Just how much personal information does phone metadata reveal?
When Edward Snowden released classified material exposing the U.S. government's secret surveillance program, the government insisted it did not listen in on calls. Instead, it merely collected telephone metadata, such as number dialed, time of the calls and duration.
But just how much of a caller's personal information can metadata reveal? As a new Stanford study demonstrates -- a lot.
Stanford University Ph.D. student Jonathan Mayer and his research partner created an Android app called MetaPhone that asked users to volunteer their phone records in an effort to learn what could be uncovered from metadata. More than 500 people signed up.
"We began by ID'ing the organizations associated with the phone numbers in our dataset. We did that primarily by using phone books provided by Yelp and Google. Totally public. Totally easy to access," Mayer told CNET's Sumi Das.
With the help of Facebook's phone directory feature, people search services, and Google, more than 90 percent of the numbers were quickly identified.
"We noted when a business was a firearms dealer. We noted when a business was a health service provider," said Mayer.
They were also able to tell when participants placed calls to religious organizations, financial services and marijuana dispensaries.
This study raises very real privacy concerns about what happens when callers' phone records are accessed and cross-referenced with public information. The House of Representatives recently passed a bill to end the NSA's bulk domestic collection of metadata, but the bill still needs Senate approval.
The Stanford researchers say they also want to study what information could be revealed from analyzing other phone records, like text messages.