Published June 17, 2013
The government doesn't need to listen to your phone calls to learn massive amounts of highly personal information about you.
Americans are still buzzing about the revelation last week that the U.S. National Security Agency (NSA) uses a formerly top-secret program called PRISM to gather huge amounts of data from Web communication services like Google, Facebook and Skype.
It's almost enough to make people forget that just hours before, The Guardian broke the story that the NSA also gathers metadata "indiscriminately and in bulk" from customers of telecommunications provider Verizon.
Metadata refers to the circumstantial information that can be gleaned from a message aside from the message's content. So, for example, the NSA might not be listening in on Verizon customers' calls, but they do know how many calls you make, the cell tower that you connect to (which reveals your general location), the time and length of your calls and the cell numbers, and the SIM card info of the people you call.
U.S. privacy laws make a distinction between metadata and communications, so even though the government supposedly needs a warrant to collect the latter (though, despite those privacy laws, the PRISM program collects communication information without a warrant), it doesn't necessarily need one to obtain metadata.
Technically, "metadata" has always been a reality of communication. But until the dawn of the Technology Age, the metadata surrounding communication was relatively limited.
Landline phone calls and emails provide substantially more metadata, but in the last five years, the amount of metadata generated by mobile phones has increased exponentially — in fact, too fast for the legal system to properly regulate and protect it.
It makes you wonder, what kind of metadata will communications include five years from now?
"The types and quality of metadata will absolutely continue to increase, in ways we haven't thought of yet," said Rebecca Jeschke of the Electronic Frontier Foundation (EFF), a California-based nonprofit advocate for digital rights based in California. "Our digital trails get wider and wider every day."
"And it's not just our phones and our online activities, and the websites we interact with," she added. "It's through our cars, with things like GPS, automatic toll transponders and increased data picked up by black boxes in vehicles."
Hanni Fakhoury, an EFF attorney, elaborated: "I don’t think it's so much there'll be new metadata, but it'll be that metadata will be able to reveal more than it already does."
[See also: MCAfee's Rookie Mistake Gives Away His Location]
For example, knowing which cell towers and Wi-Fi hotspots you use to place a call or send an email can help the government or other observers triangulate your location. As more people use mobile phones and Web-enabled tablets, the increased demand on the networks will cause providers to erect more of these connection sites. And the more there are, the greater the accuracy with which an individual user's location can be identified, Fakhoury said.
It's still hard to pinpoint, however, what the future types of metadata will be. Just think: Eight years ago, Twitter, Pinterest, Tumblr and many other social media sites didn't even exist. Today, millions of users generate content — and metadata — on those platforms every day.
One possible new source of metadata, however, could arise from facial-recognition software.
Samsung's Galaxy S III Android smartphone, for example, has a feature that can track the motion of users' eyes as they observe the screen. The phone can use this information to adjust screen brightness and even turn off the screen when users' eyes are closed. Other Android phones can also use facial recognition to unlock their screens.
"Who knows what [types of technology] we'll have 10 years from now," said Fakhoury. But one thing, he said, was certain: "We're creating more [metadata], and more will be created."