'd need a Constitutional amendment to change it.
Goodluckwiththat.
Re: (Score:1)
A quick quiz for you. Please choose which of the following is the actual text of the Second Amendment:
A) A well regulated Militia, being necessary to the security of a free State, the right of the Militia to keep and bear Arms, shall not be infringed.
B) A well regulated Militia, being necessary to the security of a free State, the right of the people to keep and bear Arms, shall not be infringed.
Re:If you were paranoid about the NSA having it (Score:4, Insightful)
I've heard more and more people calling for a constitutional convention. Guess what would happen, if one were convened, today?
RIAA, MPAA, and a multitude of "representatives" from the military industrial complex would rewrite the constitution for us. Right now those same players are writing some abomination that they refer to as the "Trans-Pacific Partnership". Of course, that "partnership" fails to invite common citizens into the discussions.
Think about what you're asking.
Re: (Score:2)
We couldn't even muster enough to get an Amendment guaranteeing women suffrage. Hell, we can't pass legislation any more complex than determining parking ticket fines at the national level.
Any you think you can get a Constitutional Convention to do something so emotionally laden and complicated as spying? Might as well start with abortion (take either side, don't make a difference).
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
No kidding.
Especially if Facebook is involved in any way.
Who needs metadata when everyone has to sign up with facebook?
Stanford: What in gods name were you thinking??!!
Re: (Score:3)
Because the Stanford project doesn't have a list of suspected/confirmed terrorist/criminals it may be try to associate you with. Unless they are asking such a question (Are you a criminal?), which would be awesome.
And you are correct, No...
Re:If you were paranoid about the NSA having it (Score:5, Insightful)
If it's officially not private, then they should just ask the NSA for an anonymized data dump. We paid them for the collection already.
Re: (Score:2)
You're giving it out anyway, whether you want to or not, to the three-letter-acronyms.
Might as well also give it to some one that might use it for good.
Re: If you were paranoid about the NSA having it (Score:2)
Using Metadata to Find Paul Revere (Score:5, Informative)
This post titled Using Metadata to Find Paul Revere is very insightful (and very basic in terms of collected data compared to phone metadata):
http://kieranhealy.org/blog/archives/2013/06/09/using-metadata-to-find-paul-revere/ [kieranhealy.org]
There's a previous and more mathematically detailed analysis of the same data here (the author above didn't know about this analysis until after publishing, but the link above is a much easier read):
http://www.sscnet.ucla.edu/polisci/faculty/chwe/ps269/han.pdf [ucla.edu]
Re: (Score:2, Offtopic)
Somewhere near you, there is a community college offering Remedial Reading 101. You should check it out.
Re: (Score:2)
Stanford Researcher - Glad to Answer Questions (Score:4, Informative)
I'm one of the Stanford researchers working on the MetaPhone project. Way cool that we made
Some additional details are available at metaphone.me [metaphone.me]. I would be glad to answer questions.
Best,
Jonathan
Re: (Score:1)
Do you and your fellow researchers pledge not to join any startups where you can specifically monetize the expertise you gained on the use of phone metadata?
Re: (Score:2, Informative)
As for the data, we recognize that participants are placing their trust in us. We have committed to securing the data and deleting it once the study is complete.
Re: Stanford Researcher - Glad to Answer Questions (Score:2)
Re: (Score:1)
Are you guys looking to just target a certain android platform or will this study reach iOS users as well? Also from the information I've read thus far the data is being used in conjunction to a court case regarding NSA collections; This in mind how long will the study hold the metadata and when/how will it be destroyed?
Re: (Score:1, Interesting)
Are you guys looking to just target a certain android platform or will this study reach iOS users as well?
The study is presently Android only. We would like to support iOS, but the telephony APIs do not include phone metadata.
Also from the information I've read thus far the data is being used in conjunction to a court case regarding NSA collections;
While we hope our research results will have a public impact, the MetaPhone project is not affiliated with litigation against the National Security Agency.
This in mind how long will the study hold the metadata and when/how will it be destroyed?
The pace of the study will be largely dictated by user response. We anticipate completing our work by Spring Quarter at Stanford, but the project may take longer.
Re: (Score:2)
at&t web log?
make an export tool for those operators that have web interfaces (for bill checking purposes) to the metadata logs?
Re: (Score:2)
I don't use either of the platforms the project is based on, but I would contribute if I could.
I can understand the concerns of the people who don't support the project because of the involvement of fb, but not those who oppose the NSA invasion, yet don't want to voluntarily give their info. The results could end up being one of the best arguments against the NSA's practices. Further, by volunteering to contribute their data to the project, while opposing the NSA's activities, they augment the position that
Re: (Score:2)
I've looked at a couple of links, one in the Slashdot post and the one you posted, but couldn't find a list of specific data points you are collecting.
