Experts Raise Concerns Over Government Mobile Data Grab

Written by

Security experts have raised question marks over possible plans to use mobile phone data to help complete the UK national census after 2021.

It was revealed this week that the Office of National Statistics (ONS) has been tracking the anonymized movements of thousands of adults in London to study commuter patterns.

It’s part of the Administrative Data Census Project, an ONS initiative designed to work out whether the government can meet its stated ambition that “censuses after 2021 will be conducted using other sources of data.”

That means that the next once-a-decade national survey might be the last one which is completed via a paper-based questionnaire.

The ONS claimed that the mobile phone data (MPD) collected during this project was done in accordance with the law, and that “any intention to use MPD within the future production of official statistics will involve extensive evaluation including privacy impacts.”

However, the prospect has caught the attention of security and privacy experts.

“This government experiment in tracking people’s movements between their homes and places of work using mobile phone data is a glimpse into a not-too-distant future; where tracking devices in everyone’s pockets are routinely used to amass detailed data about our behavior, privacy be damned,” argued Simon Migliano, head of research at

“This creepy and intrusive tracking feels like a cost-cutting exercise combined with an opportunistic data grab. I’m very uncomfortable with the fact that Vodafone customers would have been unaware that they have been tracked in this way.”

He argued that an independent and transparent review would need to be carried out on any prospective anonymization methods to ensure no personally identifiable info (PII) could be extracted from the data.

“Even with that in place, there will be many people who are simply not comfortable with this kind of intrusive tracking, for whom there should be some kind of opt-out,” Migliano concluded. “What’s worrying though is that this appears unlikely, if the current mandatory completion of the census is anything to go by.”

David Emm, principal security researcher, Kaspersky Lab, also flagged security concerns.

“Clearly, there are potential benefits in this case – perhaps saving us all the need to complete a census questionnaire and saving the government money,” he argued.

“But it is also important that we recognize that our personal data can be equally valuable to cyber-criminals. New data protections laws are designed to make organisations more careful with our data, but regardless of this, it is important that, at an individual level, we know what information is being collected and stored and how it’s being handled – which will also reduce the likelihood of it falling into the wrong hands.” 

What’s hot on Infosecurity Magazine?