In the summer of 2013, after the Guardian newspaper published a government surveillance order revealing that the NSA and FBI collect records of every phone call in the United States, President Obama assured Americans that "nobody is listening" to our calls. Regardless of whether or not he was telling the truth, his comments (likely purposefully) obfuscated the problem. The metadata program that was the subject of widespread opposition and public discussion was not about listening to our phone calls. It was about compiling huge databases full of our call records—information showing who we call, when, and how long each call lasts.
Apologists for dragnet government spying often make two contradictory arguments to defend this mass surveillance: these records aren't terribly revealing, and also their collection is vital to US 'national security'. The NSA hasn't been able to prove the latter, which means it almost certainly isn't true. But researchers at Stanford have used their own data to disprove the former.
Troubled by comments from NSA defenders like Senator Dianne Feinstein that mass metadata spying is "not surveillance," Jonathan Mayer and Patrick Mutchler of the Stanford Security Lab set out to obtain their own datasets to "rigorously prove" people like her wrong. To do so, they needed data. So they created an app called MetaPhone, to "measure how much of your Facebook information can be inferred from your phone records.” Their findings are fascinating, and confirm what security and privacy experts have always said: if you have someone's metadata, you can learn a lot about them.
Using just a few months of call records from participants, the Stanford researchers found they could perform relatively simple analysis to draw significant inferences about individuals’ lives. Among some of the findings:
Participant A communicated with multiple local neurology groups, a specialty pharmacy, a rare condition management service, and a hotline for a pharmaceutical used solely to treat relapsing multiple sclerosis.
Participant E had a long, early morning call with her sister. Two days later, she placed a series of calls to the local Planned Parenthood location. She placed brief additional calls two weeks later, and made a final call a month after.
They were also able to determine whether or not participants were in romantic relationships, and if so, with whom.
In our sample of individuals with significant others, the [significant other] is the most-called number for over 60% of participants, and the most-texted number for over 70% of participants.
Metadata doesn’t lie. And while FBI and NSA analysts who have access to yours might not be listening to the actual words you say on the phone to doctors, loved ones, or gun stores, your call records alone speak volumes about your private life.