This article is more than 1 year old

A docket, tweet and selfie can reveal your identity, boffins find

Spanners thrown at metadata privacy wagon

Scientists have revealed it is possible to determine the identity of shoppers using credit card purchase and location metadata, in research that throws a spanner into national privacy laws.

The research published in the journal Science found shopping receipts could be matched with four sources of external location data acquired from repositories like social media to determine identities with 90 percent accuracy.

The study was conducted using three months of credit card records from 1.1 million people splurging in 10,000 shops, de-anonymised and leaked to the researchers by an undisclosed 'major' bank.

Knowing factors such as the price or timing of a purchase further increased the likelihood of a shopper being identified.

The correlation attacks worked in part because each string of purchases was highly unique making identification possible with additional external metadata.

It meant that a spy with a receipt in hand, a photo and a status update could accurately identify the buyer.

The work demonstrated the science behind a bungle last year when New York City Taxi and the Limousine Commission released ride metadata on its passengers that later revealed which celebrities paid for which fare.

Intrepid reporters matched the de-anonymised ride information with metadata contained in photos of celebrities hopping in and out of taxis to determine stingy and generous tippers.

"Our results render the concept of PII (Personally Identifiable Information), on which the applicability of US and European Union privacy laws depend, inadequate for metadata data sets," the four authors wrote in the paper Unique in the shopping mall: On the re-identifiability of credit card metadata.

" ... we show that even data sets that provide coarse information at any or all of the dimensions provide little anonymity and that women are more re-identifiable than men in credit card metadata."

The implications to PII sharpened the conflict between protecting user data and making it accessible for big data analytics, the quartet said.

Researchers said more work was needed to ensure privacy could be improved without hindering valuable data crunching. Specifically work should focus on differential privacy, storing metadata in highly-secured environments, and possibly issuing shopping receipts that disclosed non-specific purchase information.

"From a policy perspective, our findings highlight the need to reform our data protection mechanisms beyond PII and anonymity and toward a more quantitative assessment of the likelihood of re-identification. Finding the right balance between privacy and utility is absolutely crucial to realizing the great potential of metadata."

Researchers Yves-Alexandre de Montjoye; Laura Radaelli; Vivek Kumar Singh, and Alex Pentland from the Massachusetts Institute of Technology, Aarhus University, and Rutgers University penned the paper. ®

More about


Send us news

Other stories you might like