In an industry that collects enormous amounts of mobility data, FluxLoop CEO Ulrik Prøitz believe it's especially important to be transparent and accountable.
FluxLoop CEO Ulrik Prøitz believes they have found a safer way to make business out of our cell phone mobility data.
Ulrik Prøitz is the head of a Norwegian company in an industry that collects enormous amounts of information about our movements. The industry has been ravaged by several privacy scandals and mobile phone manufacturers have taken various steps to protect their users.
Hence, Prøitz was extra nervous last summer. He had just hired Orange Cyberdefense to review how fluxLoop collects and stores data about Norwegians' movements. If the company found any flaws, it could have profound consequences. Fortunately, this was not the case.
- The measures we have introduced make it exceedingly difficult to identify someone, says Ulrik Prøitz, head of fluxLoop.
Today, the Oslo-based company collaborates with several of the largest public transport companies in Norway. Ruter and Kolumbus are examples of companies who use fluxLoop’s technology to conduct surveys while the passengers are onboard the vehicles. These interviews are used to assess the quality of the public transport service.
- We would not have the customers we have, had we been engaged in shady activities, says Prøitz.
NRK, Dagens Nyheter in Sweden, and the New York Times have all in the recent years documented how information about how the movements of mobile phones can be used to identify and map individuals.
NRK bought a data package with precise mobile movements of 140,000 Norwegian cell phones for NOK 35,000 (approx. 3380 Euros). This made it possible to identify Norwegian officers, ordinary Norwegians, and a Storting (legislative) politician.
As a result of NRK’s revelations, the Norwegian and British Data Inspectorate opened an investigation against the London-based data vendor Tamoco. The investigation is ongoing.
Companies like Tamoco are often referred to as data resellers. These companies collect information from mobile apps in categories such as weather, navigation, and games. Last year, NRK revealed that many mobile owners are not aware that they are being tracked. Two mobile app providers also stated that they did not know where the information they collected ended up.
Investigations made by NRK revealed that many mobile apps who collaborate with data resellers state purposes such as “marketing,” “marketing research,” and “analysis” without elaborating exactly what this entails.
- There are obvious illegalities here. The biggest issue is that the industry is not good enough at being transparent. The industry has become a little too eager to make quick money, says Prøitz, who is critical of the fact that it is possible to buy substantial amounts of precise movement data.
NRK presented Tamoco with the criticism of the industry, but they have not responded to our inquiry.
Tamoco has previously said that they are only an intermediary between app developers and those who utilise motion data. The company also claimed that they “do thorough research on the customers, and demand to know what the data is used for”.
- If the users of our data do anything illegal outside of our control, it is unfair to blame us as long as there were no reasonable measures we could take to stop it,” Tamoco wrote.
FluxLoop collaborates with several companies that are interested in knowing where their users are or gaining insight into the movements of large crowds.
To gather the information, fluxLoop enters a small data code into the mobile apps of the companies they work with. Some companies allow fluxLoop to use this data in other analytics products. If the end user agrees to share information about their movements in the app, fluxLoop receives the information. In some cases, the mobile app also asks for access to proximity data, often called Bluetooth.
- We believe that the consents we and our customers ask for are much clearer than what many others do, says Prøitz.
The industry typically collects very precise data about the movements of mobile phones, often with an accuracy of 4 to 20 meters. Each mobile owner is also given a unique name in the data. This makes it easy to identify and map individuals even if there are no names or telephone numbers in the data.
FluxLoop, on the other hand, has chosen to take several measures to make the information they gather more difficult to misuse:
These measures ensure that fluxLoop only knows that a mobile, not which one, has travelled from area A to area B. This is what the movements of a mobile in Oslo will look like at fluxLoop:
When fluxLoop started in 2012, they collected more information about the users, but have since stopped this altogether.
- The way we operated at the start is not what we stand for today, says Prøitz.
The Italian researcher Luca Pappalardo has been researching motion data for a number of years. To NRK, he states that even less detailed motion data has a privacy risk.
In one of the experiments, he gained access to the journey of private cars in Florence and the Pisa area. There, the researchers learned which Italian statistical basic unit a car had visited. If the researchers knew where the car owners lived and worked, they could “attack” the seemingly safe data set. Thus, in many cases, they could identify which car was responsible for the car journeys.
- In our experiments, we saw that the average risk for this scenario was quite high, says Pappalardo, who works at the Italian Research Council.
It is even more difficult to identify mobile owners with fluxLoop data, according to Orange Cyberdefense, which investigated known and new methods of identifying mobile owners.
This is because, unlike the car data, there are no links between the journeys and fluxLoop data. Orange Cyberdefense concluded, in a report NRK beta has read, that “fluxLoop has made it difficult or even impossible to identify individuals in the dataset.”
It would only be possible in rare cases to learn more about a person’s travels, according to the investigators. If one knows where a person lives and works, the investigators believe that it occasionally could be possible to guess when the person goes to work.
These privacy hazards are thus miles away from what can be done with the Tamoco data: where the precise movements of individuals could be observed for more than 200 days. With fluxLoop’s mobility data, it might be possible to guess some of the journeys a person has taken.