How programming savvy might save us from a surveillance state
Although most of the systems that track people are operated by corporations, the threat from surveillance-happy governments is most alarming.
Maps of the world used to feature mountains, oceans, and sometimes even skyscrapers. With today’s maps, the primary geographic feature is us — the exact locations of billions of humans, our every move recorded and viewed by far too many eyes. Governments and businesses track our dollars, take note of our employers, memorize the addresses of every home we have ever lived in, and retain the vehicle identification numbers of cars we have driven.
Yet it seems that despite our intermittent grousing, locational privacy is something we do not mind giving up. We have come to love the way our phones tell us the local news headlines and weather because they know exactly where we are, the way we can roll through highway toll plazas because the radio transponders in our cars pay. So what if the transponder also tells the state that we drove east toward Boston at 9:35 a.m. on Monday?
Our ability to constantly track one another’s locations is “going to change our existing notions of privacy,” says Jeff Jonas, one of the top researchers at IBM. For instance, researchers have found that if you track someone’s cellphone-usage patterns over a three-month period, you could probably predict where this person will be with an accuracy of 93 percent. A police force could use this method to arrive at the scene of a future crime an hour ahead of the prime suspect or could scour millions of cellphone-location records and thereby predict the movements of political dissidents. “A surveillance society is not only inevitable and irreversible,” Jonas says, “it’s worse. It’s irresistible.”
Today, most of the systems that track where we are going are owned and operated not by busybody bureaucrats or secret police but by corporations. Companies like Apple and Google and Microsoft are building an ever-expanding history of our locations and movements and trade on this information for profit. A research report from February 2013 found that half of the 50 most popular apps for iPhones and Android smartphones automatically transmit information about the users’ locations. In 2012, researchers at the Massachusetts Institute of Technology found that when a user stops playing Angry Birds, the app keeps right on running in the background, steadily broadcasting the player’s whereabouts to help deliver targeted ads.
Add to this the detailed personal data available from information brokers like Acxiom, which has files on about 190 million Americans and a half billion people worldwide. Acxiom knows their age, race, sex, weight, height, marital status, education level, even political leanings, based on data culled from publicly available sources. Anybody from the police to commercial enterprises can purchase this data and combine the information with location tracking to create a comprehensive survey of our lives.
Still, it is the threat from surveillance-happy governments that is most alarming. However much Google may know about you, it does not run any maximum-security prisons. In 2012, at the behest of then-US Representative Ed Markey, the nation’s cellphone companies revealed that law enforcement agencies made 1.3 million data requests of them in 2011.
Police forces throughout the United States track millions of vehicles with help from digital systems that record the license plates of passing cars, then save them in a database that notes the time the images were taken and where they were taken. One journalist who wrote about the system in San Diego learned that his own car’s plate had been scanned 24 times in 13 months. In effect, drivers are under constant police surveillance, whether they are criminal suspects or not.
In Boston, our MBTA Charlie Cards are embedded with radio-frequency identification (RFID) chips that let us pay our fares by simply waving them in front of a scanner. And millions of people nationwide pay their highway tolls with an RFID-based E-ZPass that records each time they drive through an electronic tollbooth. Cops and attorneys armed with subpoenas routinely inspect these records, which could provide an alibi in a criminal inquiry but could also tell a divorce lawyer that you were not working late at the office that night.
However, it is too early to despair about the surveillance state. Locational privacy, the right to keep one’s whereabouts secret, has found champions across the political spectrum. In 2013, Republicans and Democrats in both houses of Congress introduced bills that would often require police to get a probable-cause warrant to electronically track a citizen’s location and movements. The measures would cover real-time tracking, but they would also generally require a warrant for access to the location data in someone’s old cellphone records.
We would be even better off with location-based systems that have privacy features built into the software. Consider the EZ-Pass. Andrew Blumberg, assistant professor of mathematics at the University of Texas at Austin, suggests redesigning the system as a stored-value service, which could be anonymous. Other researchers, like IBM’s Jonas, are working on even more expansive solutions that could let people share their location data and obscure it at the same time. The system would encrypt the user’s precise location data, making it impossible to accurately trace any unwilling user.
Jonas has not perfected his system. Even if he does, it is hardly a panacea. But by combining anonymizing technology with tougher legal limits on access to location data, each of us might be able to preserve a cocoon of locational privacy.
BY THE NUMBERS
Nearly 5 billion
Number of cellphone location records collected by the National Security Agency each day, according to news accounts of documents leaked by Edward Snowden
This essay is adapted from You Are Here: From the Compass to GPS, the History and Future of How We Find Ourselves by Globe columnist Hiawatha Bray, available from Basic Books, a member of the Perseus Books Group. Send comments to firstname.lastname@example.org.