Privacy experts have issued warnings over plans by Transport for London to track tube passengers across the network using WiFi and device MAC addresses.
TfL announced that it would begin monitoring and analysing the movements of commuters next month by tracking their mobile devices as they travel around the London Underground network.
TfL claims that such data will help it improve services by seeing more clearly the exact routes that people take to get from one place to another.
The de-personalised data collection, set to begin on 9th July, will harvest data from the WiFi connections at more than 260 London Underground stations.
My biggest issue on this: TfL say pseudonymisation is one-way, at source, approved by their cyber team. Good.— Eerke Boiten (@EerkeBoiten) May 23, 2019
For application to work, they need to be able to correlate same MAC across the same underground travel episode.
BUT: can they correlate same MAC across multiple trips?
According to TfL, this data will be used to "provide better, more targeted information" and help customers "better plan their route to avoid congestion and delays".
TfL claims to have developed a system that automatically depersonalises data "with no browsing or historical data collected from any devices". A 2016 pilot gathered the data of more than 42 million journeys.
Lauren Sager Weinstein, chief data officer at Transport for London, said: "The benefits this new depersonalised dataset could unlock across our network - from providing customers with better alerts about overcrowding to helping station staff have a better understanding of the network in near-real time - are enormous.
"By better understanding overall patterns and flows, we can provide better information to our customers and help us plan and operate our transport network more effectively for all."
But despite privacy assurances from TfL, these plans have raised concerns from data privacy experts. Professor Eerke Boiten, director of the Cyber Technology Institute at De Montfort University, Leicester has highlighted several concerns.
He told Computing: "Overall, TfL have paid decent attention to the responses to their 2016 pilot of this scheme. Some of those were making the broader argument that it is a fundamental privacy invasion to record what trips people make.
AI & Machine Learning Live is returning to London on 3rd July 2019. Hear from the Met Office's Charles Ewen, AutoTrader lead data scientist Dr David Hoyle and the BBC's Noriko Matsuoka, among many others. Attendance is free to qualifying IT leaders and senior IT pros, but places are limited, so reserve yours now.
"That is still a valid objection against this scheme, although the limitations and safeguards introduced here may well make this data less privacy invasive than what TfL already record through Oyster cards and touchless bank cards.
"Asking people to switch off phone WiFi functionality is not an acceptable method of opting out. Fortunately, there is also another one, which is not to register for the 'free' wifi in the first place. [This is] also a positive move since the pilot. The downside of this is that the process of registering for WiFi potentially undermines the safeguards built into the system."
Boiten also raised concerns over the way in which TfL is using one-way data pseudonymisation at source to de-personalise the data. "That is a good thing, but they haven't released enough technical details for me to understand the full impact of that," he said.
"It is good that they are unable to recreate MAC addresses from pseudonyms (that's 'one-way'). But the pseudonym generated has to be the same, every time, for the same MAC address during a London Underground trip, as they need to link the same person across multiple observations.
"This means that they can still check pseudonyms against known MAC addresses - including any recorded as part of registration for wifi.
"Most importantly, it is not clear whether the mechanism changes the pseudonym-MAC association often enough to prevent TfL from being able to link different underground trips, on the same day or a later day, by the same person."
Cloud & Infrastructure Live 2019 returns to London on 19th September 2019. Learn about the latest technologies in cloud, how to keep one step ahead of the regulators, and network with an audience of IT leaders and senior IT pros. The event will include keynotes, panel discussions, case studies, and strategic and technical streams. Best of all, the event is FREE to qualifying attendees. Secure your place now.
Attending Cloud & Infrastructure Live 2019 already? Why not enter the Computing Cloud Excellence Awards that will be celebrated in the evening, too?
General Election 2019: Labour manifesto promises free fibre and fines for Facebook over online bullying
Social media companies to face "legal duty of care" to protect children online, NCSC role to be reviewed and extended, and Charter of Digital Rights promised
Managing the friction between compliance and security is all about empathy
The issue impacted a subset of WeWork customers based in Europe, India, and China
Jeff Mery, VP global solutions architects at Chef tells delegates at Computing's Cyber Security Live conference that treating everything as code helps traditional translation challenges between developers, infrastructure teams and security
Speaking at Computing's Cyber Security Live conference, Mike Spradbery, senior technical leader, IBM Security UK & Ireland, explains what organisations need to think of when building their incident response plans.