Feeds

The mobile phone as self-inflicted surveillance

And if you don't have one, what have you got to hide?

  • alert
  • submit to reddit

Top three mobile application threats

Like the breadcrumbs in Hansel and Gretel, mobile phones leave a trail wherever they go. Practically everybody can be tracked via this trail, and the beauty of it all is, we're effectively tracking ourselves.

By design, phones pass their location on to local base stations. You can gauge how effectively the networks can track you by requesting your personal information from your network provider using a data subject access under the Data Protection Act, or by just running Google Mobile Maps on your phone. The smaller 3G cells in central London give an even better location than on GSM.

Mobile phone penetration in Europe reached an average of 111.26 per cent in 2007 according to ITU estimates, while in the UK it was 118.47 per cent. We love them so much that we are more likely to leave our wallet at home than our mobile.

The location breadcrumbs from these, along with other communication traffic data, are kept as part of a mass surveillance operation affecting everyone. They are collected by the networks, retained for a year, and handed over to the police and other bodies on request.

Professor Steve Peers, of the University of Essex and Statewatch, points out that although the system is incredibly sweeping, it doesn't stigmatise anyone because every phone call is going to be subject to this.

It's no longer just the individuals who are suspect of, or connected to, or convicted of a crime who are subject to some sort of additional surveillance beyond which they would traditionally have been subjected to. As regards to data retention, as regards to fingerprints, as regards to passenger records, it's everyone or a very large percentage of the population subject to the hoovering of that information.

This is cogent analysis. Mobile phones and email are used by everyone, including terrorists and other criminals. The data can be instrumental in tracking down criminals, with the caveat that having a bigger haystack does not make it easier to find a needle. But it misses one perverse effect - those who will be stigmatised in the future are those who don't have traffic data retained.

Lack of traffic data is what becomes suspicious. There are already two documented cases in Europe where not carrying a mobile phone was considered one of the grounds for arrest.

On 31st July 2007, in Brandenburg and Berlin, Germany, the flats and workplaces of Dr. Andrej Holm and Dr. Matthias B., as well as of two other persons, were searched by the police. All four were charged with "membership of a terrorist association" and are alleged to be members of a so-called 'militante gruppe' (mg):

According to the arrest warrant against Andrej Holm, the charge against the four individuals was justified on the following grounds:

• Dr. Matthias B. is alleged to have used, in his academic publications, "phrases and key words" which are also used by the 'militante gruppe';

[...]

• The fact that he - allegedly intentionally - did not take his mobile phone with him to a meeting is considered as "conspiratorial behavior".

On 11th November 2008, 150 French anti-terrorist police officers swooped on the 330-inhabitant village of Tarnac to arrest four men and five women aged 22 to 34, since nicknamed the 'Tarnac Nine'. These 'brilliant students' were living in a farm and ran a grocery store. All but one have been released. They were accused of "criminal association connected to a terrorist enterprise". French Interior Minister Michèle Alliot-Marie (MAM) was in the news soon after:

The Interior Minister is convinced of having saved France by nipping a revolution in the bud. For MAM, the defendants are the seed of Action Directe.

"They have adopted the method of clandestinity. They never use a mobile phone. They managed to have, in the village of Tarnac, friendly relations with people who could warn them of the presence of strangers," said the minister.

In the village, people laugh at this statement. One of the defendants rented an apartment above the town hall. "Is it a clandestine method?", asks Jean-Michel, who goes on: "Can one be labelled terrorist because he does not have a mobile phone?". Here, mobile reception is poor.

Combat fraud and increase customer satisfaction

More from The Register

next story
EU: Let's cost financial traders $400m a day, because EVIL BANKERS. Right?
Wait 'til this one hits your pension fund where it hurts
Systems meltdown plunges US immigration courts into pen-and-paper stone age
Massive outage could last four weeks, sources claim
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Judge halts spread of zombie Nortel patents to Texas in Google trial
Epic Rockstar patent war to be waged in California
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.