Links I went to:
https://cyberlaw.stanford.edu/blog/2013/11/what's-in-your-metadata [stanford.edu]
http://metaphone.me/learnmore [metaphone.me]
Is there a link to the data point information, or could you provide more information? Data points by source would be great (potentially obvious, but seeing sources would make things clearer and more transparent).
Thank you.
Re: (Score:2)
I suspect they wont tell you because that would taint the study. You could either a. avoid things embarrassing or b. intentionally hammer on something to screw up the stats. It would be better if you didn't even know you had it installed. But that would be unethical.
Re: (Score:2)
I considered that, good observation.
But, we can guess many data points (which could be manipulated, but I'm not sure for what purpose - I believe the research is a 6 Degrees From Bacon exercise, and not a bad thing to pursue).
For cell phones: http://www.theguardian.com/technology/interactive/2013/jun/12/what-is-metadata-nsa-surveillance#meta=0100000 [theguardian.com] (requires JS)
* phone number of every caller
* unique serial numbers of phones involved
* time of call
* duration of call
* location of each participa
Re:Stanford Researcher - Glad to Answer Questions (Score:5, Insightful)
Your app requires a Facebook account. Please change that. Nearly everyone that has an android phone also has a Google account. Please make that an option.
Re: (Score:1, Informative)
Your app requires a Facebook account. Please change that. Nearly everyone that has an android phone also has a Google account. Please make that an option.
We're using Facebook for structured social network data, not single sign-on like the Google/Facebook/Twitter/OpenID/etc. options offered by some websites and apps.
Re: (Score:2)
Re: (Score:2)
Does it work if you use Google Voice over VoIP instead of the stock dialer and "voice minutes?"
Re: (Score:1)
Hi Jono,
Just a quick question: when did you stop beating your wife?
Cheers.
Cant install it (Score:2)
Re: (Score:2)
Try hitting the install button and see why it says it's incompatible. I think this is a USA-only thing, as it tells me "not available in your country" when I try.
Misunderstanding the argument (Score:5, Insightful)
The claim isn't that metadata isn't revealing. Of course it's revealing. That's why they're gathering it.
The assertion is that metadata isn't private in the same sense that the name and address on an envelope aren't private. If you leave one out on the table, anybody can read it. They can't read what's inside the envelope without opening it, but the addressee and return address are plain as day.
Whether that argument holds legal water is up to lawyers, legislators, judges, and (ultimately) voters. But nobody needs to convince the NSA that it's revealing; they're well aware of it. And so, I assume, is everybody reading this site. What the Congress and the Courts know... honestly, I wouldn't even begin to imagine, but I suspect that they're unlikely to change their mind on it based on this. I can't imagine that "install this data-gathering app and we'll show you that we can gather a lot of data" comes as a surprise to anybody.
Re:Misunderstanding the argument (Score:4, Insightful)
If it isn't considered private, it should all be released to the public, maybe with a month delay to account for national security needs.
They claim the data isn't blanket searched. First of all, I don't have trust in the messenger at this point. Second, the systems they have are considerably more powerful/expansive than I had imagined. By the looks of it, it's a global communication catcher with no reasonable limits (whatever that would mean).
Third, in August they admitted to "2,776 incidents of 'unauthorized collection, storage, access to or distribution of legally protected communications" in the preceding twelve months' ":
http://nymag.com/daily/intelligencer/2013/08/nsa-violated-privacy-law-thousands-of-times.html [nymag.com]
Seems public enough to me to truly be public.
Re: (Score:2)
"2,776 known incidents of 'unauthorized collection...."
FTF us; it was clever of them to omit that qualifier. Many would slide right past it, or say "See, they know what's going on, even the wrong stuff." and be comforted by the seemingly small number of incidents and thus in their own minds negating the very importance of what they'd just read.
(Long ago and far away I was involved in writing scripts and such for the telemarketing of vacation home sites. It's right amazing what can be done with careful wor
Re: (Score:3)
Care to bet on that? These days I wouldn't. Consider - most mail routing is done by automated systems, how difficult do you suppose it would be to send/store a copy of the plain text sender/receiver information while the routing barcode is being printed?
Re: (Score:3)
All envelopes have been photographed by the USPS for some time now - and that data is available via existing legal means and conditions. Whether there is wider collection I don't know.
A search brings this up as one of the early results:
http://news.yahoo.com/ap-interview-usps-takes-photos-mail-072949079.html [yahoo.com]
and according to the article the data is kept for up to a month "but they are available for law enforcement, if requested." The program started after the ricin attacks in 2001. Also according to the ar
Re: (Score:2)
The Supreme Court has also allowed prohibitions against alcohol and marijuana to stand. History has proven prohibition to be wrong, stupid, and utter failures. Maybe you should side with civil libertarians instead of the court?
