Can businesses use mobile data without breaching privacy?

Mobile telcos collect a huge amount of data about their customers, from their mobile web usage to their geographic location.

They are evidently keen to realise the commercial value of that data: in the UK, EE, O2-parent Telefonica and Vodafone are all developing services that will help other companies understand consumer behaviour by analysing data gleaned from mobile phones.

But the recent reaction to one of these services shows that privacy concerns are especially acute when it comes to mobility.

Earlier this year, EE and Ipsos MORI announced a partnership that would allow the market researcher to analyse data from the telco's 27 million customers, shows that privacy concerns are especially acute when it comes to mobility.

Last weekend, The Sunday Times reported on the service, quoting experts comparing it to the hugely unpopular Snooper's Charter (the two companies said the newspaper's report was "misleading").

There is nothing to suggest that EE and Ipsos MORI are doing anything illegal. But the idea of a business analysing a user's location – even it has been anonymised and aggregated – is clearly not a popular one.

Furthermore, experts warn that the anonymisation techniques companies use to scrub traces of an individual's identity data can be reversed by cross-referencing it with other information. 

So will businesses be able to use mobile usage data for commercial benefit? Is it just a matter of finding the right security technology, or will the public's unease at being watched make it too risky to try?

Ross Anderson, professor of security engineering at the University of Cambridge Computer Laboratory, says the mobile telcos need to reveal more about their privacy mechanisms before their security claims can be believed

"How can the mobile telcos reconcile their claims that they provide useful targeted data to advertisers with their claims that the data are robustly de-identified?

If I'm one of a cell of 50 subscribers whose aggregate data are sold as being "white males aged 55-59 in professional jobs in Cambridge" that's one thing, and if I'm one of a cell of 50 people who just came out of "Much Ado About Nothing" at a theater in London, that's another thing.

If people are sometimes reported by rows, and sometimes by columns, stuff will leak. I didn't recognise anybody I knew on the train down or in the foyer so quite probably I was the only Cambridge guy in that performance.

The companies' security claims will only be credible if they give details. The handwaving is just implausible."

Antony Mullen, senior analyst at Forrester Research, says that the thorny issue of mobile privacy is yet another reason to put customers in control of their data<

"Mobile data is some of the most personal data associated with consumers. This will only become more true as more sensors are added to mobiles and wearables that measure their temperature, heartbeat, direction they are facing or any number of readings from their local environment.

My view is that privacy is nigh on impossible. Big data techniques can cross-reference and hypothesise about individuals from what would appear to be distinct signals.

Brands need to be moving towards a model where they collect and manage data with consumers co-operatively with data collected focused on providing a better service. Otherwise when consumers have rights to invoke the 'show me everything' there could be some red faces and service migration.

Smart companies are wargaming transparency scenarios now and adjusting their data collection practices."

Pete Swabey

Pete Swabey

Pete was Editor of Information Age and head of technology research for Vitesse Media plc from 2005 to 2013, before moving on to be Senior Editor and then Editorial Director at The Economist Intelligence...

Related Topics