What the NSA Might Have Wanted to Learn From Tracking Your Phone

Add this to the list of creepy things the National Security Agency has done to spy on you via your mobile phone: During a series of experiments in 2010 and 2011, the agency gathered up location data.

The latest disclosure came yesterday from the New York Times, which obtained a draft of written answers to expected questions prepared for James Clapper, the U.S. director of intelligence, ahead of congressional hearings.

The NSA never took the program to an operational phase, and Clapper’s answer said it was intended to see how the location data would work with its existing systems. The question is, had the agency taken it operational, what did it expect to learn?

Probably a lot, and there has been a lot of academic work on the subject with which I’m certain the NSA’s analysts would have been familiar.

The NSA’s experiment reminded me of some others done by researchers at MIT and elsewhere using calling and location data gathered en masse from phones. The research had gotten a lot of attention in the media, well before all these new disclosures about the NSA’s various collection programs, like PRISM. The Wall Street Journal’s Robert Lee Hotz took a look at some of it in 2011. I even wrote about some of it in 2008 for Businessweek magazine.

In 2005, professor Sandy Pentland and Nathan Eagle, then a PhD candidate at MIT, handed out 100 Nokia 6600 smartphones to a bunch of students and faculty, and tracked their every move for nine months — collecting call logs, Bluetooth devices in proximity, the cell towers they were closest to, application usage and phone status. They collected data on some 45,000 hours of human activity in the process.

Tracking how often the phones came close enough to other people’s phones turned out to be an excellent predictor of whether or not a user was friends with another person. “Workplace colleagues, outside friends, and people within a user’s circle of friends were identified with over 90 percent accuracy,” the paper said.

Elsewhere in the paper is the meat of their findings: “By continually logging and time-stamping information about a user’s activity, location, and proximity to other users, the large-scale dynamics of collective human behavior can be analyzed. … Furthermore, a dataset providing the proximity patterns and relationships within large groups of people has implications within the computational epidemiology communities, and may help build more accurate models of airborne pathogen dissemination, as well as other more innocuous contagions, such as the ﬂow of information.”

In short, tracking your phone is a pretty good way to figure out who you know, where you’ve been and who you may have talked to. (Pentland and Eagle published a paper about this in the Journal of Personal and Ubiquitous Computing, which you can read here.)

There’s more. In August 2005, Eagle and two other researchers, with the cooperation of wireless and landline phone companies, collected data on 99 percent of wireless phones and 99 percent of home and business landline phones in the U.K. (They published their findings in the journal Science in 2010, and you can read that here.) Their aim this time was to determine if there’s a connection between your economic status, the diversity of your social network, and how much you communicate by phone.

The findings here were a little less conclusive. People in prosperous and less-prosperous communities made about the same number of calls, but people in the prosperous ones tended to have more diverse social networks.

But there’s also a potential social benefit to tracking your phone’s location that has a lot less to do with spying. If you’re sick or have been exposed to someone who is, your phone will have data showing who you’ve been close to. During a public-health emergency — say, an outbreak of the flu — phone data could be a treasure trove for epidemiologists and public-health officials.

Again, Eagle, this time working with six other researchers, published a paper in Science (it’s from 2012, and you can read it here). For a year, starting in June of 2008 and ending in June of 2009, they tracked the locations of nearly 15 million mobile phones in Kenya. They logged every call and text message, and cross-referenced that with their proximity to each of the 11,920 cell towers in the country.

They used the data on human movements to track the probability of the spread of malaria parasites. (I didn’t know this: Mosquitos carry and spread malaria, but humans do, too.) The result: “The high spatial resolution of our mobility data allowed us to pinpoint particular settlements that are expected to receive or transmit an unexpectedly high volume of parasites compared with surrounding regions.” In short, tracking the movements of people was a good way to track the spread of malaria.

I talked to Eagle for a few minutes yesterday, and asked him what he thought of the NSA’s research, and what he thought the data might be used for. While he’s intimately familiar with the kind of data the NSA would have been working with — Call Detail Records, or CDRs — he declined to guess as to the NSA’s motivation. “I know the data they would have been working with very well. But I wouldn’t care to speculate about why they wanted it,” he said.