I had a car accident two weeks ago. My car was hit from behind and the driver later denied everything. He first claimed he was not involved in any accident on that day. I provided a few photos I took with my smart phone; including one on his car and another on his insurance card (here is a thumbnail of the driver copying my insurance information).
This motivated me to take a careful look at the meta data contained
on those photos. Besides the date and time, we got the exact location of the accident, thanks to the build-in GPS. The photo meta data contains a GPS section, which reads like (37o49’11”N, 122o28’43”W). By converting this into a decimal format, we get a coordinate “37.8197,-122.4786”, where longitude need to be changed into negative to reflect the western hemisphere. Google Map understands “37.8197,-122.4786” as a valid search string. Since the phone automatically saved a copy of the photos onto the cloud, there is a third-party source that validates the photos.
The episode did not end here, as the driver later claimed there was no trace of impact on his car, implying the damages on my car were prior to the accident. This certainly has been a quite frustrating experience, as the claim processor was not willing to apply her common sense and the burden of proof fell onto my own shoulder. I then found a plate mark left on my bumper. Applying some Photoshop contrast and edge enhancement tools, I can tell these are letter marks left from the top of his license plate frame. Although it is too hard to read the letters, the contour should provide enough traces to be mapped onto his plate. The claim now moves forward.This raises a hypothetical question - how can one actually prove a photo was indeed taken at that location and on that date? That is how to prove the meta data has not been manually altered? This leads to an idea that the mobile cloud provider might consider a timestamping service as described on this Wikipedia entry [1]. Presumably when the cloud storage receives a document, it calculates a short hash key (a fingerprint string). Then it sends the hash to a timestamping
authority (TSA) and obtains a string of “signed timestamp and hash” to be stored together with the photo. Now the photo can be trusted by court. The court verification process goes like this: it first verifies the string containing both hash and timestamp was indeed generated by the TSA (by decoding it with the TSA’s public key), which means the hash existed at the said date and time. Since the hash generation algorithm works in such a way that it is nearly impossible to find another document that can be mapped to the exact hash, this proves that the original document indeed existed on the said date and time. This is basically the same process used in many digital lab notebooks systems I happen to be familiar with, and such a document with its hash-and-timestamp string will stand up in court.
There are many interesting applications of GPS on smart phones. Putting privacy aside for the sake of discussion, the GPS data produced by smart phones, if accessible by law-enforcement authorities, may well help identify the other drivers at that time and location, who might be valuable witnesses of the accident. Sure that will be more justifiable for a crime instead of this small accident. In addition, if you ever wonder how Google Map obtains traffic data for local streets, the data also comes from our smart phone GPS[2]!
[1] http://en.wikipedia.org/wiki/File:Trusted_timestamping.gif
[2] http://googleblog.blogspot.com/2009/08/bright-side-of-sitting-in-traffic.html
