Thats typically correct. My thought was that if you knew what numbers security monitoring companies would call from, you could filter out those calls, then extract the addresses they reported incidents at. Of course the monitoring company will filter out a lot of false alarms, so you'll get less data points to work from, so like I say... I'm not sure it would be worth it.