Telephone Breadcrumbs: Google lets you look at (some of) your metadata

A Google employee recently demonstrated on his blog just how revealing data collected by our telephones can be.  The digital information about our activities that is generated by our telephones and other electronic devices is known as “metadata,” and has been the subject of much debate since Edward Snowden released a trove of NSA documents.Metadata

One of Daniel Russell’s roles at Google is showing the public just how powerful the research tools provided by Google really are. Every week he posts research challenges on his personal blog, SearchResearch, and then demonstrates how he would tackle the challenges.

Last month, he asked his readers “what can you deduce” from a file that he uploaded to the blog. The file contained GPS information, one of the many sorts of metadata generated by our telephones. In effect it recorded Russell’s location every few minutes over a one-week period, so long as his phone was turned on.

The same sort of data is being collected on everyone who has a phone with GPS enabled. If your phone runs on android and you want to look at where you went in the last week, or download the information all you need to do is visit: (iphone and ipad can also click the link, because under some circumstances Google is collecting this data on them).

In the comment section of the blog readers commented on what they had learned, including where Russell had traveled, where he lived, the hotels he stayed at, and what coffee shop he frequented in the mornings.

However in a series of follow up posts Russell showed much more could be learned from the file. For example, he showed how you could measure the speed travelled between any of the two times recorded in the file. With this speed you can determine when was travelling by car, walking or riding a bicycle.

Using freely available tools online tools, a tremendous amount of insights can be gathered on someone’s life based on their GPS coordinates. Yet, this pales in comparison to the sort of analysis that can be carried out by law enforcement and spy agencies that are in the business of collecting this sort of data.

Many of the analysis tools used by spy agencies are shrouded in secrecy, but due to the documents released to the media by Snowden some details have emerged. The Washington Post reported on and NSA program called CO-TRAVELER, in which they track not only the metadata from a targets telephone, but also “incidentally” gather information from the telephones of everyone else who is in the same vicinity. Through state-of-the-art analytic techniques they use this data to determine who the target is meeting or travelling with.

Defenders of spy agencies have argued that the bulk collection of metadata is not intrusive to someone’s privacy in the way that eavesdropping on a phone call is. But critics have contended that analyzing someone’s metadata can reveal even more about their activities than the actual contents of a phone call.

Here in Canada, metadata made headline when the CBC reported that the Communication Security Establishment (CSE), the Canadian agency with close ties to the NSA, was gathering metadata on travellers at a Canadian airport.  The retired judge who oversees CSE’s compliance with the law, determined there was nothing wrong with this collection, despite noting that “the law prohibits CSE from directing its activities at Canadians”.

There are some noteworthy arguments that the media misunderstood the use of airport travellers metadata, but CSE collect a much vaster amount of metadata than what was used in that program. In fact CSE sees collecting metadata as crucial to fulfilling its mandate.

The BC Civil Liberties Association is currently suing the CSE due to it “sweeping collection of metadata information produced by Canadians.”  Geo-location information is included in their suit.

But the government defends its use of metadata noting, “Metadata is not a communication that conveys or attempts to convey meaning, but rather information of a technical nature.”

It is not just spy agencies who are collecting metadata, police make use this information, and can acquire it through a warrant, or by having it voluntarily provided to them. However the corporations who collect information on their customers can also put it to use in order to gain insights on their lives.

In November, the Silicon Valley corporation Uber, disciplined one of its own executives following accusations that he tracked the whereabouts of a journalist who was critically reporting on the company. The company had developed a tool called “God View” that facilitated this sort of snooping.=

I have been well aware of the degree to which metadata can reveal immense amounts of information about our lives, but I had never analyzed metadata myself. Reading Russell’s blog posts I got a hands-on sense of what doing that sort of analysis is like, the sort of false signals that appear, and more concretely how you would use that data to understand someone’s life in an intimate way.

If you want to increase your skills as a researcher, I highly recommend Russell’s blog: Search Research. I don’t always have the time to tackle the challenges, but I always get a lot from reading it.

3 thoughts on “Telephone Breadcrumbs: Google lets you look at (some of) your metadata

  1. Please stop using Location History in the same FUD-y way as everyone else. You have to turn this feature on. The fact we can access this data is a nice thing to people like myself. Yes, there are scary security concerns around data collection, but they happen anyway. It would be a disappointment, in a reciporical data and awareness way, if these kinds of features were hidden because some people spin this feature as an unexpected security loophole.

    1. Hi David, Thanks for the comment.

      To be clear I think it is wonderful that Google makes this feature available, the point of the piece is to give people one example of how revealing metadata is. Many companies are collecting this sort of data and not providing the transparency that Google does.

      However, it is not exactly true that ‘you have to turn this feature on’. I sat in a cafe and asked a few people to check out the site, and they were taken a back by what they saw. If they opted in, they certainly did not know that this was the case.

      Mostly why I wrote the post was because I think there needs to be more examples available to people from a non-technical background of what metadata can do. I am skeptical of the idea this would make Google take the tool away.

      1. It’d definitely be a bug at least if location history is active without explicit consent (though if I recall correctly it used to be on by default). But for people I’ve explored the feature with had to enable it (and they enjoy it very much). I would have at least mentioned this aspect. Maybe your readers are more aware, but I saw Location History being passed around in several sensationalist blog posts as some huge privacy invasion when in reality it’s not.

        I understand your perspective as a journalist would tend toward alerts. And I do work in online security so understand the issues.

        There is a huge tension where really interesting and fun/useful emerging features are essentially built on surrender of privacy. Why complain about GPS embedded in mobile images when capturing images on its own can be exposing, when anything can be located using databases available today (eg Google Goggles). So do ‘we’ shut it all down and only enable the most powerful agencies access? That would be the worst outcome but probably one some agencies would prefer, to create a wide separation in access to information and processing.

        Thanks for your response!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s