OB­FUS­CA­TION ON­LINE

Mint ST - - TECHNOLOGY -

ered. How­ever, if we are to be ef­fec­tive against big data al­go­rithms that are smart enough to ac­cu­rately cull out a sin­gle strand of in­for­ma­tion from vast vol­umes of ran­dom data, we need to go much fur­ther than that. To fool mod­ern pat­tern match­ing tech­nolo­gies, we will need to gen­er­ate noise that is so sim­i­lar to the data that is sought to be ex­tracted, as to make iden­ti­fy­ing that data am­bigu­ous and dif­fi­cult to ex­ploit.

***

So­cial me­dia ser­vices en­cour­age us to share how we feel, al­low­ing us to like or of­fer other “re­ac­tions” to posts in our net­work. While this might seem like an in­nocu­ous way of pat­ting a friend on the back, the al­go­rithms that drive these ser­vices use our re­ac­tions to im­prove their un­der­stand­ing of us so that they can serve us more in­for­ma­tion about things we like.

This im­proved un­der­stand­ing helps them tar­get prod­ucts and ser­vices more ac­cu­rately to­ward us and has be­come so ac­cu­rate that law en­force­ment agen­cies are in­creas­ingly us­ing so­cial me­dia data to help de­tect po­ten­tial threats or head off anti-na­tional be­hav­iour.

This level of in­tru­sion can be dis­com­fort­ing. In re­sponse, some peo­ple have al­ready re­sorted to ob­fus­cat­ing their so­cial graph by de­ploy­ing pro­grams that ran­domly as­sign re­ac­tions to posts in ways that have no bear­ing to their ac­tual feel­ings. This con­fuses the al­go­rithms about what we like and dis­like, ef­fec­tively neu­ter­ing their pre­dic­tive ca­pa­bil­i­ties. Other pro­grams ran­domly click on all the prod­ucts served on e-com­merce web­sites, con­fus­ing the shop­ping al­go­rithms into build­ing in­ac­cu­rate pro­files of your pref­er­ences. Still oth­ers are aimed at fool­ing ad-en­gines that serve you tai­lor-made ad­ver­tise­ments by ran­domly show­ing in­ter­est in ser­vices and prod­ucts that have no bear­ing to what you like.

All these tech­nolo­gies gen­er­ate noise, ran­dom be­hav­iour pat­terns that fool al­go­rithms into think­ing you are some­one other than who you re­ally are. By cloak­ing your true iden­tity in this noise, they of­fer you pri­vacy and seclu­sion even though you re­main out there in the open.

These prin­ci­ples are slowly be­ing ex­tended into the real world. Fa­cial recog­ni­tion al­go­rithms are de­signed to iden­tify faces by search­ing for spe­cific shapes and ref­er­ence fea­tures in dig­i­tal images.

Given the ubiq­uity of CCTV cam­eras and we­b­cams, the threat that they can be used to iden­tify us wher­ever we go is real. To com­bat this, peo­ple have be­gun to ap­ply makeup, cut their hair in special ways or wear masks spe­cially de­signed to con­fuse these al­go­rithms by ob­fus­cat­ing the very dis­tinc­tive fea­tures that these al­go­rithms are trained to iden­tify.

***

A cou­ple of years ago, I tried an ob­fus­ca­tion ex­per­i­ment of my own.

I’ve long been ir­ri­tated by the fact that apps such as True­caller are able to iden­tify me even though I haven’t signed up for their ser­vice. These ap­pli­ca­tions scan their users’ ad­dress books and use the in­for­ma­tion in there to build up a data­base of all the phone num­bers in the world.

As a re­sult, even though I was never a reg­is­tered user, if even one of my friends has signed up and shared his phone book with them, all my con­tact in­for­ma­tion was on their servers. As more and more of my friends signed up, the fact that my mo­bile phone num­ber cor­re­sponded to my name was cor­rob­o­rated with greater cer­tainty.

A cou­ple of years ago, I de­cided to fight fire with fire—i reg­is­tered my­self as a user. In order to iden­tify my­self, I was asked to ver­ify my iden­tity with an OTP.

Once the va­lid­ity of my mo­bile phone num­ber had been con­firmed, I en­tered a com­pletely fic­ti­tious name into my user pro­file. Since my mo­bile num­ber had been au­then­ti­cated us­ing OTP ver­i­fi­ca­tion, the server be­lieved the in­for­ma­tion that I had just keyed in over the ev­i­dence of all the hun­dreds of other ad­dress books in their server that car­ried my de­tails.

So now, if you look up my mo­bile num­ber you will get a re­sult— just not the one you were ex­pect­ing.

But it is me. Hid­ing out there in plain sight.

Rahul Matthan is a part­ner at Tri­le­gal. Ex Machina is a col­umn on tech­nol­ogy, law and ev­ery­thing in be­tween.

His Twit­ter han­dle is @matthan

COL­UMN

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.