MIT researchers have a great new way to protect your privacy on your smartphone: Stop giving your data away.

It doesn’t take a PhD to come up with this statement, but such a feat is clearly easier said than done. Even without NSA spying, a growing number of mobile and web-based apps collect information about us from our devices in exchange for providing a service. Want directions or an idea for lunch nearby? Allowing Yelp to know your location could help. Data collection is also useful when apps can aggregate information for many anonymous users and provide extra services. For example, Google Maps can estimate real-time road traffic conditions because it knows how quickly many people are traveling.

Instead of every application trying to collect data on the phone and send it back to servers, a user collects their own data.

This is the crux of the privacy trade-off. Up until now, to get these benefits individuals basically had to agree to give up their privacy, as almost everyone who uses the Internet or a smartphone does. Even supposedly anonymous metadata, like logs of location or phone calls, can reveal people’s identities in the hands of experts with enough motivation to reverse engineer them.

But does this have to be the way the bargain goes?

Researchers at the MIT Media Lab have created a personal data store system, called openPDS, that protects your personal data while still allowing applications to access the information they need.





“Instead of every application trying to collect data on the phone and send it back to servers to do the processing, a user collects their own data,” says Yves-Alexandre de Montjoye, the graduate student who led the work under the direction of the MIT Media Lab’s Alex Pentland. The system, called SafeAnswers, could process his or her own data in the cloud or offline on a hard drive and then only answer specific questions from apps that query to access it.

Instead of an app collecting as much location data as possible for no good reason, an app could interact with the openPDS system and ask: “Is this person home right now?” Safe Answers could send back code that answers “yes” or “no,” but wouldn’t need to provide an entire GPS log, or even data about where exactly “home” is located, to do it.