Feeds

Telcos cough mobe tracking habits

AT&T knows where you were last summer and the summer before

Designing a Defense for Mobile Applications

The American Civil Liberties Union has compiled 381 information requests to establish who is slurping information from phone networks and what they're finding out.

The initial data reveals huge disparities between operators when it comes to how much information is stored and what is made available to the authorities. AT&T, for example, knows everywhere its customers have been since July 2008, and the details of every text message sent in the last five years, not to mention keeping videos of punters in its stores for a couple of months. All for the good of the people obviously.

Other operators clearly have smaller hard drives. Verizon deletes historical locations after a year, but does keep the contents of text messages for a few days. Virgin Mobile hangs onto text message content for three months, though it promises to only reveal them when presented with a search warrant. The other operators keep the details of the messages, but not the messages themselves.

In Europe, our rules on data retention are pretty standard: everything gets stored for six months and is available to the plod on request. That's currently being challenged in Germany, but American operators work under no such mandated obligation. The details over who gets access to what information can be decided on a state-by-state basis, which is why the ACLU has had to ask so many organisations what they're asking for and when.

The fact is that every one of us is voluntarily carrying a tracking device, all the time, as perfectly demonstrated by Malte Spitz who plotted his own movements on an interactive map having extracted them from his network operators. A mobile phone is now the second thing police pull from a corpse, yet it is more valuable than the wallet as it can establish movements prior to death, but concerns over misuse of the information are growing.

The ACLU has shown what operators know, and is in the process of finding out with whom they share that data, but it's up to citizens to decide if they care enough to do anything about it. ®

HP ProLiant Gen8: Integrated lifecycle automation

More from The Register

next story
Scotland's BIG question: Will independence cost me my broadband?
They can take our lives, but they'll never take our SPECTRUM
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Bring back error correction, say Danish 'net boffins
We don't need no steenkin' TCP/IP retransmission and the congestion it causes
NBN Co adds apartments to FTTP rollout
Commercial trial locations to go live in September
GoTenna: How does this 'magic' work?
An ideal product if you believe the Earth is flat
Samsung Z Tizen OS mobe is post-phoned – this time for good?
Russian launch for Sammy's non-droid knocked back
Telstra to KILL 2G network by end of 2016
GSM now stands for Grave-Seeking-Mobile network
Seeking LTE expert to insert small cells into BT customers' places
Is this the first step to a FON-a-like 4G network?
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.