Feeds

Pre-paid Chinese users still anonymous despite new law

What countries permit you to have an ID-free phone?

High performance access to file storage

For the last 12 months it has been illegal to buy a mobile phone in China without presenting ID, but Chinese customers seem as reluctant to be identified as everyone else.

Just like Google, the Chinese are concerned about the use of false, or non-existent, identities in the online world. Rumours abound that local versions of Twitter will soon require real names to be used, and since 1 June one can't even get a high-speed train ticket without presenting a state-issued ID, but attempts to lock down the identity of mobile phone users have proved more challenging.

China's real-name registration system was introduced a year ago, in an attempt to reduce the number of anonymously owned phone numbers, but an investigation by local publication IT Times demonstrates that Chinese retailers are more than willing to help customers fake the data to get the sale.

Unlike contract phones, prepaid accounts don't need to be connected to a named individual: no credit is given so no one has to be responsible for that credit. It is not anonymity which drove the popularity of prepaid accounts, but the lack of credit check and paperwork certainly contributed along with the utility for those who need to watch every penny they spend. But the lack of real identities attached to these accounts also means no one knows who the users are.

With the notable exception of the USA, prepaid accounts dominate almost everywhere in the world, and governments are starting to demand an identity to go with every phone number. The idea is to help prevent crimes – from crank-calling to terrorism – being committed anonymously, but opponents argue that such crimes going unpunished is a price worth paying for a little anonymity.

Some countries simply passed laws requiring existing users to identify themselves, or face being cut off. China instead adopted a policy that only required new purchases to be backed with a valid state ID number. The idea was that renewals and replacements would gradually migrate the customer base into being identified, but the policy has proved no more effective than the hard line adopted elsewhere.

The reporter from IT Times visited various mobile retailers in China, and found that they would happily provide fake details to get the sale, with one online retailer even boasting:

"Our SIM cards aren't recycled from other people, and they aren't all registered using one name over and over. These are new cards, automatically registered with a fake name and ID number so you don't have to worry about getting spam text messages or other disturbances."

In the UK one can still get a phone anonymously, though the operators don't like it and incentivise their retailers (with cash) to get customer's details. Operators want those details so they can sell us stuff. According to mobile-advertising specialists Blyk, the most valuable piece of information about you is where you live (with sex and age coming a low second and third respectively), so it's something the operator wants to know.

It's also something the government wants to know, though anecdotal evidence from India and Bangladesh (two countries where anonymous sales are forbidden) is that SIMs are still routinely sold without an accompanying identity, or with the most perfunctory check on the details. In many developing countries customers frequently own more than one SIM, to take advantage of differing tariffs. So in Pakistan (for example) buyers are limited to purchasing four SIMs at a time, and required to present identity documents, but SIMs are often sold on many times – so the ability to identify the original purchaser becomes of limited value.

Swiss Telecom (now Swisscom) pioneered the anonymous prepaid phone, but in 2004 it switched to an all-identified system – and the Swiss would never seek to circumvent such a law.

Other countries, including France, have always required an ID check before a SIM could be sold, thus avoiding the problem entirely. Germany introduced such a requirement in 2004, though it seems very few Germans were calling anonymously anyway. Virgin Mobile brought anonymous telephony to the USA in 2002, and despite various attempts to impose an identity requirement it is still possible to buy an anonymous phone in the USA.

It's not clear what percentage of prepaid mobile phones remain anonymous, in the UK or anywhere else, but criminals can obviously obtain unregistered SIMs just about anywhere with varying degrees of effort. Only the operators have the exact figures, but it does seem that bribing customers (and, more importantly, retailers) can be extremely effective in gathering the required data.

When proposals for a British government database were rumoured last year the outcry was such that the Home Office felt it necessary to issue a statement saying that no such thing was planned. When an operator has a genuine financial incentive in knowing who its customers are then it will find out, so it is perhaps that specific incentive which is missing from China rather than enforcement of a year-old law. ®

High performance access to file storage

More from The Register

next story
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
Broadband Secretary of SHEEP sensationally quits Cabinet
Maria Miller finally resigns over expenses row
Skype pimps pro-level broadcast service
Playing Cat and Mouse with the media
Beat it, freetards! Dyn to shut down no-cost dynamic DNS next month
... but don't worry, charter members, you're still in 'for life'
Like Google, Comcast might roll its own mobile voice network
Says anything's possible if regulators approve merger with Time Warner
EE dismisses DATA-BURNING glitch with Orange Mail app
Bug quietly slurps PAYG credit - yet EE denies it exists
Turnbull leaves Australia's broadband blackspots in the dark
New Statement of Expectations to NBN Co offers get-out clauses for blackspot builds
Facebook claims 100 MEEELLION active users in India
Who needs China when you've got the next billion in your sights?
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.