Cell Phone Tracking Reveals Users' Habits

DinkyDogg writes "'New research that makes creative use of sensitive location-tracking data from 100,000 cellphones in Europe suggests that most people can be found in one of just a few locations at any time, and that they do not generally go far from home.' More interesting than their conclusion, however, is how they got their data. 'The researchers said they used the potentially controversial data only after any information that could identify individuals had been scrambled. Even so, they wrote, people's wanderings are so subject to routine that by using the patterns of movement that emerged from the research, "we can obtain the likelihood of finding a user in any location." The researchers were able to obtain the data from a European provider of cellphone service that was obligated to collect the information. By agreement with the company, the researchers did not disclose the country where the provider operates.' Any guesses which European country requires cell phone providers to record where their customers make calls, and then allows them to give that data away without disclosing that they have done so?"

Is that really so surprising?

[jawtheshark (198669)]

My typical day is: wake up, shower, go to work, be at work 8h (I don't go out for lunch), go back home, cook, eat, relax, sleep. That adds up to 2 places where I'll be, and anywhere on the highway to work. Add in grocery shopping in one of the two nearby supermarkets and you pretty much know where I'll be on any given day Monday to Friday.

On weekends it might be a bit more complex because I go to the recycling centre, eventually visit my parents or my wifes parents, go to a restaurant, the movies, but even then.... What is it going to add up to? A dozen places?

This only proves that we're routine-animals. That's all....

Re:Is that really so surprising?

[bloodninja (1291306)]

My typical day is: wake up, shower, go to work, be at work 8h (I don't go out for lunch), go back home, cook, eat, relax, sleep. That adds up to 2 places where I'll be, and anywhere on the highway to work. Add in grocery shopping in one of the two nearby supermarkets and you pretty much know where I'll be on any given day Monday to Friday.

This is why I walk my dog a different route each day. I don't even know what route we will take until we are back. It adds a little bit of surprise and a little bit of uncertainty into an otherwise very uniform and repetitive existence.

Re:Is that really so surprising?

[nurb432 (527695)]

Dogs like routines. Don't you know you are causing great mental anguish to your pet?

You are a cruel pet owner.

Re:Is that really so surprising?

[Z00L00K (682162)]

My guess is that even dogs like to come out finding new tracks and sniffing new scents. I would hardly define that to cause a neurotic dog. Being utterly bored is on the other hand a cause for neurotic dogs and also humans.

But when you are in your home ground you can quickly start habits and tracks that you are comfortable with.

A more interesting application of the cell phone tracking is actually that it can give planners a better understanding of the travel patterns for people. This in turn can be turned into effective public transportation, better road planning etc.

From a historical point of view it is understandable that humans do have very fixed patterns. If you know the terrain then you know where the threats may be and where to find food & other good things in life. This is why we feel awkward as soon as our favorite store remodels and currently all aisles are changed or placed in new directions.

Of course - if we were to live in an ever-changing world we would adapt to that too.

Re:Is that really so surprising?

[by Anonymous Coward]

I vary my route to and from work just a little each day...to keep the terrorists guessing. It's the only way to be sure.

Re:Is that really so surprising?

[harry666t (1062422)]

Interesting. On the contrary, I never know where I'm going to wake up after a party. Once I woke up in a hotel in another city.

Re:Is that really so surprising?

[mh1997 (1065630)]

This only proves that we're routine-animals.

And for the most part, you probably visit the same websites on any day.

New Physics

[brunokummel (664267)]

...that most people can be found in one of just a few locations at any time,

Forget those losers, I wanna know about the people that can be in 2 or more locations at the time!

Odd conclusion

[thedrx (1139811)]

Any guesses which European country requires cell phone providers to record where their customers make calls, and then allows them to give that data away without disclosing that they have done so?

This is not necessarily the type of data they collected.

Here in Europe, in some countries, cell phone companies offer a service that can reveal a phone's location (with the precision of a fraction of a kilometer/mile) at any given time from any place actually. It's useful for tracking your phone when it gets stolen, or spying on your spouses.

However, the owner of the phone must consent to this service. Any tracking (except maybe for aid in criminal investigations?) without the owner's consent would be very illegal. And I suspect what happened here, is the company collected data of such consenting owners.

