Online data reveals way more details of our private lives than most of us expect; what’s needed, an expert says, are new laws and policies to protect our online privacy
Metadata together with telemetry can reveal your location, identity, and daily activities—online or not—with remarkable accuracy. Photo: Shutterstock
When it comes to data privacy, most of us realize we have resigned ourselves to a devil’s bargain—releasing our digital souls in the form of every datapoint we enter into our smartphones and computers in exchange for the ability to search the web, make calls and write texts, stay in touch with friends on social media, track our health and fitness, and dozens of other applications from which we benefit every day.
What we often don’t realize is that the bargain goes well beyond what we think we are giving up. In fact, we provide a wealth of data that is never even passed through a keyboard or touchscreen: data packet headers, device identifiers, sensors that can precisely locate a person even when GPS and location services are turned off, and usage patterns for individuals and groups.
This “non-content” data, together with the information we explicitly enter, is collected, analyzed by service providers, and sold to third parties to uncover the most intimate details of our lives.
In a review just published in the Colorado Technology Law Journal, Susan Landau, Bridge Professor in Cyber Security and Policy at The Fletcher School and School of Engineering, and Patricia Vargas Leon, postdoctoral researcher at the Fletcher School through 2022, lay out the entire infrastructure of personal data collection as it exists today, describe the total collapse of any meaningful form of digital privacy, and propose a workable solution to extend the public’s original Fourth Amendment right “to be secure in their persons, houses, papers and effects” to our digital lives.
The Virtual Envelope
In 1879, the U.S. Supreme Court ruled that the contents of a letter or package are protected information and can only be searched by warrant, while the outside of the letter or package, with address, origin and anything else written on it, was open to inspection. It was a simple way to interpret the privacy of our communications for over 100 years.
But in today’s digital world, the amount of information on the virtual “envelope” of our smartphone communications and operation is revealing so much about our private lives, that Landau and Vargas Leon argue an update of privacy laws and regulations is long overdue.
The pattern of activity in location and associations with others can reveal a user’s income level, gender, marital status, sexual orientation, social status, and education.
They note that we voluntarily disclose the phone numbers we dial or text to our cellular providers; the URLs that we visit and the e-mail addresses we message to our internet service providers; and when we use apps, we may reveal the books, movies, groceries, and medications that we purchase to online retailers. We may not always be comfortable with it, but we are aware of this information we share.
But the other information we disclose—the digital envelope and other non-content information—is extensive and largely unknown to most users. Who contacts whom often reveals social networks, and much more.
Communications over IP networks are particularly detailed. In such cases, data are sent in packets, and packet headers can provide information about the content within such as the application used, what language is spoken, and sometimes select words, even if the communication is encrypted.
Device hardware IDs can help lock down the identities of the parties in communication. Cell Site Location Information, which is known to phone companies, and WiFi router location, known to internet service providers, can be used to approximate location. All this information is referred to as metadata.
Meanwhile, smartphone sensors can be used to track our movement in all directions. They do this through accelerometers that measure change in movement of a device; gyroscopes that measure tilt to set the screen in the right orientation relative to surroundings; magnetometers used to orient maps; and global positioning system chips used to pinpoint location. Proximity sensors detect when the phone is near your ear. These location, movement, direction, and proximity data are referred to as telemetry.
Metadata together with telemetry can reveal your location, identity, and daily activities—online or not—with remarkable accuracy.
Too Much Information Is Available
We assume that all of this non-content data is put in the service of making more effective apps, with features that improve the user experience. That much is true, but Landau and Vargas Leon lay out in shocking detail what else non-content can reveal, and it turns out it’s information that most users might prefer to keep private.
Studies have shown that non-content data can disclose where you live and work by looking at location patterns. It can reveal whether you have participated in a political protest or any other gathering. Metadata and telemetry can be used to determine with whom you associate, including likely relationship partners.
“Within a liberal democracy, privacy thus serves not only as protection of individuals but is, in a deeply fundamental way, essential for a nation’s stability.”
They can be used to map out entire social networks and determine their power structure—who has influence and who does not. They can reveal health issues you are dealing with if you visit or call certain clinics or click on certain websites. They can show when you are at a pub, and movement sensors can reveal whether you were walking straight or staggering home. So much for being an anonymous member of Alcohol Anonymous.
The pattern of activity in location and associations with others can reveal a user’s income level, gender, marital status, sexual orientation, social status, and education.
The Data Is Beyond Our Control
Not only are we offering way more information than most of us expect, but that information is now far beyond our reach and control, say Landau and Vargas Leon. Data collection is largely driven by the online ad industry. It is collected through websites, operating systems such as Android and iOS, and apps like Facebook, Google, Instagram, Uber, Ebay, and Amazon.
The ad industry uses your information to sell targeted ads and to tailor services, but it also sells the information to third parties, including data brokers, businesses, loan providers, and a host of others who seek to use intimate details of our personalities, profiles, and patterns to sell products.
Data can even be purchased by federal agencies, circumventing the normal process of subpoenas and warrants. In 2020, the Wall Street Journal reported that the data broker Venntel sold such data to Department of Homeland Security, the U.S. Immigration and Customs Enforcement, and the U.S. Customs and Border Patrol.
While we may be concerned that the government can peer into our private lives, the government is concerned about foreign entity-controlled apps—like TikTok—uncovering state secrets. Location data from sensors enabled the Strava fitness app to identify a secret U.S. military base when it marked the path of soldiers who jogged around the perimeter.
Landau and Vargas Leon point out that privacy policies are usually taken as statements of data protection, but they are better understood as statements of data use. Even if read with the eye of a contract lawyer, much less an average user, it would be impossible to define a boundary around the extent that private information can be shared.
A Proposal for a New Digital Privacy Law
Private information is supposed to be protected from government intrusion, but protection from commercial and other non-governmental entities is not a fundamental right.
“In the U.S., we don’t have a general privacy law to protect consumers; instead, we have sectoral protections such as the Health Insurance Portability and Accountability Act, which provides protection to sensitive patient information,” said Landau. “The Federal Trade Commission can act against industry unfair and deceptive practices, which can include use and abuse of private information, but its power and enforcement capability is limited.”
Landau and Vargas Leon also note federal laws, which often lag behind developments in technology, have largely ignored privacy protections for metadata and telemetry. Only five states have laws that regulate the use of non-content data, and they focus only on location information.
The ad industry uses your information to sell targeted ads and to tailor services, but it also sells the information to third parties, including data brokers, businesses, loan providers, and a host of others who seek to use intimate details of our personalities, profiles, and patterns to sell products.
The authors point out that once digital data goes beyond the direct relationship between user and service provider, it can no longer be controlled—and its use can even cause harm. They propose a strict purpose limitation principle for metadata and telemetry. Under it, non-content data are to be used exclusively for the delivery and display of requested information, providing and improving services to the user, and investigating fraud in use of the services.
Landau and Vargas Leon suggest also that this data should be available to manage public health emergencies, for example for tracking movement of populations during a natural disaster such as an earthquake.
Only the content of which the user is aware—the products they buy online, the locations entered into an app, the websites they visit—may be sold as data to third parties, but only with the explicit consent of the user.
Landau and Vargas Leon say that the stakes for data privacy are quite high. The ability to track a person’s activity and uncover private information that they would prefer to withhold could be used to influence behavior, to discriminate, or to control. “Within a liberal democracy, privacy thus serves not only as protection of individuals but is, in a deeply fundamental way, essential for a nation’s stability,” they write.
