Feeds

Mobile networks: the state's new bloodhounds?

Dial L for location

The essential guide to IT transformation

And what about the handset?

If the handset is a smartphone, it could be using GPS to record your location, along with the time, and sending it off to who-knows-where over a data connection without the network operator, or you, being any the wiser.

Of course, getting the GPS to work when the phone is in your pocket won't be easy, so that's not a big concern unless your phone is labelled i-Kids in large friendly letters.

The handset does know the name of the local cell tower, which in Germany is usefully set to the tower's longitude and latitude (at least on O2's network), but elsewhere the spy will need to convert tower name to location , though that's not difficult.

A smartphone application which logs cell towers and sends that data over the mobile network wouldn't be too hard to write, and could easily be invisible to the user once installed.

Turning the handset off will prevent any information being created or logged, assuming the handset isn't just pretending to be turned off. Such handsets are available from various spy supply stores. Though these are generally used for recording and transmitting voice, they would work equally well tracking people.

The art of tracking

All network operators store where you've been for at least 12 months, but getting at that information costs money.

If you fall into the master criminal category a police officer might want to know if you really were in that club at that time, and can make a request to his SPOC (Single Point Of Contact, nothing to do with rubber ears or silly accents) to get the data out of your service provider.

The SPOC is responsible for dealing with all aspects of the RIPA, but location requests on mobile phones are pretty commonplace, with a large force handling hundreds a day. This number has been going up over the last couple of years as coppers get familiar with what they can, and can't, find out.

The requests are supposed to be pretty detailed: "Where was this phone at this time", rather than "What were the movements of this person over the period of a month or two", and it's up to the SPOC to ensure requests are necessary, proportionate, and lawful (as specified by RIPA). Any additional information that turns up, outside what was requested, is supposed to be discarded.

This isn't to say that any copper can just call up the SPOC when they feel like it. A typical request must be authorised by an inspector and will take a couple of days to complete. When the data is needed urgently, such as tracking an at-risk missing person, a Superintendent can give verbal permission and the data turns up faster, but that costs a lot more.

Mobile operators are only supposed to charge enough to cover their expenses, but as each network has different systems they all charge different amounts and have different ideas about how important the information is. Certainly, they charge enough to make police think twice before making an information request, which is no bad thing, but some operators also refuse to provide data they can't deliver within a few days - so you might get lucky if you choose a network operator with particularly errant computer systems.

The essential guide to IT transformation

More from The Register

next story
6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)
Clampdown on clickbait ... and El Reg is OK with this
So, Apple won't sell cheap kit? Prepare the iOS garden wall WRECKING BALL
It can throw the low cost race if it looks to the cloud
Time Warner Cable customers SQUEAL as US network goes offline
A rude awakening: North Americans greeted with outage drama
Shoot-em-up: Sony Online Entertainment hit by 'large scale DDoS attack'
Games disrupted as firm struggles to control network
BT customers face broadband and landline price hikes
Poor punters won't be affected, telecoms giant claims
EE plonks 4G in UK Prime Minister's backyard
OK, his constituency. Brace yourself for EXTRA #selfies
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.