Data Protection: Betrayed by our own data
Mobile phones are tracking devices that reveal much about our lives. One look at our interactive map of data provided by the Green party politician Malte Spitz shows why.
© ZEIT ONLINE
The seminal electronic band Kraftwerk was well ahead of the curve musically, but even the lyrics to their 1981 song "Computerwelt" can seem uncannily prescient. "Interpol and Deutsche Bank, FBI and Scotland Yard, Flensburg and the BKA, they’ve got all our data squirreled away." What was unimaginable 30 years ago later sounded rather threatening. But today, the words are downright silly.
While government authorities like the BKA, Germany’s Federal Office of Criminal Investigation, (and the country’s database of traffic violations in Flensburg) do indeed have a trove of information about us, the greatest source of data about our lives is much more banal. The real snitch is in our pocket – our own mobile phone betrays us. That’s why the Chaos Computer Club has rechristened the powerful mini-computers we carry around with us as "tracking devices" revealing where we’ve been and what we’ve been doing.
In a report prepared for Germany’s Constitutional Court in July 2009 , the hacker group described what kind of information could in theory be collected according to the country’s data retention (Vorratsdatenspeicherung) rules and what could be gleaned from it. The court later stopped data retention as it was practiced at the time, but law enforcement officials and the government have by no means abandoned the concept. The possibilities offered by such seemingly harmless data are just too seductive. In the next few weeks, the German government is set to decide on new data retention rules.
Most people’s understanding of what can actually be done with the data provided by our mobile phones is theoretical; there were few real-world examples. That is why Malte Spitz from the German Green party decided to publish his own data collected from August 2009 to February 2010. However, to even access the information, he had to file a suit against telecommunications giant Deutsche Telekom.
The data, which ZEIT ONLINE has made available for download and acts as the basis for our accompanying interactive map , were contained in a massive Excel document. Each of the 35.831 rows of the spreadsheet represents an instance when Spitz’s mobile phone transferred information over a half-year period. Seen individually, the pieces of data are mostly inconsequential and harmless. But taken together, they provide what investigators call a profile – a clear picture of a person’s habits and preferences, and indeed, of his or her life.
This profile reveals when Spitz walked down the street, when he took a train, when he was in an airplane. It shows where he was in the cities he visited. It shows when he worked and when he slept, when he could be reached by phone and when was unavailable. It shows when he preferred to talk on his phone and when he preferred to send a text message. It shows which beer gardens he liked to visit in his free time. All in all, it reveals an entire life.
- With whom, when, how long and where
The law that the German Constitutional Court ruled unconstitutional on March 2, 2010, has been in place since 2008. It requires all telecommunications providers with more than 10.000 customers to save records of all calls and connections for six months.
That means the entire communications record and all attempted efforts at communication via telephone, SMS, e-mail or internet are logged and preserved for half a year. Not the actual content, but all kinds of metadata that can reveal something about the type and nature of a contact.
- No longer innocent until proven guilty
The intention of lawmakers is to make such data available to law enforcement – especially when hunting terrorists. However, estimations by telecommunication providers would seem to support the assumption it would also be used to trace lesser crimes such as illegal file transfers, fraud and slander.
Aside from that concern, a main criticism is that data retention potentially places every citizen under suspicion and such surveillance could end the presumption of innocence.
Moreover, there are studies that show telecommunications data can be used to create detailed behavior profiles considered by some observers to be as at least as revealing as monitoring calls and other forms of communication.
To illustrate just how much detail from someone’s life can be mined from this stored data, ZEIT ONLINE has "augmented" Spitz’s information with records that anyone can access: the politician’s tweets and blog entries were added to the information on his movements. It is the kind of process that any good investigator would likely use to profile a person under observation.
To prove how exact the data provided by his mobile phone is, his appointments are also shown as they were publicized on the Greens’ website. The locations revealed by mobile towers are mirrored there.