Privacy? Anonymity? In the age of social media, smart phones, online shopping, and personal drones? Really? Well, you know where we’re going with this.
According to a group of MIT scientists, the dates and locations of four purchases is enough information to identify 90 percent of the people out of a million credit card users. And when purchase prices are also known, an even larger percentage of people in the data set can be identified.
In practical terms, that means someone with copies of three of your receipts (or one receipt, one Instagram photo of you having coffee with your friends, and one tweet about the phone you just bought) has a 94 percent chance of extracting your credit card records from those of a million other people. The MIT researchers say this is possible even when no one in the data set is identified by personal information – for example, name, address, or credit card number.
MIT scientist Yves-Alexandre de Montjoye, Alex Pentland, Vivek Singh, and Laura Radaelli used a new formula to analyze the anonymized credit card transactions of 1.1 million shoppers at 10,000 stores over a three-month period. Obvious identifiers, such as names and credit card numbers, had been scrubbed form the data. Nevertheless, the researchers were able to identify specific individuals tied to particular purchasing patterns.
The MIT research is of obvious interest to both data brokers and privacy advocates and will undoubtedly fuel debates over the government’s use of metadata and online databases.
Despite the possible implications of their findings, the MIT researchers insist that the collection of big data has socially beneficial uses and should be pursued. However, they add that researchers also need to look for ways to protect privacy, and they have begun developing a system to allow consumers to store data generated by their mobile devices on secure servers.