Feeds

NSA: Yes we 'experimented' with US mobile tracking. But we didn't inhale

Huh - Euro snoop systems are on constantly

Top 5 reasons to deploy VMware with Tegile

Analysis The US National Security Agency has recently admitted to experimenting with bulk collection of mobile phone locations, but denied it ever actually used the information.

This is unlike its European contemporaries, which apparently devolved the task of collecting mobile phone data to the network operators years ago.

The NSA project was an unsuccessful pilot, according to the spooks' Director of Intelligence, James R Clapper. He told the Senate Judiciary Committee about the experiment on Wednesday, but denied there was any ongoing analysis of the data the NSA covertly slurped, as the New York Times explains.

But in Europe, network operators are obliged to keep the very same data, just in case law enforcement fancies a look at it.

Back in 2009, a German politician requested access to his location data from T-Mobile. Following various legal challenges the operator eventually complied and the newspaper Die Zeit put it together into an animated map which shows just what the European authorities can do, if they're minded to.

The difference – and it's an important one – is the presence of judicial oversight. An agency wanting access to European phone records, which are kept for at least a year, has to apply through the nominated Single Point of Contact (SPOC) which is actually a significant, if whispered, department within every police force and network operator, ready to supply thousands of requests for data every week.

Requests have to be proportional to the crime being investigated and are generally restricted to "was this phone in this location at this time" but can vary. A suspicious death connected to the owner of a particular phone may warrant the authorities slurping its location data for the last 24 hours, while an abducted child might warrant an urgent check for current information.

One of the key deterrents against agents of the state engaging in fishing expeditions is the price charged by mobile operators for access to the data they hold. Naturally, speedy access to data and access to large swathes of it tends to attract higher fees.

Exactly how much they charge, they won't say. Operators are only supposed to cover their costs. The fact that a budget is needed for every enquiry helps prevent the more obvious checking up on lovers, and the like which the NSA has admitted occurs in its network.

Most of us trust the police, and most Americans (just about) trust their government, but we might not trust the individuals who comprisethese bodies. Perusing the Facebook page of an old partner is almost irresistible. Imagine how much more seductive it would be if one could overhear their phone calls too. Such a system needs robust oversight to prevent humans succumbing to their natural tendencies.

The problem here isn't that the NSA was tracking phones, or that it requested data from internet companies; the problem was that it did so in the shadows.

Here in Europe we're doing much the same thing, on a bigger scale and with more success. It's hard to count foiled terrorist plots, but the same rules solve numerous crimes every day. Most of us don’t want to hide our location from the police or the secret services – but we might want to hide from the humans who make up those forces. ®

Security for virtualized datacentres

More from The Register

next story
'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
More alleged private, nude celeb pics appear online
Home Depot ignored staff warnings of security fail laundry list
'Just use cash', former security staffer warns friends
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
BitTorrent's peer-to-peer chat app Bleep goes live as public alpha
A good day for privacy as invisble.im also reveals its approach to untraceable chats
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.