AMITIAE - Monday 2 February 2015
Cassandra: Use of Metadata to De-anonymize Credit Card Records
By Graham K. Rogers
Our telephones, emails, photographs, for example, all contain metadata that is collected by some agencies, although we are assured that all they do is store it in case it is ever needed later (in itself not wholly reassuring).
On the other hand, in a debate on security and tracking, former head of the CIA, General Michael Hayden, was happy to tell the audience, "We kill people based on metadata" and his semi-retraction - "just not this metadata" - was insufficient to neutralize the chill his first comment had created.
In another warning about the risks that metadata might bring, researchers have found that with four pieces of information that showed people's movements on particular days, it was possible to re-identify 90% of credit card users whose names and card numbers had been previously been stripped from records.
Reporting for HelpNet Security, Zeljka Zorz, outlines the work done by researchers at MIT's Media Lab, suggesting that users should be made more aware of the potential risks created by the availability of such metadata; and that there is far greater need for proper consumer protection.
Graham K. Rogers teaches at the Faculty of Engineering, Mahidol University in Thailand where he is also Assistant Dean. He wrote in the Bangkok Post, Database supplement on IT subjects. For the last seven years of Database he wrote a column on Apple and Macs. He is now continuing that in the Bangkok Post supplement, Life.
For further information, e-mail to
Back to Home Page