INTERNET

DARK NET: The Tell-Tale Trail Of Your Digital Life

Subtle technological context can be crucial in investigations, pursuits, or just unmasking wrongdoing

INTERNET
Feb 10, 2016 at 4:45 PM ET

What if we told you that every tweet contained more than 30 hidden datapoints about your account and could help pinpoint your location, even if you think you have your security locked down? Or that in every phone call, someone extracting your number, the duration of the call, who you called and where you both were at the time. Every time you do something digitally, you create metadata, subtly hidden information about the actions you take and the digital content you create and save. It’s the kind of data that the NSA controversially swept from billions of internet and phone records, and if you want to stay anonymous, it’s a very hard trail to erase.

Take, for example, something as benign as your digital photographs. Every photo has information embedded in the digital file, that tells computers what device it was taken on (A Canon SLR or an iPhone 6) the shutter speed of the shot and the size of the file, but also (in many cases), what lens you had attached, which way you held the camera, the temperature at the time and maybe even where you were.

And while the details might seem trivial, online sleuths—even amateur ones—can piece them together to find out details you may not want them to know.

At the time that Vice went to interview former cybersecurity mogul John McAfee, for example, he was wanted by the authorities in Belize for questioning over the death of his neighbor. McAfee was on the run, which is what made the story so enticing. It was also what should have made it important to him that his interviewers were extremely careful about their security.

The EXIF data in photos is a dream for people trying to verify the ownership of photos because it will contain timestamps and other details. In the case of a photo of the fugitive John McAfee and Vice’s editor-in-chief, which was hastily thrown up on their website, it also contained the precise latitude and longitude of where it was taken, across the border in Guatemala.

Similarly, your credit card purchases leave a trail of data that is often obfuscated, but not always totally anonymous. Take, for example, cab rides in New York City. You pay by credit card, expect anonymity, and rarely think about them again. But when some of that data becomes public, because the transit system is a public body, sensitive trips can be surfaced. The New York City Taxi and Limousine Commission is obliged to anonymize the medallion number of each ride, making it a little harder to figure out what taxi took people where. The start and end points of each journey, however,  are still available—they’re part of the metadata. And if you find all the trips that start at Larry Flynt’s Hustler strip club, you can look for repeated drop-offs in the same location, and start to identify patterns. The yellow dots represent a cluster of drop-offs in Williamsburg, from which you can draw your own conclusions.

Similar sleuthing with London’s bike-share scheme showed that you could potentially identify people (and their partners) through their cycling patterns, by matching it with some other readily-available data from social media. And further manipulation of the NYC taxi data, cross-checked with papparazzi shots, enabled journalists to link individual journeys to celebrities, along with whatever tip they did or didn’t leave.

The bottom line is that every interaction you have with the internet creates tiny digital ripples of some sort. Some reach the shore, others dissipate quickly, but somewhere their energy is felt, and recorded, where it sits, waiting to be useful to someone.

Never tweet.