Wednesday, August 04, 2021

Antonio Garcia-Martinez on App Analysis at The Pillar

It can be fascinating when things you know about from different worlds meet.

I had heard of Antonio Garcia-Martinez from some of the science/tech people I read, because he's the tech entrepreneur and author of Chaos Monkeys: Obscene Fortune and Random Failure in Silicon Valley who was hired and then immediately fired/canceled by Apple because a group of Apple employees felt some of his commentary in Chaos Monkeys was misogynistic. Matt Taibbi writes about what went down at with Garcia-Martinez at Apple, and it's the sort of disingenuous "we are in danger" which cancellation flashmobs have become famous for.
 
Once it was said that there were no second acts in American life, but now there's substack. Garcia-Martinez has one called The Pull Request, and I was fascinated to discover that he'd just written a piece looking at the data elements of the pieces run by The Pillar, which resulted in the resignation of the USCCB general secretary, Msgr Burrill, when it was revealed that he appeared to be using his phone to access the hookup app Grindr numerous times over a period of years.

Per a post that originally appeared at The Pillar, a shadowy figure used mobile app data from 2018 through 2020 to show that Monsignor Jeffrey Burrill, the general secretary of the United States Conference of Catholic Bishops, was a regular user of dating app Grindr and frequenter of alleged gay bars.1 Msgr. Burrill subsequently resigned his position as general secretary, and the original Pillar piece has been (re)reported in that usual dogpiled media fast-follow, but without much in the way of technical specifics.

Grindr claimed in a statement that they were not the source of the data, and that such a data breach would be “infeasible from a technical standpoint and incredibly unlikely to occur.” I agree it’s unlikely that the data leaked directly from the app or Msgr. Burrill’s device, but it’s not quite true that data that Grindr generated could not have been used to reconstruct Burrill’s past behavior. I’m going to engage in some informed speculation below on how some lone crusader, armed with data and some hacking skills, could have zeroed in on one man’s behavior over years of time with commercially-available information.

By way of self-introduction: I’ve spent 13 years turning data into money via digital advertising. I built a real-time exchange (like the one involved here) for Facebook, and I’ve even built the bidding machine for the exact ads exchange in question while employed at a large ads buyer. I’ve also worked at Branch Metrics, one of the world’s biggest mobile attribution data companies and warehouses of third-party user data. Which is a long and self-glorifying way of saying, I know this world very well, so I’m telling you how an ad tech insider (or just someone with technical skills and a willingness to read dev docs) could hunt down someone using advertising data. It’s hard, but not impossible. It’ll almost certainly happen again.

The challenge has three steps:
  1. Getting the data
  2. Finding the target
  3. Constructing a behavioral profile based on geographic data

Continue reading here. It's a detailed piece focused primarily on how this kind of data and analysis works, so read it's worth reading primarily for an understanding of privacy and the loss of it in our modern world.

Garcia-Martinez's piece is interesting for a couple reasons:
  • He sounds to be an outsider to the Catholic world, so he's addressing this strictly from a technology point of view
  • He describes how the cell phone app data works, how it gets sold, and how processing it would be done
  • He discusses the things that make this difficult under current data availability, and the changes to how apps work which Apple and Google are currently making that would make this kind of work impossible in the future.  He notes:
This is also all a bit moot: Apple has deprecated IDFA, and Google will surely do the same with its analogous GAID. Even after Apple forces exchanges like MoPub to use vendor-specific IDs like IDFV, the data will still be joinable within that vendor’s bid stream. That said, cross-vendor and publisher joining of data (like we did in this attack) will be impossible, save for in the fuzziest of ways. We will indeed be in a more privacy-safe future as the incumbents retire the ability to identify and track individual users, but at the expense of any non-incumbent competition. Whoever was hellbent on ruining Burrill will not be able to do so as easily in the future; that said, any entrepreneurs who venture to undermine the Google/Apple duopoly will find themselves similarly hamstrung.

When Apple and Google finally go beyond just canceling user-specific IDs, and go all the way to moving all targeting data on-device, this debate becomes even more moot as nobody outside those two companies will have much in the way of user data. In a fully on-device world, even Google and Apple don’t know much about you, as the user data that leaves the phone couldn’t be used (even in theory) to narrow you down below a coarse segment size.
The main thing that struck me as missing in it is that he's responding strictly to the Msgr Burrill story and doesn't seem to be aware of the followup stories which talked about hookup app usage more generally in the Diocese of Newark and in the Vatican -- reporting which didn't seek to identify individual people but to identify the need for app use standards. That, to me, suggests that Burrill was effectively a surprise caught in the net when whoever was going the data analysis was looking at overall hookup app usage trends in locations associated with the Church.

But the overall tech reporting in Garcia-Martinez's piece is very solid, and the more interesting because its coming from someone outside the bubble.

No comments:

Post a Comment