This project is developing concrete guidance with regards to privacy and data protection for researchers using Internet measurement tools for mobile phones in a usable and understandable format.

A wide variety of online activities are increasingly conducted on mobile devices, ranging from talking to friends and family, to interacting with public or financial institutions to organising political dissent. To understand and make sense of the complex Internet architecture underpinning these activities, network researchers need to collect and share datasets regarding the measurements of the Internet network, from detailed traces on an individual basis to aggregated data on a regional level. This generates vast amounts of useful data for consumers, policy makers and researchers to enhance network research and overall transparency on the Internet.

With the increasing uptake and importance of mobile devices that connect to the Internet, network research is expanding its measurement capabilities to accurately gather mobile connectivity data. The increasingly personal and sensitive data generated by mobile Internet measurements warrant a review of privacy guidelines for researchers who conduct measurements, collect data or design new measurement tools and capabilities. These guidelines will help network researchers worldwide navigate the challenges of preserving the privacy of data subjects while ensuring datasets can be published and disseminated appropriately, to adhere to good scientific practice.

It has been proven that anonymising data, by removing obvious identifiers such as name or phone number, is inadequate to enjoy the legal exception from data protection laws, because sophisticated re-identification techniques exist. Further, the existence of many other datasets make it possible to link the new research data to infer new and possibly comprehensive information about individuals. These risks to privacy are at tension with the common requirement to publish research data in open data format, which would be freely available for anyone to reuse.

These guidelines do not force a zero-risk standard, but encourage researchers to actively prioritise their data subjects’ privacy in the design of their project, ahead of data collection. The document explains how a researcher should approach privacy by design in mobile network research by offering a step-by-step guide, supported by assistive questions and underlying background information on topics such as informed consent, data minimisation, assessing contexts and disclosure control techniques, amongst many others.

The Guidelines

Zevenbergen, B., Brown,I., Wright, J., and Erdos, D. (2013) Ethical Privacy Guidelines for Mobile Connectivity Measurements. Oxford Internet Institute, University of Oxford.