Privacy experts have issued warnings over plans by Transport for London to track tube passengers across the network using WiFi and device MAC addresses.
TfL announced that it would begin monitoring and analysing the movements of commuters next month by tracking their mobile devices as they travel around the London Underground network.
TfL claims that such data will help it improve services by seeing more clearly the exact routes that people take to get from one place to another.
The de-personalised data collection, set to begin on 9th July, will harvest data from the WiFi connections at more than 260 London Underground stations.
My biggest issue on this: TfL say pseudonymisation is one-way, at source, approved by their cyber team. Good.— Eerke Boiten (@EerkeBoiten) May 23, 2019
For application to work, they need to be able to correlate same MAC across the same underground travel episode.
BUT: can they correlate same MAC across multiple trips?
According to TfL, this data will be used to "provide better, more targeted information" and help customers "better plan their route to avoid congestion and delays".
TfL claims to have developed a system that automatically depersonalises data "with no browsing or historical data collected from any devices". A 2016 pilot gathered the data of more than 42 million journeys.
Lauren Sager Weinstein, chief data officer at Transport for London, said: "The benefits this new depersonalised dataset could unlock across our network - from providing customers with better alerts about overcrowding to helping station staff have a better understanding of the network in near-real time - are enormous.
"By better understanding overall patterns and flows, we can provide better information to our customers and help us plan and operate our transport network more effectively for all."
But despite privacy assurances from TfL, these plans have raised concerns from data privacy experts. Professor Eerke Boiten, director of the Cyber Technology Institute at De Montfort University, Leicester has highlighted several concerns.
He told Computing: "Overall, TfL have paid decent attention to the responses to their 2016 pilot of this scheme. Some of those were making the broader argument that it is a fundamental privacy invasion to record what trips people make.
AI & Machine Learning Live is returning to London on 3rd July 2019. Hear from the Met Office's Charles Ewen, AutoTrader lead data scientist Dr David Hoyle and the BBC's Noriko Matsuoka, among many others. Attendance is free to qualifying IT leaders and senior IT pros, but places are limited, so reserve yours now.
"That is still a valid objection against this scheme, although the limitations and safeguards introduced here may well make this data less privacy invasive than what TfL already record through Oyster cards and touchless bank cards.
"Asking people to switch off phone WiFi functionality is not an acceptable method of opting out. Fortunately, there is also another one, which is not to register for the 'free' wifi in the first place. [This is] also a positive move since the pilot. The downside of this is that the process of registering for WiFi potentially undermines the safeguards built into the system."
Boiten also raised concerns over the way in which TfL is using one-way data pseudonymisation at source to de-personalise the data. "That is a good thing, but they haven't released enough technical details for me to understand the full impact of that," he said.
"It is good that they are unable to recreate MAC addresses from pseudonyms (that's 'one-way'). But the pseudonym generated has to be the same, every time, for the same MAC address during a London Underground trip, as they need to link the same person across multiple observations.
"This means that they can still check pseudonyms against known MAC addresses - including any recorded as part of registration for wifi.
"Most importantly, it is not clear whether the mechanism changes the pseudonym-MAC association often enough to prevent TfL from being able to link different underground trips, on the same day or a later day, by the same person."
Cloud & Infrastructure Live 2019 returns to London on 19th September 2019. Learn about the latest technologies in cloud, how to keep one step ahead of the regulators, and network with an audience of IT leaders and senior IT pros. The event will include keynotes, panel discussions, case studies, and strategic and technical streams. Best of all, the event is FREE to qualifying attendees. Secure your place now.
Attending Cloud & Infrastructure Live 2019 already? Why not enter the Computing Cloud Excellence Awards that will be celebrated in the evening, too?
The new coalition aims for a unified, comprehensive, public-private campaign against ransomware groups
Cybersecurity suffers from a PR issue, and the government's attempts to raise its profile reveals only the startling lack of diversity in the industry
The Spark #1 - 'If you're not obsessed with this being a success, you shouldn't do it because it'll be a nightmare most of the time'
Stuart Sumner speaks to Tony Pepper, co-founder and CEO of human layer security firms Egress, discussing his organisation's journey, and what he wishes he'd done differently
Google's Project Zero will not share technical details of the bug for 30 days if a vendor fixes the vulnerability within a 90-day deadline
Named firms are Positive Technologies, ERA Technopolis, Neobit, Advanced System Technology (AST), Pasit and SVA