Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Privacy United States

Why is this Company Tracking Where You Are on Thanksgiving? (theoutline.com) 98

Earlier this week, several publications published a holiday-themed data study about how families that voted for opposite parties spent less time together on Thanksgiving, especially in areas that saw heavy political advertising. The data came from a company called SafeGraph that supplied publications with 17 trillion location markets for 10 million smartphones. A report looks at the bigger picture: The data wasn't just staggering in sheer quantity. It also appears to be extremely granular. Researchers "used this data to identify individuals' home locations, which they defined as the places people were most often located between the hours of 1 and 4 a.m.," wrote The Washington Post. The researchers also looked at where people were between 1 p.m. and 5 p.m. on Thanksgiving Day in order to see if they spent that time at home or traveled, presumably to be with friends or family. "Even better, the cellphone data shows you exactly when those travelers arrived at a Thanksgiving location and when they left," the Post story says. To be clear: This means SafeGraph is looking at an individual device and tracking where its owner is going throughout their day. A common defense from companies that creepily collect massive amounts of data is that the data is only analyzed in aggregate; for example, Google's database BigQuery, which allows organizations to upload big data sets and then query them quickly, promises that all its public data sets are "fully anonymized" and "contain no personally-identifying information." In multiple press releases from SafeGraph's partners, the company's location data is referred to as "anonymized," but in this case they seem to be interpreting the concept of anonymity quite liberally given the specificity of the data.
This discussion has been archived. No new comments can be posted.

Why is this Company Tracking Where You Are on Thanksgiving?

Comments Filter:
  • Be more specific (Score:4, Insightful)

    by 93 Escort Wagon ( 326346 ) on Friday November 17, 2017 @09:51AM (#55569373)

    Does the headline refer to Google or to Facebook?

    • Re: (Score:2, Funny)

      by Anonymous Coward

      Yes.

    • by slick7 ( 1703596 )

      Does the headline refer to Google or to Facebook?

      It's more likely an AI in the background performing metrics for the FEMA camps. A little paranoia is good, a lot of paranoia is governmental emphasis on the mental. Once again, human stupidity will outshine any AI.

  • by Anonymous Coward on Friday November 17, 2017 @09:56AM (#55569413)

    I firewall every app, including google apps on my phone using the free firewall NetGuard. I also have data turned off and data limits set to zero. I also keep my phone in airplane mode, although that would be impractical for most people. This assures that I am never tracked by google, our Nazi snooping government, etc.

    • What are you talking about? A phone is a location tracking device. It has to be in order for it to work with cellular networks. If you don't want people to track you, why do you carry one around with you?
      • by Unknown1337 ( 2697703 ) on Friday November 17, 2017 @10:51AM (#55569869)
        While a phone is indeed a locating device in order to function there is an extremely large difference between your cellphone company being able to locate you at a single moment in time should the need arise and "some company" storing everyone's location over time in order to build trend information and knowledge about you, your home, behaviour, family/friends, place of work, etc. A single point in time tells you nothing, even between 1-4am there is no guarantee on that day of that year you were asleep much less that you were at home, but tracking people over time does just this and is indeed frightening and literally defines digital stalking.
      • A phone is a location tracking device. It has to be in order for it to work with cellular networks.

        That's why he said he keeps it in airplane mode all the time. As long as you don't turn WiFi on while in airplane mode, the cell system can't track you and you can't be tracked by the location of the WiFi router.

        If you don't want people to track you, why do you carry one around with you?

        Because it plays music and takes pictures. And there are times when I want to make calls.

  • Today's (Score:5, Insightful)

    by Anonymous Coward on Friday November 17, 2017 @09:57AM (#55569437)

    All these claims surfacing about Hollywood and Politicians having inappropriate relations with women from 20 years ago. Imagine the amount of blackmail dirt they will have in the next 20 years. Everything you do, say, and part of how you think (at least online) is being tracked and saved. It may not come back to haunt you but get rich, famous, or powerful enough and you might just find yourself writing checks to people to keep quite because you left your phone on when you went to a location that becomes unpopular 20 years in the future.

  • Simple answer: (Score:5, Insightful)

    by mujadaddy ( 1238164 ) on Friday November 17, 2017 @10:08AM (#55569535)
    "Why is this Company Tracking Where You Are on Thanksgiving?"

