Feeds

Pre-paid Chinese users still anonymous despite new law

What countries permit you to have an ID-free phone?

Intelligent flash storage arrays

For the last 12 months it has been illegal to buy a mobile phone in China without presenting ID, but Chinese customers seem as reluctant to be identified as everyone else.

Just like Google, the Chinese are concerned about the use of false, or non-existent, identities in the online world. Rumours abound that local versions of Twitter will soon require real names to be used, and since 1 June one can't even get a high-speed train ticket without presenting a state-issued ID, but attempts to lock down the identity of mobile phone users have proved more challenging.

China's real-name registration system was introduced a year ago, in an attempt to reduce the number of anonymously owned phone numbers, but an investigation by local publication IT Times demonstrates that Chinese retailers are more than willing to help customers fake the data to get the sale.

Unlike contract phones, prepaid accounts don't need to be connected to a named individual: no credit is given so no one has to be responsible for that credit. It is not anonymity which drove the popularity of prepaid accounts, but the lack of credit check and paperwork certainly contributed along with the utility for those who need to watch every penny they spend. But the lack of real identities attached to these accounts also means no one knows who the users are.

With the notable exception of the USA, prepaid accounts dominate almost everywhere in the world, and governments are starting to demand an identity to go with every phone number. The idea is to help prevent crimes – from crank-calling to terrorism – being committed anonymously, but opponents argue that such crimes going unpunished is a price worth paying for a little anonymity.

Some countries simply passed laws requiring existing users to identify themselves, or face being cut off. China instead adopted a policy that only required new purchases to be backed with a valid state ID number. The idea was that renewals and replacements would gradually migrate the customer base into being identified, but the policy has proved no more effective than the hard line adopted elsewhere.

The reporter from IT Times visited various mobile retailers in China, and found that they would happily provide fake details to get the sale, with one online retailer even boasting:

"Our SIM cards aren't recycled from other people, and they aren't all registered using one name over and over. These are new cards, automatically registered with a fake name and ID number so you don't have to worry about getting spam text messages or other disturbances."

In the UK one can still get a phone anonymously, though the operators don't like it and incentivise their retailers (with cash) to get customer's details. Operators want those details so they can sell us stuff. According to mobile-advertising specialists Blyk, the most valuable piece of information about you is where you live (with sex and age coming a low second and third respectively), so it's something the operator wants to know.

It's also something the government wants to know, though anecdotal evidence from India and Bangladesh (two countries where anonymous sales are forbidden) is that SIMs are still routinely sold without an accompanying identity, or with the most perfunctory check on the details. In many developing countries customers frequently own more than one SIM, to take advantage of differing tariffs. So in Pakistan (for example) buyers are limited to purchasing four SIMs at a time, and required to present identity documents, but SIMs are often sold on many times – so the ability to identify the original purchaser becomes of limited value.

Swiss Telecom (now Swisscom) pioneered the anonymous prepaid phone, but in 2004 it switched to an all-identified system – and the Swiss would never seek to circumvent such a law.

Other countries, including France, have always required an ID check before a SIM could be sold, thus avoiding the problem entirely. Germany introduced such a requirement in 2004, though it seems very few Germans were calling anonymously anyway. Virgin Mobile brought anonymous telephony to the USA in 2002, and despite various attempts to impose an identity requirement it is still possible to buy an anonymous phone in the USA.

It's not clear what percentage of prepaid mobile phones remain anonymous, in the UK or anywhere else, but criminals can obviously obtain unregistered SIMs just about anywhere with varying degrees of effort. Only the operators have the exact figures, but it does seem that bribing customers (and, more importantly, retailers) can be extremely effective in gathering the required data.

When proposals for a British government database were rumoured last year the outcry was such that the Home Office felt it necessary to issue a statement saying that no such thing was planned. When an operator has a genuine financial incentive in knowing who its customers are then it will find out, so it is perhaps that specific incentive which is missing from China rather than enforcement of a year-old law. ®

Security for virtualized datacentres

More from The Register

next story
TEEN RAMPAGE: Kids in iPhone 6 'Will it bend' YouTube 'prank'
iPhones bent in Norwich? As if the place wasn't weird enough
Consumers agree to give up first-born child for free Wi-Fi – survey
This Herod network's ace – but crap reception in bullrushes
Crouching tiger, FAST ASLEEP dragon: Smugglers can't shift iPhone 6s
China's grey market reports 'sluggish' sales of Apple mobe
Sea-Me-We 5 construction starts
New sub cable to go live 2016
EE coughs to BROKEN data usage metrics BLUNDER that short-changes customers
Carrier apologises for 'inflated' measurements cockup
Comcast: Help, help, FCC. Netflix and pals are EXTORTIONISTS
The others guys are being mean so therefore ... monopoly all good, yeah?
Surprise: if you work from home you need the Internet
Buffer-rage sends Aussies out to experience road rage
EE buys 58 Phones 4u stores for £2.5m after picking over carcass
Operator says it will safeguard 359 jobs, plans lick of paint
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.