A reckoning with his own industry: – Became too eager to make quick money.

In an industry that collects enormous amounts of mobility data, Ulrik Prøitz believes it’s especially important to be transparent and accountable.

Original article (in Norwegian) written by NRK beta journalist Martin Gundersen, published on 02.02.2021, translated to English by Kogenta.

Ulrik Prøitz believes Kogenta have found a safer way to make business of our cellphone mobility data.

Prøitz is part of an industry that collects enormous amounts of information about our movements. The industry has been ravaged by several privacy scandals and mobile phone manufacturers have taken various steps to protect their users.

Hence, Prøitz was especially nervous summer of 2020. He had hired Orange Cyberdefense to review how Kogenta (then fluxLoop) collects and stores data about Norwegians’ movements. If the company found any flaws, it could have profound consequences. Fortunately, this was not the case.

– The measures we have introduced make it exceedingly difficult to identify someone, says Ulrik Prøitz, SVP Nordics at Kogenta (former CEO of fluxLoop).

Today, the Oslo and London-based company collaborates with several of the largest public transport companies in Europe. Ruter and Kolumbus are two examples of major companies in Norway who use Kogenta’s technology to conduct surveys while the passengers are onboard the vehicles. These interviews are used to assess the quality of the public transport providers’ service.

– We would not have the customers we have if we had been involved in shady activities, says Prøitz.

Sensitive information

NRK in Norway, Dagens Nyheter in Sweden, and the New York Times have all in recent years documented how information about how the movements of mobile phones can be used to identify and map individuals.

NRK bought a data package with precise mobile movements of 140,000 Norwegian cell phones for NOK 35,000 (approx. 3380 Euros). This made it possible to identify Norwegian officers, ordinary Norwegians, as well as a legislative politician.

As a result of NRK’s revelations, the Norwegian and British Data Inspectorate opened an investigation against the London-based data vendor Tamoco. The investigation is per 2021 still ongoing.

Companies like Tamoco are often referred to as data resellers. These companies collect information from mobile apps in categories such as weather, navigation, and games.

Last year, NRK revealed that many mobile owners are not aware that they are being tracked. Two mobile app providers also stated that they did not know where the information they collected ended up.

Investigations made by NRK revealed that many mobile apps who collaborate with data resellers state purposes such as “marketing,” “marketing research,” and “analysis” without elaborating exactly what this entails.

– There are obvious illegalities here. The biggest issue is that the industry is not good enough at being transparent. The industry has become a little too eager to make quick money, says Prøitz, who is critical to the fact that it is possible to buy substantial amounts of precise movement data.

NRK presented Tamoco with criticism of the industry, but they did not responded to the inquiry.

Tamoco has previously said that they are only an intermediary between app developers and those who utilise motion data. The company also claimed that they “do thorough research on the customers, and demand to know what the data is used for”.

– If the users of our data do anything illegal outside of our control, it is unfair to blame us as long as there were no reasonable measures we could take to stop it,” Tamoco wrote.

This is how mobile owners are protected

Kogenta collaborates with several companies that are interested in knowing where their users are or gaining insight into the movements of large crowds.

To gather the information, Kogenta enters a small data code into the mobile apps of the companies they work with. Some companies allow Kogenta to use this data in other analytics products. If the end user agrees to share information about their movements in the app, Kogenta receives the information. In some cases, the mobile app also asks for access to proximity data, often called Bluetooth.

– We believe that the consents we and our customers ask for are much clearer than what many others do, says Prøitz.

The industry typically collects very precise data about the movements of mobile phones, often with an accuracy of 4 to 20 metres. Each mobile owner is also given a unique name in the data. This makes it easy to identify and map individuals even if there are no names or telephone numbers in the data.

Kogenta, on the other hand, has chosen to take several measures to make the information they gather more difficult to misuse:

• The exact position is only stored on the mobile device itself. Kogenta only knows the approximate area, called the statistical basic unit, where the journey starts and ends.
• No trips are connected, and no mobiles are given unique names.
• They will not know the exact time of a trip, simply a time interval.

These measures ensure that Kogenta only knows that a mobile, not which one, has travelled from area A to area B.

When fluxLoop now Kogenta started in 2012, they collected more information about the users, but have since stopped this altogether.

– The way we operated at the start is not what we stand for today, says Prøitz.

Not completely risk free

The Italian researcher Luca Pappalardo has been researching motion data for a number of years. To NRK, he states that even less detailed motion data has a privacy risk.

In one of the experiments, he gained access to the journey of private cars in Florence and the Pisa area. There, the researchers learned which Italian statistical basic unit a car had visited. If the researchers knew where the car owners lived and worked, they could “attack” the seemingly safe data set. Thus, in many cases, they could identify which car was responsible for the car journeys.

– In our experiments, we saw that the average risk for this scenario was quite high, says Pappalardo, who works at the Italian Research Council.

It is even more difficult to identify mobile owners with Kogenta data, according to Orange Cyberdefense, which investigated known and new methods of identifying mobile owners.

This is because, unlike the car data, there are no links between the journeys and Kogenta data. Orange Cyberdefense concluded, in a report NRK beta has read, that “Kogenta has made it difficult or even impossible to identify individuals in the dataset.”

It would only be possible in rare cases to learn more about a person’s travels, according to the investigators. If one knows where a person lives and works, the investigators believe that it occasionally could be possible to guess when the person goes to work.

These privacy hazards are thus miles away from what can be done with the Tamoco data: where the precise movements of individuals could be observed for more than 200 days. With Kogenta’s mobility data, it might be possible to guess some of the journeys a person has taken.