    Shitty privacy laws from shitty paid-for public "servants". Anything else is a distraction from that issue.
    • by Anonymous Coward

      It's the lack of transparency as much as that. If we got a pop up every time an app used GPS or spied on us, people might decide to take umbrage with it.

      But, most people just don't give a crap about things that happen when they can't see them because nothing happens if you're not looking. The result is that the rest of us have to be triply careful as those jackwagons sold us out as well as themselves.

    • Shitty privacy laws from shitty paid-for public "servants".

      And not likely to change anytime soon, what with both Facebook and Google getting so deep into politics and enthusiastically participating in the congressmen pay-to-own market. This, together with the informational services they provide to some various government agencies puts them in a strong position to stop inconvenient legislation. At this time I can't think of any opposing entity with enough clout or deep pockets to stop those behemoths from trampling all over our privacy.

  • It's not just Thanksgiving, that was just an interesting data point -- like all of the other ones...

    If you don't have the data, you can't scan it. But if you do, you can squeeze the data so hard that a 0 becomes a 1.
    • by bhetrick ( 1812392 ) on Friday November 17, 2017 @11:55AM (#55570341)

      The author of the article might want to learn what words mean. They do typically have meanings, you know.

      Anonymous data is data not identified with a particular person. It does not mean cannot be identified with a particular person. It also does not mean the data cannot be associated with itself over time.

      Five-digit ZIP code areas are pretty big and are not particularly indicative of an individual. Cell tower coverage is typically more detailed than a five-digit ZIP code. ZIP code of residence is trivial to determine from mobile phone records: it’s where your phone spends the majority of the day. ZIP code of work place is also fairly easy to determine: it’s where your phone spends the majority of the day when it’s not at home. Associate these two ZIP codes, though, and the association is unique for about 90 to 95% of the US population. Therefore knowing these two ZIP codes means you have isolated an individual. All anonymity means is that this information, by itself, does not tell you who that individual is. You can find out, though, with a subpoena, not even a warrant—or a friendly employee of the wireless carrier—or if you have someone specific in mind and you know or can find out where they live and work.

      It is useful to consider how powerful location data is. A phone goes to a cancer clinic twice a week but not five times a week in 8-hour blocks? The phone owner has cancer. A phone goes to an ob-gyn twice in a single month? The phone owner is pregnant. A phone goes to an ob-gyn once a month for three months running? The phone owner is trying to get pregnant. A phone goes to a particular church most Sunday mornings? The phone owner belongs to the denomination of that church. Two phones are sporadically at the same motel at the same time (even if the particular motel changes)? The phone owners are having an affair. And on and on it goes.

      Because de-anonymizing data is so trivial, having access only to anonymous or anonymized data protects against absolutely nothing.

      And yet in this particular story, anonymity was retained. You can identify households from individual location data alone, which the study did. You can identify likely political leanings from individual location data alone, which the study did. You don’t need to attach names to the individuals to study the individuals, and this study did not.

      Anonymity does not mean you as an individual cannot be identified. It just means you haven’t been—yet.

      • Anonymity does not mean you as an individual cannot be identified. It just means you haven't been - yet.

        Excellent post, but I think you err on the side of too much optimism. Anonymity doesn't mean you haven't been identified yet; it means you have not been told you were identified yet.

      • I'd like some more justification for "90-95% of the population will make up a unique (home,work) ZIP pair." (paraphrased)

        If we assume the estimated 330M population of the US, and *around* 43k ZIP codes, that 76% of the population is adult, and the relatively crazy assumption that ALL of them are working, let's do some combinatorics...

        Yes, there exists sufficient space in Binomial[43001,2] (Mathematica/Wolfram Alpha notation) to *permit* every adult to have a unique pair. The estimate gives 251M adults and a

  • by dryriver ( 1010635 ) on Friday November 17, 2017 @10:13AM (#55569575)
    When they drill down to see more "granular data" on me they find that the rabbit hole goes deep indeed. =)
  • The Common Defense (Score:5, Insightful)

    by ytene ( 4376651 ) on Friday November 17, 2017 @10:16AM (#55569605)
    From the OP:

    "A common defense from companies that creepily collect massive amounts of data is that the data is only analyzed in aggregate; for example, Google's database BigQuery, which allows organizations to upload big data sets and then query them quickly, promises that all its public data sets are 'fully anonymized' and 'contain no personally-identifying information.' "

    I think it is critically important that we [as the data subjects ] recognise an important distinction.

