Just four points of location data from one's cellphone is enough to uniquely identify the person about 95 percent of the time, new research suggests.
Sifting through 15 months of anonymous location data from 1.5 million cellphone users, researchers found that just four points of data could uniquely identify 95 percent of the cellphone users.
"That data that has no name, email or phone number associated with it can still be personal data," said study co-author Yves-Alexandre de Montjoye, a computational social scientist at MIT's Media Lab.
The findings suggest that anonymous location data isn't truly anonymous, and that app makers and legislators may need to reconsider how they treat mobile location data.
As people go about their daily lives, their smartphones ping cell towers in the area, creating a map of their rough location throughout the day. With smartphones becoming increasingly popular, more phones have apps and many apps also store this location data.
While privacy advocates argue location information is private, courts have ruled that people don't have a reasonable expectation of privacy in public — when they are traveling out into communal spaces. As a result, police don't need a warrant to track cellphones' wireless location signals.
To see just how unique location data was, de Montjoye and his colleagues collected 15 months of time and location data from cellphone companies' 1.5 million anonymous users in an unnamed European country. Then they selected a few location and time points at random from the dataset and determined how many other people in the dataset shared those same points. About 95 percent of the time, just four location data points could uniquely identify one user.
Whereas the researchers relied on data without a person's name, which is still anonymous, in theory linking these four data points to a cellphone user's name would just require a little legwork; for instance, anyone interested could link anonymous location data with someone's location listed in a Twitter feed, which usually gives an actual name.
Even when the researchers aggregated data from 15 cellphone towers — meaning a much lower spatial resolution — from a 15-hour window, they could still uniquely identify about half the users with several data points.
Right to privacy?
The findings suggest that app developers are downloading user data — sometimes to provide useful services, and sometimes by accident— that is inherently private. As such, that data needs more legal oversight, said Hanni Fakhoury, a staff attorney at the Electronic Frontier Foundation, an advocacy group that aims to protect people's digital privacy rights.
"Legislators need to step up and say, 'Look, a company that wants to track a person's location, you need to tell your customer what it is exactly you're doing,'" Fakhoury told LiveScience. "There needs to be some punishment or penalty for taking more than you're supposed to take."
The government should also rethink its laws about the privacy of location data, Fakhoury said.
One solution would be for app developers to store processed information, rather than raw location data, de Montjoye said. For instance, a music app that automatically selects a playlist doesn't need to know a user is in Spokane, Wash., but may need a "personalized music genome," or know the user listens while running and so needs the best workout music.