This is a guest post from Ali Moinuddin. Ali is Chief Marketing Officer at Workshare, who produces document comparison and review software for the legal profession. Ali has over 15 years of experience in supporting high growth companies, and before joining Workshare was CMO at SkyDox, Director of Marketing at Interxion, Director of Marketing EMEA for SPL WorldGroup (now a part of Oracle), and Marketing Manager EMEA and Asia-Pacific at Kana. You can connect with him on Twitter. Take it away, Ali.
The issue of digital privacy in a connected world was thrown into the spotlight last year as a result of the vast stores of information leaked by former NSA contractor Edward Snowden.
Snowden ultimately provided solid evidence showing that government agencies in both the US and the UK were spying on huge numbers of citizens through the harvesting of data from phone calls and other sources, all in the name of protecting national security and fighting terrorism. For many critics, this was not a good enough justification for what felt like the emergence of a sinister surveillance state.
Businesses were similarly disturbed by the ongoing scandal, either as a result of being actively coerced into releasing data to intelligence organisations or because they feared that mission-critical information was being exposed as a result of being hosted remotely on a third-party provider’s infrastructure.
In the early stages of the scandal, the NSA and other implicated parties attempted to enact some hasty damage limitation, claiming that the privacy of individuals had not been breached to the extent that was being reported. This boiled down to the argument that the collection of so-called ‘metadata’ did not give agents access to any other sensitive information pertaining to the people involved.
In the past, it may have been hard for anyone to actually prove definitively whether or not this claim was valid. But the emergence of smartphones, apps and superfast connectivity allowed one student at Stanford University to get to the bottom of the matter and ultimately make the NSA look even more sinister and deceptive than it did already.
Android App Agency Assault
It is safe to say that Jonathan Mayer is an exceptionally intelligent and enterprising young man, irrespective of his achievements relating to the uncovering of the NSA’s mistruth over metadata. On top of his PhD in computer science, Mayer was able to earn a law degree at one of America’s most prestigious seats of higher learning and simultaneously create the crowd-sourced solution to the question of whether or not people were actually having their private data compromised by government agencies.
What gave Mayer’s project so much leverage and earned it international coverage was the ease with which he was able to prove just how damaging the seemingly innocuous metadata relating to millions of phone calls could be, if someone with access to it wanted to exploit it for whatever reason.
Mayer and his research partners crafted the MetaPhone app for the Android operating system which allowed them to log information on all the calls and texts made and received by each handset upon which it was installed. Hundreds of people downloaded the app to participate in the experiment, which also gathered data relating to their Facebook profiles to act as a point of comparison and indicate whether or not the predictions made from the metadata were accurate.
The key point here is that while individual pieces of data about a call, text or other interaction may seem meaningless when viewed out of context, compiling lots of this information over time makes it possible to paint a worryingly accurate picture relating to the life of the person being scrutinized.
For example, it was reported that, as part of the initial trial, Mayer and his fellow academic Patrick Mutchler were capable of predicting whether or not a person was in a romantic relationship in almost two out of three cases. So while some people may have assumed that things such as their geographic location were at risk of being compromised by third parties, it seems that the extent of the espionage could go much further, just from the analysis of superficially bland data.
Stanford University spokesperson Aleecia McDonald explained that the NSA leaks and the evidence of mass surveillance had been a sensitive issue for many observers, especially because of the denials of wrongdoing issued by the agencies involved. But with the help of the Android app created by Mayer and the ongoing research that it has made possible, the veil of secrecy which has been deployed in the aftermath can be destroyed and the truth allowed to emerge.
McDonald went on to say that the issue is not that the government is carrying out surveillance at all, because of course many people accept this as a necessary part of the work it does to protect the interests of the nation. Instead there is much ire about the fact that the NSA and others were essentially throwing out a dragnet to dredge up huge amounts of information about millions of entirely innocent people, which Mayer then proved could be used to make precise predictions about where they are, what they are doing and who they are doing it with.
Of course, all of this may only serve to stoke concerns about the extent of modern surveillance systems rather than quelling them. And since the cloud allows for data spread across a number of locations, individuals and businesses are inevitably going to become increasingly concerned that their information is more vulnerable as a result, even if this approach is taken to facilitate continuity and enable back-ups.
Jonathan Meyer may have got to the bottom of an issue of government espionage using his innate understanding of programming, but his diverse educational background and interest in politics are pushing him towards a future in the halls of power, if not necessarily as a politician.
Ultimately, this bright, ethically motivated youngster is intending to head to Washington and work to influence government policy, presumably so that such scandals do not occur in the future. Perhaps in this way he will be able to fight for privacy while avoiding the state of exile in which Edward Snowden is still trapped.