Feeds

NSA: Yes we 'experimented' with US mobile tracking. But we didn't inhale

Huh - Euro snoop systems are on constantly

The Power of One eBook: Top reasons to choose HP BladeSystem

Analysis The US National Security Agency has recently admitted to experimenting with bulk collection of mobile phone locations, but denied it ever actually used the information.

This is unlike its European contemporaries, which apparently devolved the task of collecting mobile phone data to the network operators years ago.

The NSA project was an unsuccessful pilot, according to the spooks' Director of Intelligence, James R Clapper. He told the Senate Judiciary Committee about the experiment on Wednesday, but denied there was any ongoing analysis of the data the NSA covertly slurped, as the New York Times explains.

But in Europe, network operators are obliged to keep the very same data, just in case law enforcement fancies a look at it.

Back in 2009, a German politician requested access to his location data from T-Mobile. Following various legal challenges the operator eventually complied and the newspaper Die Zeit put it together into an animated map which shows just what the European authorities can do, if they're minded to.

The difference – and it's an important one – is the presence of judicial oversight. An agency wanting access to European phone records, which are kept for at least a year, has to apply through the nominated Single Point of Contact (SPOC) which is actually a significant, if whispered, department within every police force and network operator, ready to supply thousands of requests for data every week.

Requests have to be proportional to the crime being investigated and are generally restricted to "was this phone in this location at this time" but can vary. A suspicious death connected to the owner of a particular phone may warrant the authorities slurping its location data for the last 24 hours, while an abducted child might warrant an urgent check for current information.

One of the key deterrents against agents of the state engaging in fishing expeditions is the price charged by mobile operators for access to the data they hold. Naturally, speedy access to data and access to large swathes of it tends to attract higher fees.

Exactly how much they charge, they won't say. Operators are only supposed to cover their costs. The fact that a budget is needed for every enquiry helps prevent the more obvious checking up on lovers, and the like which the NSA has admitted occurs in its network.

Most of us trust the police, and most Americans (just about) trust their government, but we might not trust the individuals who comprisethese bodies. Perusing the Facebook page of an old partner is almost irresistible. Imagine how much more seductive it would be if one could overhear their phone calls too. Such a system needs robust oversight to prevent humans succumbing to their natural tendencies.

The problem here isn't that the NSA was tracking phones, or that it requested data from internet companies; the problem was that it did so in the shadows.

Here in Europe we're doing much the same thing, on a bigger scale and with more success. It's hard to count foiled terrorist plots, but the same rules solve numerous crimes every day. Most of us don’t want to hide our location from the police or the secret services – but we might want to hide from the humans who make up those forces. ®

Designing a Defense for Mobile Applications

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.