Recent work published in Science, Nature Scientific Reports, and IEEE Data Engineering on the privacy challenges of large-scale behavioral data shows that metadata from mobile phones and credit cards might not be as anonymous as we think. At a time where tremendous amounts of user data are becoming available, understanding the limits of an individual’s privacy will be crucial in the design of safe infrastructure for using big data.
Yves-Alexandre de Montjoye shows how metadata can work as a fingerprint to identify people in a large-scale metadata database even though no “private” information was ever collected; only four points—approximate places and times—are enough to identify 95% of individuals in a mobility database of 1.5 million people and 90% of individuals in a credit card database of 1 million people. This digital fingerprint turns out to be more unique than a physical fingerprint.
Yves-Alexandre explains how human behavior puts fundamental constraints on the privacy of individuals and why traditional data protection schemes are outdated. Indeed, these constraints hold even when the resolution of the dataset is low. In both cases, even coarse datasets provide little anonymity. Yves-Alexandre then shares a formula to estimate the uniqueness of human mobility traces that can be used to estimate the privacy of a dataset if you know its spatial and temporal resolution.
For all of the problems, this data is, of course, of great value, and all of us—users, companies, and scientists—have much to gain from its. There is far more to mobile phone, credit card, or wearable data than just privacy concerns. Yves-Alexandre concludes by offering an overview of OPAL (open algorithms), a new project that enables safe big data use using modern CS tools (SafeAnswers, APIs, encryption, blockchain, etc.) in development at Imperial College London, Orange, the WEF, and the MIT Media Lab.
Yves-Alexandre de Montjoye is a lecturer at Imperial College London, a research scientist at the MIT Media Lab, and a postdoctoral researcher at Harvard IQSS. His research aims to understand how the unicity of human behavior impacts the privacy of individuals—through reidentification or inference—in large-scale metadata datasets such as mobile phone, credit cards, or browsing data. Previously, he was a researcher at the Santa Fe Institute in New Mexico, worked for the Boston Consulting Group, and acted as an expert for both the Bill and Melinda Gates Foundation and the United Nations. Yves-Alexandre was recently named an innovator under 35 for Belgium. His research has been published in Science and Nature Scientific Reports and has been covered by the BBC, CNN, the New York Times, the Wall Street Journal, Harvard Business Review, Le Monde, Die Spiegel, Die Zeit, and El Pais as well as in his TEDx talks. His work on the shortcomings of anonymization has appeared in reports of the World Economic Forum, United Nations, OECD, FTC, and the European Commission. He is a member of the OECD Advisory Group on Health Data Governance. Yves-Alexandre holds a PhD in computational privacy from MIT, an MSc in applied mathematics from Louvain, an MSc (centralien) from École Centrale Paris, an MSc in mathematical engineering from KU Leuven, and a BSc in engineering from Louvain.
©2017, O’Reilly UK Ltd • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • email@example.com