Whether they consented to having their data used in research, well, that's another matter.

Re:Odd conclusion

[Richard W.M. Jones (591125)]

Here in Europe, in some countries, cell phone companies offer a service that can reveal a phone's location (with the precision of a fraction of a kilometer/mile) at any given time from any place actually ... Any tracking (except maybe for aid in criminal investigations?) without the owner's consent would be very illegal.

Very definitely this is used in criminal investigations. In the case of the Soham murders [wikipedia.org] back in 2002, one of the victims had a phone which the murderer had turned off. In a public appeal the police said they'd sent a message to the phone, trying to trick the murderer into turning the phone on (which would reveal its location).

In fact this trick didn't work, but mobile phone location data was still crucial. Police plotted all the walking routes [mobilemonday.net] around where the phone was last located just before it was switched off, and from this found the suspect (later, murderer's) house and also disproved his alibi [bbc.co.uk].

Rich.

Pretty sure it must be the Netherlands

[Idaho (12907)]

If you think the USA is bad with regards to telephone taps and the like, try the Netherlands.

Last year, in the Netherlands 25,000 phones where tapped (for different periods of time). These are published numbers (I could link to them but the articles are in dutch only so, well..)

In the USA, the official numbers are somewhere around 2200 phone taps (in 2007).

But that's not all; keep in mind that the USA has over 300 million inhabitants. The Netherlands has only 16 million.

So either the USA government is doing a much better job of keeping even the fact that phones are tapped at all hidden from public scrutiny, or it really is much, much worse here (in this regard, at least).

Re:Pretty sure it must be the Netherlands

[value_added (719364)]

So either the USA government is doing a much better job of keeping even the fact that phones are tapped at all hidden from public scrutiny, or it really is much, much worse here (in this regard, at least).

Much worse only begins to describe it. The Netherlands have more than 10x the number of terrorists we do.

Re:Pretty sure it must be the Netherlands

[Z00L00K (682162)]

I read it as official numbers are the number of taps by "normal" police, i.e. local and FBI, probably mostly FBI.

And then we have NSA, CIA, DHS... Do you believe they will provide any kind of statistics? It's all about deniability.

And of course - there is a rule of evidence in the US, this means that illegally acquired evidence can't be used. So that in turn means that "anonymous tip" can be an acronym for wiretapping, which in turn can lead to other means of surveillance and evidence gathering. To add to this it's possible to do a setup to obtain plausible deniability. Why do you think that the US have so many different agencies that overlaps?

My Guess? ...Britain

[polyp2000 (444682)]

It wouldnt surprise me if it was Britain. Every day i learn something new that makes me despise living here. After all we are generally regarded as being the most spied on nation in the world.

The other day i realised that my entire journey from home to work i am exposed to at least 15 cameras along the entire journey. We have cameras on streets, platforms ,buses and trains. When I worked in canary wharf it was more like double that as i needed to use the Tubes which are also littered with CCTV. Some of them actually talk (http://news.bbc.co.uk/2/hi/uk_news/england/6524495.stm)

While I appreciate its "there to protect us" Im afraid i dont trust the people who's job its to monitor them.

So that's why i wouldnt be at all surprised if it was the UK tracking moves - after all they are tracking everything else.
(http://en.wikipedia.org/wiki/RAF_Menwith_Hill)

The upshot of this...

[MikeRT (947531)]

Is that it gives the government even less excuse to use no-knock raids for crimes that could easily be handled by regular police work. Take the case of Ryan Frederick [codemonkeyramblings.com], for example. The police created a situation where they ended up losing an officer after they attacked the house of a suspected drug dealer (who shows all signs so far of being completely innocent). Had the police gotten his cell phone information and mapped his daily routine, they could have discretely caught him by surprise in a public place, taken him in for questioning, and the only one going to jail would have been the police informant who lied his ass off and victimized both sides. This cell phone tracking actually gives civil libertarians an argument as to why these raids cannot possibly be justified in most cases because the police can figure out where the person is going, and ambush them when they have the advantage (something they don't have when assaulting a home).

Re:Germany!

[fluch (126140)]

T Mobile? I would not be surprised.

