Privacy warning over TfL plans to track tube passengers via WiFi

Nicholas Fearn
Privacy warning over TfL plans to track tube passengers via WiFi

Privacy Experts believe that the move by TfL - starting in July - could infringe passengers' rights to privacy

Privacy experts have issued warnings over plans by Transport for London to track tube passengers across the network using WiFi and device MAC addresses.

TfL announced that it would begin monitoring and analysing the movements of commuters next month by tracking their mobile devices as they travel around the London Underground network.

TfL claims that such data will help it improve services by seeing more clearly the exact routes that people take to get from one place to another.

The de-personalised data collection, set to begin on 9th July, will harvest data from the WiFi connections at more than 260 London Underground stations.

According to TfL, this data will be used to "provide better, more targeted information" and help customers "better plan their route to avoid congestion and delays". 

TfL claims to have developed a system that automatically depersonalises data "with no browsing or historical data collected from any devices". A 2016 pilot gathered the data of more than 42 million journeys.

Lauren Sager Weinstein, chief data officer at Transport for London, said: "The benefits this new depersonalised dataset could unlock across our network - from providing customers with better alerts about overcrowding to helping station staff have a better understanding of the network in near-real time - are enormous.

"By better understanding overall patterns and flows, we can provide better information to our customers and help us plan and operate our transport network more effectively for all."

Weinstein talked to Computing in March 2018 about how the organisation is trying to make better use of data in its operation and planning

But despite privacy assurances from TfL, these plans have raised concerns from data privacy experts. Professor Eerke Boiten, director of the Cyber Technology Institute at De Montfort University, Leicester has highlighted several concerns.

He told Computing: "Overall, TfL have paid decent attention to the responses to their 2016 pilot of this scheme. Some of those were making the broader argument that it is a fundamental privacy invasion to record what trips people make.

Computing AI and Machine Learning Live 2019 logo

AI & Machine Learning Live is returning to London on 3rd July 2019. Hear from the Met Office's Charles Ewen, AutoTrader lead data scientist Dr David Hoyle and the BBC's Noriko Matsuoka, among many others. Attendance is free to qualifying IT leaders and senior IT pros, but places are limited, so reserve yours now.

"That is still a valid objection against this scheme, although the limitations and safeguards introduced here may well make this data less privacy invasive than what TfL already record through Oyster cards and touchless bank cards.

"Asking people to switch off phone WiFi functionality is not an acceptable method of opting out. Fortunately, there is also another one, which is not to register for the 'free' wifi in the first place. [This is] also a positive move since the pilot. The downside of this is that the process of registering for WiFi potentially undermines the safeguards built into the system."

Boiten also raised concerns over the way in which TfL is using one-way data pseudonymisation at source to de-personalise the data. "That is a good thing, but they haven't released enough technical details for me to understand the full impact of that," he said.

"It is good that they are unable to recreate MAC addresses from pseudonyms (that's 'one-way'). But the pseudonym generated has to be the same, every time, for the same MAC address during a London Underground trip, as they need to link the same person across multiple observations.

"This means that they can still check pseudonyms against known MAC addresses - including any recorded as part of registration for wifi.

"Most importantly, it is not clear whether the mechanism changes the pseudonym-MAC association often enough to prevent TfL from being able to link different underground trips, on the same day or a later day, by the same person."

Computing Cloud and Infrastructure Live 2019 logo

Cloud & Infrastructure Live 2019 returns to London on 19th September 2019. Learn about the latest technologies in cloud, how to keep one step ahead of the regulators, and network with an audience of IT leaders and senior IT pros. The event will include keynotes, panel discussions, case studies, and strategic and technical streams. Best of all, the event is FREE to qualifying attendees. Secure your place now.

Attending Cloud & Infrastructure Live 2019 already? Why not enter the Computing Cloud Excellence Awards that will be celebrated in the evening, too?

More on Public Sector

Finding a smart path to digital transformation in the public sector

Finding a smart path to digital transformation in the public sector

The challenges facing public sector IT are not existing systems; rather, it is the legacy approaches to how IT initiatives are planned, implemented and managed

Mike Cattermole
clock 30 March 2022 • 5 min read
Industry Voice: The Secret to Setting Up a Successful Digital Workspace

Industry Voice: The Secret to Setting Up a Successful Digital Workspace

clock 16 March 2022 • 3 min read
Local councils are failing to adopt open standards, report

Local councils are failing to adopt open standards, report

Local authorities still don't use common components or open source despite - or perhaps because of - increased strictures

John Leonard
clock 02 February 2022 • 2 min read