Cisco Blogs

A Digital Trail of Breadcrumbs

September 30, 2009 - 0 Comments

A few weeks ago, I talked a little bit about the threat of de-anonymization. In this week’s Cyber Risk Report, we discuss another facet to this growing problem of data collection: persistent digital traces deposited through everyday activities. Specifically, we discussed how mobile phone location and activity can uncover habits, relationships, and other inferences about a person’s habits, identity, friendships, and even job satisfaction. If the threat of de-anonymization is eroding our privacy and putting our personal information at risk, then the persistent collection of digital information that could feasibly be de-anonymized is creating a pervasive threat to our personal lives.

Living a connected lifestyle is bound to leave traces throughout a user’s day.

  • Debit card transactions show shopping preferences, purchase locations, and spending habits over time
  • Customer loyalty cards tie purchase histories, stores of preference, and responsiveness to advertisements and sales
  • Wifi hotspot associations (both on the wifi hotspot and on the user’s device)
  • Digital photos capture EXIF information as well as people and places in the picture that was taken
  • Mobile phones capture calls, nearby towers, Bluetooth associations with nearby Bluetooth devices
  • Automated toll systems can track a user’s driving habits, frequencies, and more

The list is practically endless, and I’m sure that I missed even some of the more prominent examples even among the list of passive data collectors. And of course, this list doesn’t even begin to dive into the depths of what users actively self-report on social networks, blogs, e-mail, or paper or electronic forms.

It doesn’t seem as if the technology industry has an answer at this point for maintaining such a connected life without giving up the personal safety and privacy that cultures have expected for so long. Nor do organizations seem to fully grasp how much effort and responsibility it would take to safeguard this kind of sensitive information. For the moment, it seems like the problem is becoming more defined, but it doesn’t seem like too many solutions have been imagined.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.