The country is definitely Germany. You can get the publication in question from the authors homepage [nd.edu] Then take figure 1a (as suggested in hweimer's [slashdot.org] blog [quantenblog.net]) and lay it over some google map, appropriately scaled.

The data is definitely centered around Germany, but tracks reach to Austria, Switzerland, Netherlands, Belgium, Poland and Cech Republic...

Re:Germany!

[F\x{00eb}an\x{00e1}ro (130986)]

The data is definitely centered around Germany, but tracks reach to Austria, Switzerland, Netherlands, Belgium, Poland and Cech Republic.

Hmm, the blog you linked only suggests that cou could search for the right location by matching maps, but the author has apparently not yet found it.

What makes you say that the data is centered on Germany? Have you found the actual place that matches the cell phone tower locations? could you tell the coordinates?

Re:Some countries use it to track traffic jams

[jabuzz (182671)]

The data is *VERY* useful in retrospect for tracking down criminals and terrorists after the event, and providing evidence to secure convictions. Within a couple of days of the failed 21/7 bombings in London for example telephone records had enabled them to track one of the suspects to Rome where he was promptly arrested and deported back to Britain. The whole lot where tracked down within a week.

As for anonmyization, you may be able to track individual users, but if you have scrambled the locations so they are no longer meaningful (ie. they do not represent any real coordinate system) I guess it would be pretty difficult to unpick it. That is the x,y location information is arbitrary coordinates and not the lat/long or whatever local grid is in use.

I Disagree

[FurtiveGlancer (1274746)]

"Anonymized" may be defined as data that cannot be traced to a named individual. Individuals may still be tracked by other means (arbitrarily assigned number, vice real phone number) to determine patterns without violating individual privacy. So long as they don't specify home addresses, cell numbers or other personally identifiable data, this is valid anonymity.

Of course, this is different from claiming that the data would be used for statistical puroposes only. This study used the data for sample correlations beyond bulk statistical analysis.

There's data, then there's data

[HangingChad (677530)]

Contrary to what the paper suggests, the data has not been anonymized.

You're exactly right. Give me access to cell phone location data and I'll be able to identify the individuals. If they know people don't wander far from home, then they know where home is. And where work is. It'll take all of ten minutes to add a name to a pattern of behavior. The concern becomes a group that lacks collective conscience...like the Bush administration....starts using anonymous data to look for suspicious patterns of behavior. Justifying the surveillance by suggesting that they're not spying on individuals, merely looking for suspicious patterns. Sound familiar?

Then think about how that could be abused. I was watching a news story about a local anti-terror exercise that involved the feds and local law enforcement. The DHS spokesperson actually said that any criminal activity can be used to support terrorism so anti-terror exercises get muddled together with law enforcement. Every criminal is a potential terrorist. It's happening in the banking industry. The monitoring provisions were put in place to look for terrorist activity, but now banks are reporting any suspicious transactions down to $1,000. Anyone think Elliot Spitzer was a terrorist? The monitoring program that netted him was put in place to monitor for terrorists but once it became obvious Spitzer was not funneling money to Al Qaida, the investigation continued under the mantle of law enforcement. Okay, so law enforcement starts monitoring cell phone GPS data looking for suspicious patterns of behavior, at first looking for terrorists, but since any crime potentially supports terrorism, it starts getting more widespread and granular. Going to a particular street in a particular part of town...like a mosque...could flag you. Sending money to a family member overseas or just being in the vicinity when a crime takes place. Maybe law enforcement starts using cellular GPS data to locate potential witnesses. Want to explain to the boss why the cops showed up and wanted to know if you saw anything while visiting the "entertainment" district last night?

The anonymous element is an intellectual dodge. There's nothing anonymous about your pattern of behavior, it's as unique as a fingerprint. This is real 1984 kind of stuff.

I'm more afraid of widespread monitoring than terrorism. Once you start chipping away at the edges of privacy it's hard to get back. And, right now, we're paying billions of our tax dollars to create an agency that regularly pounds our right to privacy with a sledgehammer.

Re:Isn't this article a bit delayed?

[I confirm I'm not a (720413)]

I happened to read this three days back....Granted, I should have submitted it then.

If you had submitted it back then we'd be reading it again now as a dupe. You were doing us a favour!

