Tech Made Simple

Hot Topics: Holiday Gift Ideas | How to Fix Bluetooth Pairing Problems | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

New Study Shows How Easily Metadata Can Give Your Identity Away

by Fox Van Allen on February 02, 2015

Credit card transactionYou’ve likely heard a lot of people talking about metadata these days. The term means, basically, “data about data.” If your name and credit card number are data, for example, then the times and locations where you last swiped that card are metadata. There are a number of privacy protections on your data, especially when it comes to courts of law. But when it comes to metadata, virtually anything goes. It’s not personally identifiable, the logic goes, so it doesn’t impact your right to privacy if it gets shared.

But is that really the case? Researchers at the Massachusetts Institute of Technology (MIT) studied the privacy implications of metadata by combing through three months worth of credit card metadata from 1.1 million people, provided by a major bank for research purposes. The scientists were given three bits of info per purchase: The amount of money spent in each transaction, the type of store visited (e.g., restaurant, supermarket) and a code number representing each person. The researchers built a computer simulation to see if this data could be used to learn the actual identities of the people behind it. The result: When compared against just four pieces of outside location data per person  – for example, a geotagged tweet showing a person’s location, GPS data pulled from your phone or a Facebook check-in – researchers were able to personally identify 90% of the credit card holders.

How? The secret, researchers, say, is that our daily spending habits aren’t exactly random. Each person has our own unique spending fingerprint – much like we all have our own unique phone use fingerprint or websurfing fingerprint. With a few pieces of outside data and a few computers powerful enough to look for patterns, just about any piece of metadata can be de-anonymized. Even when far less specific metadata was presented (e.g., what week people shopped, rather than the exact day and time), the folks at MIT were still able to ID purchasers with a 70 percent accuracy.

“We are showing that the privacy we are told we have isn’t real,” MIT researcher Alex Pentland told the Associated Press.

You can read more about the MIT metadata study in the January 30 edition of the journal Science.

[Credit card transaction via Shutterstock]


Topics

Privacy, News, Blog


Discussion loading

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.