Re: Misunderstanding the argument (Score:2)
Not a worthy argument. Say that you hold the database of all addresses on all letters held by all residents. Sender and reciver. You see patterns, these patterns are all that is then needed to build a case to then conduct surveillance. The metadata is the tool used to create a reason to pursue. Without it they actually have to go out and do their jobs. Sure as a bystander one can see an envelope here or there. In actual fact it's a ferderal offense to mess with people's letterboxes. So unless someone leave
Re: (Score:2)
Of course an addressed envelope isn't "private" to the extent that the contents of the envelope are. But, one doesn't expect the mailman to maintain a log of every parcel that he delivers to, or picks up from your house. Nor do you expect that mailman to share his log with the police department, or the Aryan Race headquarters, or the Muslim Brotherhood's Neighborhood Ethics Patrol.
Re: Misunderstanding the argument (Score:2)
That said, I don't believe it's just metadata. The size of datacenter the NSA just built tells me they're collecting whatever flows thru their capture devices. Wholesale.
Re: (Score:2)
And the argument, which you misunderstood, is that it is provably private data because it reveals way too much. The decisions have been in error.
As increments, they were logical and sound. At some point, though, you have to reset the starting point and ask if it has gone to far. Inch to inch, no. But from 1776 yes.
I am concerned that the study is gathering far more data tan necessary due to the Facebook comment above. Of course if you have Facebook data plus location you know all.
What is being claimed publi
Re: (Score:2)
Quibble: it's "inch _by_ inch" as in
"Inch by inch, step by step....Niagara Falls!" - The Three Stooges.
What is metadata? (Score:2)
Well, it's GIS map info, the Google app tracking of your searches, the cell phone tracking devices in all US cities that geolocate you downtown, the traffic camera feeds with license plate matches, the credit or debit card transactions at every store, the answers you gave to what you thought was a cute girl online but was actually a fake harvesting bot.
All of that plus your digitized walking stride, your clothing selections, and everyone you talked to and were within 3 feet of.
Congratulations!
You live in a
Re: (Score:1)
You assume I'm not part of the machine on purpose.
Interesting ...
What we really need (Score:5, Insightful)
What we really need is for someone to get a hold of some pro-dragnet surveillance politico's, like Diane Feinstein's, metadata and publish a nice analysis of that.
Then she could get up there and tell us how innocent the collection is.
Re: (Score:2)
A few volunteers at the capital and it is guaranteed. But what happens then?
First hint, I'm not volunteering.
Second, eavesdropping.
Third, national security.
Result, failure to prove anything. Something that would have an effect is a far better aspiration than turnabout.
Re: (Score:1)
No eavesdropping is done. All we need is the metadata. That's something that any law enforcement agency can obtain without a warrant.
What does it prove? It could prove to be a huge embarrassment to the target, which is why the target needs to be someone who claims that the metadata doesn't tell anyone anything about your personal life.
I'm not just talking about, "You made 32 calls last year to a phone sex line, each lasting approximately 35 minutes". How about, "I see you made a couple of short calls to
Re: (Score:2)
First, Feinstein & co. aren't real liberals -- our country's idea of a "liberal" is actually what qualified as center-conservative until relatively recently in UShistory, and they're still center-right in other first-world democracies. From what I've heard, Ted Kennedy was the last real liberal to be a political success, and he served from freaking 1962 (when liberal still meant liberal to a large degree) until he died 5 years ago.
Second, only politicians willing to largely support the military/spying
Fighting the spying on citizens (Score:1)
My proposal is that if Everyone, Everywhere started inserting words that we all suspect the Govt is searching for ... into all of our online email, sms, etc as just a random insertion of a word here or there then their search algorithms will just become useless.
Example... if every email and SMS in the world had the word "jihad" inserted into it then they would have Billions of captures everyday that they would find are really useless to them and a waste of time/compute/storage.
Keep up the pressure (Score:1)
I'll take this as a nail in the coffin for metadata -- that it's not really meta. But the real reason is it would have been misused by England to feel out the Founding Fathers' networks, and hence the FF would have intended it to be forbidden sans warrant.
Remember, they just need to get a warrant to go leapfrogging a step (no more without Congress specifying a Bacon leap number) from known, warrantable bad guys. That is all we are saying.
Phone call data is not metadata! (Score:2)
It's data. It happens not to be complete - there's more, namely the audio of the call.
Intelligence agencies have been doing traffic analysis on this sort of data -- just who is
communicating with whom - for at least 70 years. For NSA to refer to it as "only metadata"
is the height of hypocrisy.