Given a slot at last week’s Masters Conference in London, I chose to use it to talk about the sources of data which might easily be overlooked when giving or receiving data for disclosure / discovery. My subjects ranged from the metadata and EXIF data in photographs, to Google Maps tracking, to the Internet of things and social media.
I will do a post or a video on that in due course, but this article is about related subjects which have turned up since I prepared that talk – only last Thursday.
iOS gives access to photograph metadata
The first was an article in The Register called iOS apps can read metadata revealing user’s location histories, with the subtitle Access through a gift shop full of personal data. “EXIF” stands for Exchangeable Image File, and is a standard format for data ancillary to multimedia files.
Most of us have come across apps which ask for permission to access the pictures in our photo libraries. There is often good reason for this – if I want to send one of my pictures to Twitter or Facebook then those apps must have permission to access the image store. iOS 11, it seems, captures more than just the photograph, and hauls in the location data and other information stored with the image. This may or may not matter to you but it seems important to know.
In opening my talk last week I asked for a show of hands from those who kept location services on. Most did. My supplementary question was “Do you know whether or not you have location services turned on?”. That served as the premise for the part of my talk which related to the amount of location history which may be available on phones – and therefore available to be considered for relevance on disclosure / discovery.
Aggregating location data with other information
A further part of my talk was on the aggregation of data – how one source of information when added to another source might reveal more than either of them, particularly when third-party sources are brought into play. That is the subject of an article called Even this data guru is creeped out by what anonymous location data reveals about us. The starting point for the experiment covered by the article was a user’s Google Maps timeline. The article showed how this may be supplemented by other information to remove the mask of anonymity promised, perhaps, by each of the relevant sources, but which is easily stripped away when some analytics (and perhaps some old-fashioned research) is brought into play.
TfL plans to flog your location data
Bang on cue comes an article headed TfL plans to make £322 million by collecting data from passengers mobiles via tube Wi-Fi.
Transport for London has been conducting an interesting experiment using phone and tablet tracking to see, for example, what routes passengers use to get between platforms. The aim was (or was said to be) “to better understand how people navigate the London Underground network, allowing TfL to improve the experience for customers”. If the article is right, however, TfL now plans to go on from there and sell data to others. So what? you might say, comforted by the fact that the data is both limited and anonymised; anyway, TfL already knows your routing from the entry and exit points collected from your Oyster card or contactless credit card. Selling your device’s MAC address and its movements, even if that is the only data which is passed on, enables marketers, security services and all sorts of shysters to link your travel data to other information. Again, that may not matter to you – but it is important to know that it happens.
Image metadata in a shipping case
If you don’t think this sort of thing matters in commercial disputes, have a look at the Kairos Shipping insurance case or at my article about it here (the judgment is long – try skipping through it by searching for the word “photograph”). The naval architects changed their view of the evidence when image metadata was provided on the eighth day of the trial. The judge found that the ship had been scuttled; part of his reasoning included the image metadata and (just as important for lawyers giving disclosure / discovery) he discounted the evidence of one witness because of the lack of clarity about the late delivery of the metadata.
Unmasked by social media activity
A related point – related, that is, under the general heading of “data you may easily overlook”) – is the existence of social media posts on your own accounts or those of others which conflict with evidence in civil or criminal proceedings. That subject came up this week as appears from this article Fraudster who sued council for bogus highway accident found guilty by High Court. You are not usually found “guilty” in civil proceedings for highway accidents, but these were contempt of court committal proceedings against a claimant who lied in civil proceedings about the cause of an injury. He said that his knee injury derived from tripping on a hole in the pavement. Doncaster Metropolitan Borough Council sensibly investigated the claimant’s social media pages and found Facebook posts showing that the injury had been caused while playing football. It is not just the defendants who need to be alert to this – the claimants and their lawyers need to check for such contradictions.
The case is reminiscent of a 2012 case called Cirencester Friendly Society v Parkin (I wrote about that here) in which Youtube videos of an active lifestyle gave the lie to claims under a health insurance policy.
I am not, of course, suggesting that every case warrants a deep exploration into the photographs, location history and social media posts of witnesses. But some do, and not just criminal or personal injury claims. The subject should be on a checklist for every disputes lawyer, to be considered, perhaps investigated, and then weighed for relevance and proportionality. This is not just a matter of professional duty and compliance with the rules – the evidence might lie there which wins or loses the case.