    This statement would be equally true if the company:-

    1. Collected all the data with maximum resolution
    2. Stored that data in a maximum resolution data set
    3. Created a transformation process that took the maximum resolution data, "anonymized it" as it was loaded into a queryable database
    4. Ran queries of the database...


    The point being that the wording is so specious and so perfect for leading you to jump to the wrong conclusion. In other words, unless the company actually comes out with, "We do not store or otherwise retain access to your data in original or non-anonymized form - and you can come audit us so we can prove it to you", then they are not to be trusted.

    And remember, anything that is captured - even if not used as part of the company's commercial offering - can be subpoenad or demanded via NSL.

    And if your company is doing something that is right on the edge of being shut down by i.e. privacy laws, then maybe one way of staying just inside the line of acceptability [to government] is to offer to share what you've got if they ask...

    None of this is safe. None of it.
    • Great . thanx for your suggestions
    • by HiThere ( 15173 )

      And another thing is, even if they truly intend to protect your privacy, never get hacked, never leak, and don't make any mistakes, they can still go bankrupt.

      After bankruptcy, all that data is going to end up with the highest bidder, who won't have made any promises about how the data will be used.

      And that first paragraph was a sort of unbelievably optimistic hope.

  • Call Mom (Score:4, Funny)

    by techdolphin ( 1263510 ) on Friday November 17, 2017 @10:31AM (#55569739)
    In other news researchers also said that 65.237 percent of moms wished that their children away at college would call home more often. For children whose names begin with B, the percentage of mothers who want their children to call home is 71.237. For moms whose first name begins with L, the percentage is 73.543. The researches assured us that the data is anonymized.
  • by thegarbz ( 1787294 ) on Friday November 17, 2017 @10:40AM (#55569799)

    Anonymous doesn't mean that I can't track you from your house to your work. It's that I don't know who you are when you get to either destinations. We build an incredible database of information about anonymous people, unfortunately with enough information we can often de-anonymise them.

    Same with Bitcoin being anonymous. Just because I know exactly how much money is in your wallet and exactly where you spend it doesn't make it less anonymous.

    • I've been taught that i only one person can identify a person based on data, then by definition that data is not anonymous.
      • To quote EUs new General Data Protection Regulation: "The principles of data protection should therefore not apply to anonymous information, namely information which does not relate to an identified or identifiable natural person or to personal data rendered anonymous in such a manner that the data subject is not or no longer identifiable." http://eur-lex.europa.eu/legal... [europa.eu] I interpret this to as; if one person can identify the natural person the data relates to, the data is not anonymous.
  • by FeelGood314 ( 2516288 ) on Friday November 17, 2017 @11:20AM (#55570079)
    to safegraph. If the data is say held by Google and they allow only certain aggregate queries to be done but never give you anything but the aggregate answer then Safegraph won't know what happened in individual houses. This gets very tricky though. You have to have some thresholds about how small an area you can give a report on.

    For example - The Canadian credit bureaus will sell reports based on postal code (a postal code is a side of a street, between intersections), that give the high, low and median score. Now if there were under a certain number of people in that postal code we didn't give the information (This was a decision made by the programmers, legally the company could) but what about the case where the high and the low score were almost the same? In such a case, revealing the high and the low essentially revealed everyone's score.
    • If the data is say held by Google and they allow only certain aggregate queries to be done but never give you anything but the aggregate answer then Safegraph won't know what happened in individual houses.

      Your hypothetical makes sense, but it doesn't appear to be the case. According to TFA, Safegraph doesn't get the data from Google or any similar source, they get it from many third-party apps, and they have to get full detail because they are the aggregator. They can take steps to anonymize it, of course.

  • They just asked Google.

  • It defines "home" as where I am most often from 1 - 4am?? That's just crazy talk ...
  • Anonymous = without names. Location, dates, homes, family connections, and times of day aren't names.

    Congrats on shitty laws.

  • Send you phone to another country, round trip.
  • How do they avoid tracking in countries where privacy laws are more strict? It seems to me that the data they collect does not conform to European privacy laws.
  • Sure, data is anonymized, but it still contains the location where you sleep and where you work (the later being just what is missing to sort out people living in the same building)

How long does it take a DEC field service engineer to change a lightbulb? It depends on how many bad ones he brought with him.

Working...