Faithful Muslims are required to pray five times a day, facing toward Mecca. In our smartphone era, it was only a matter of time before someone came up with an app that reminds the Muslim user that it’s time to pray, and conveniently uses GPS data to direct the user toward Mecca from anywhere in the world. Muslim Pro is the most popular app to do these and other helpful things for members of Islam, and has been downloaded some 98 million times.
When a person downloads an app that is advertised to do a certain function, the question of what else it might be doing in the background rarely arises. If the app is free, most people are aware at some level that the developer must make money somehow, typically through advertising. But rarely does the typical user even read the boilerplate that sometimes appears during installation, because it would take a lawyer to figure out what it means, and all the relevant information might not even show up in the user agreement. So there is an implied agreement or good-faith assumption on the part of the user, that the app developer won’t do anything with the user’s data that the user would object to.
Users of Muslim Pro received a shock last month when the Motherboard column of the website Vice revealed that through a third-party vendor, Muslim Pro had sold location data on its users to contractors for the U. S. military. True, the data was “anonymised,” meaning that names and other explicit identifying information was stripped from the data before it was sold. But if a contractor obtains data from several different anonymised sources, it is often a fairly straightforward matter to “de-anonymise” the data and identify specific individuals. If an anonymous individual spends a lot of time at a particular street address that can be associated independently with a particular name, so much for anonymity.
Although no one has traced any specific military actions to the use of Muslim Pro data, users of the app have every right to feel betrayed. Muslims aren’t the only religious group using faith-related apps. Just to pick a random example, the Catholic radio network Relevant Radio has developed an app that assists users in saying the Rosary and pursuing other devotional practices. Imagine how users of that app in a Christian-hostile country would feel if they discovered that the network was selling location data gleaned from the app to representatives of the country that was persecuting them. Betrayal is a mild word.
After Vice revealed the practice, Muslim Pro announced that it was cutting off its association with X-Mode, the company that was buying location data from Muslim Pro and other apps and selling it to contractors who specialise in providing intelligence data to the U. S. military. For its part, X-Mode encourages developers who provide data to insert warning phrases in their user agreements. Even if such verbiage was provided by each of the 400 or so apps that X-Mode obtains data from, it is unlikely that most users would even read it.
I will admit that the first time I heard of a special watch that informed the wearer of the correct direction to pray toward Mecca, it struck me as incongruous, to say the least. Here was a practice of a 1400-year-old faith being aided by up-to-date technology. But religion is an important part of the lives of billions of people, and as technology advances and provides conveniences and assistance for every part of life, it’s understandable that religious practices would take advantage of it too.
The Muslim Pro-X-Mode revelation is a good example of how compartmentalising is encouraged by the way large-scale technical systems work. Most religions deal with the whole person, one at a time. This is the opposite tendency of the way a company like X-Mode operates: stripping identifying information from bits of location data and selling it wholesale to similar organisations that deal in dehumanised blocks of information, which however can be easily reversed to reveal the location of any particular individual.
Those who handle the data along the way — the programmers and managers and salesmen — easily forget that the only reason their data is valuable is because it pertains to human beings. They would rather think about correlations and data quality and other mathematical measures, than to consider that just possibly, one of the bits of data they sell may be used to end the life of a human being.
I am not a pacifist, and I realise that war is sometimes the least bad alternative in certain situations. But historically, one of the most common practices a warring nation will adopt against a rival nation is to convince its own people that the rivals are not really human, but are something less than human — animals, maybe, or even just numbers in a census record somewhere. In anonymising the location data Muslim Pro collected, X-Mode unwittingly carried out that first step in making it easier for someone else to treat human beings as less than human. What looked like a good thing — removing personal identifying data — turned out to be the first step in a process that wound up as a betrayal.
Information technology is an unavoidable part of our lives now, and can be the source or driving force behind many benefits. Without computers and anonymised testing, we would not be looking forward to getting vaccines for COVID-19 within a year of the virus’s spread to humans. But those who use data derived from humans must never forget the humans behind the data, and everyone working in such fields needs to exercise their moral imaginations enough to ask, “Supposing I was a user, are we doing anything that I’d object to?” And if the answer is yes, don’t just shrug and go on about your business.
Karl D. Stephan is a professor of electrical engineering at Texas State University in San Marcos, Texas. This article has been republished, with permission, from his blog, Engineering Ethics, which is a MercatorNet partner site. His ebook Ethical and Otherwise: Engineering In the Headlines is available in Kindle format and also in the iTunes store.