Saturday 29 June 2013

PRISM, Meta Data & Minority Report: Why you should be conerned

As the privacy debate continues to rage about PRISM, assurances are surfacing defending the US government agencies PRISM approach, namely the covert monitoring of all internet traffic. The arguments put forward are that "we need to have PRISM to combat terrorism", "you have no need to worry if your not a terrorist" and "don't worry its only meta data we keep".  How does PRISM combat terrorism? What is meta data? Should we really be concerned if we are not terrorists?

The definition of meta data is, information about information, still not clear?  Let me explain with an example.  Take a phone call, the meta data is not the actual recording of the call, but is the information about the phone call, so who the call was made to, the length of the call, the date, time of day, and keywords spoken on the call (via voice recognition). This is an example of the meta data most likely kept.

In an email monitoring context, the meta data is the recipients of the email, date/time it was sent, approximate location (via ip address) and whether a defined selection of keywords are present within the text of the email and its attachments. This is the information the security services want to keep hold of on mass. Volumes of such meta data can then be automatically processed (data mined) to build a profile against an individual, or even groups of individuals.  It is the mining of this information which provides the desired result for the secret services, in identifying potential terrorists, that is their argument, and who is to say it doesn't work.   So if you were a potential terrorist plotting a plan, got involved in discussing bombs and the other typical terrorism keywords within your emails "too much", it would pass a threshold and your account/identity would be flagged up for closer scrutiny by the secret security services.

The same would be true with the analysis of internet websites you visited, visit too many terror related websites and you can expect to be flagged up. In fact I wouldn't be surprised if they married the email and web traffic meta data up.

In essence this is just like the movie Minority Report with Tom Cruise, but this is a reality, mining big data sets is used to predict future human behaviour events, in this scenario it is to stop terrorists before they commit an attack.

This type of data mining to predict human behaviour is nothing new, Facebook, Google, Microsoft and Amazon all use similar techniques to direct advertisements at you.  Another example is the Tesco supermarket chain, in the last 15 years Tesco has been extremely successful in growing their business. This success has been party due to Tesco mining their customer's shopping habits, with Tesco gathering information from their customer's Tesco ClubCards over the years. You could even argue Tesco are just as secretive as the US government security services with their data mining of big data.

Whether this type of monitoring of information is right or not, all depends on what side of the privacy fence you sit. But the Minority Report style predictive human behaviour presents a new and interesting privacy angle on big data mining. Especially when used to predict criminal behaviour as in the movie Minority Report, too far fetched I hear you cry, yet LAPD are piloting such as a system with great success. Predictive Policing: The Future of Law Enforcement? Where it will lead is the question...

No comments: