Most people understand the privacy implications of virtual meetings through emails and phone calls. Some of us are even aware that they are being constantly tracked. However, we assume that our physical meetings remain private. It is extremely unlikely that a bad actor will follow around everyone on earth all the time. Thus we seem to care less, if not at all, about the privacy of our physical meetings.
Someone is following you around all day, or at-least Something equivalent is happening virtually. Sadly, We should be worried.
As we speak, there exist multiple systems are recording your location. Government agencies, TeleCom. and Tech. Companies use technologies (Shown in figure) to track user mobility with alarming precision, often times without user knowledge or consent. Back in 2014, The Post reveled that the NSA was collecting location data of people living in the US through hidden back-doors into mobile phone companies [1]. Google recently admitted to secretly tracking location data from android devices, even when the GPS was explicitly turned off [2]. (For some context, there exist over two billion monthly active android device users in the world whose location history Google potentially tracked.)
One might be assured that this volume of data spanning zettabytes, potentially too much to make any sense out of. Making sense is equivalent to finding needles in a hay stack. There has also been significant research into the field of location privacy and customer pushback has lead to adoption of recent privacy techniques into how some companies collect data [3].
However, this is were moore’s law catches up and sophisticated computer algorithms come in. Computers extremely good at learning patterns and, making deep connections often invisible to, a human analyst combing through this data. Moreover these privacy techniques are at a relatively nascent stage [4] and they do not hide everything about the user.
Recent research has pointed out that we can infer alarmingly sensitive information about the individual users and their physical connections from location data [5].
Fundamentally, what would someone who follows you around all day learn about you? Stalking someone, reveals one’s personal, professional, covert connections evident through the time and place of physical meetings. Tracking an entire population’s location in real-time is equivalent to physically stalking the everyone at a fraction of the cost.
Washington post: NSA Co-Traveller Program
With the scale of user location data available, it is inevitable that organizations track nearly everyone’s physical meetings. This is happening as we speak. The post revelations documents the NSA co-traveller program [6] which looks out for physical meetings between a know perpetrator to identify potential co-conspirators, at a global level.
A couple who meet frequently are likely to be socially connected, i.e Friends, Relatives, Co-Workers, Partners (etc). Using this intuition, researchers show that one can accurately infer users’ social connections from location data of a significant population [7]. Additionally, where and when people meet can also reveal the nature of relationship between the couple. For example, a meeting late at night at an hourly motel might imply an affair.
Working with the InfoLab at USC [8], my collaborators and I introduce this problem and propose a few methods to preserve the privacy of meetings [9].
Public understanding the extent of these inferences and throwing light on the sensitivity of information leaked, will drive research and funding toward novel privacy protection mechanisms.