Can you vote a telco out? :P

[Moraelin (679338)]

so, when are you voting out the people who did this?

Umm, I wasn't aware that you can "vote out" a telco. (Or we would have voted out the dimwits from the Deutsche Telekom a long time ago.) Much less that you can vote out some researcher which doesn't even live there.

There were some data retention and privacy laws that were definitely broken. Which I strongly suspect is why they put an explicit condition to not be named. And from there it's up to the police and courts to apply those laws. I don't think you can vote on _that_. And it's probably better so, because justice isn't and shouldn't be a popularity contest.

The voting in and out has to do with the fact that we got those laws in the first place. You know, instead of weasel arguments about how the 4th amendment doesn't apply (A) to the government (then to who the heck _does_ the US constitution apply?), or (B) if it wasn't literally your papers or house being searched, or (C) by conveniently defining that if it happened over some company's lines, it's in public and noone really needs a warrant to observe that, or (D) if it allows a company to earn a few more bucks, or a few other variations.

And _if_ any politician wanted to make this thing legal, or give them a free pass, _then_ we'll vote him out. But I really doubt that they will. At worst we'll see some impotent posturing, and claims that it's impossible to determine who and whether a law has actually been broken or the researcher in case has just invented the data. (Which I strongly suspect he'll claim, once the ball starts rolling.)

But seriously, I doubt that any major politician, at least in Germany, will want to be seen as officially on the side of letting any company sell your data to the highest bidder. Although the country did slide a bit to the right lately, it's by far not at the point where anyone wants to be seen as arguing that the corporations should have unchecked power over their customers. It would be a _very_ unpopular point of view, and their political opponents would use it to the max to their own advantage. Sometimes even members of their own coalition.

(Here elections usually don't get "won" by any party, but about some uneasy coalition of several parties, to total more than 51% between all of them. With the implication that if you make yourself extremely unpopular, you might not even need to wait for the next elections to be voted out: a coalition can reform the other way around over night, moving you from head of the winning coalition to the largest opposition party. It's not a usual occurrence, but it can happen.)

But anyway, we'll wait and see. So far it's hardly some orwellian government plot, it's just one company which broke the law. It happens in the USA too, without always meaning that it reflects some government stance. See, for example: Enron [wikipedia.org].

From here, it can go in a lot of possible directions, not just "it's the way the government wants it". If it goes the wrong way, we'll vote some politicians out. If not, not. It's really that simple.

Re:Can you vote a telco out? :P

[drew (2081)]

I believe the GP was talking about voting out the people who passed the laws obligating the phone company to collect the data in the first place. TFA is a little short on detail, but it sounds like, far from having broken the law, the telephone company was actually complying with the law by collecting this data. There is no mention about whether laws were broken in sharing the data with the researchers who performed this particular study. However, the point remains that somebody is legally required to have this data, and whomever that "somebody" is, they have this same ability to track individual users. And now, thanks to this research, we understand the implications of that.

Re:Well, there goes the myth of the EU saner than

[MrMr (219533)]

The (putative) sanity of the EU is not really the issue. It appears that the provider and the researchers have violated the EU legislation, and especially "Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data" ( http://en.wikipedia.org/wiki/Directive_95/46/EC_on_the_protection_of_personal_data [wikipedia.org] ).

For instance with respect to this article:

Personal data are defined as "any information relating to an identified or identifiable natural person..."

I'm not sure 'anonymizing after billing' as the authors did is sufficient to make the data non-personal (the gist of the article is after all that you can be identified by your stereotypical movements...)

Data may be processed only under the following circumstances (art. 7):

        * when the data subject has given his consent
        * when the processing is necessary for the performance of or the entering into a contract
        * when processing is necessary for compliance with a legal obligation
        * when processing is necessary in order to protect the vital interests of the data subject
        * processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or in a third party to whom the data are disclosed
        * processing is necessary for the purposes of the legitimate interests pursued by the controller or by the third party or parties to whom the data are disclosed, except where such interests are overridden by the interests for fundamental rights and freedoms of the data subject

None of those conditions seem to be met...

Re:Man, I wish I hadn't used up my mod points earl

[MiniMike (234881)]

And guess who got elected as a result of that?

Tweedle-dumb?