Mobile / Cell Phones and Privacy

All mobile phones have a unique 15 digit identifying number called the International Mobile Equipment Identity (IMEI). This number is hard wired into your phone and is unconnected with its sim card. Changing sim cards does not change the IMEI number. (SIM cards hold a separate identifier called the IMSI number). You can find your phones IMEI by entering *#06# into the phone. This web site allows you to check some of what is known about your phone. The IMEI number is used to block the use of stolen mobiles and monitor usage.

The IMEI number of older phones can be changed using equipment which is available on the internet. The IMEI number of phones produced in the past year is encrypted and, at the moment, cannot be changed. The UK government is planning to introduce legislation to make it illegal to offer to change an IMEI.

When you make a call your phone sends its IMEI number to your operator and that is logged. Your operator therefore has a record of your calls and that is linked by the IMEI to a specific phone. If you have a contract then the phone is easily linked to you. If you have a PAYG phone it is still easy to link your true name to your phone by simply looking at the list of numbers you have called, or have called you, and making a few enquiries.

If you leave your phone turned on your operator also knows approximately where your phone is at all times. It knows that because the number of the nearest phone mast is also logged. It therefore follows that if you knew the IMEI numbers of a group of suspects that you could tell whenever they congregated, because they would all be in the reception area of the same mast.

One of the UK mobile phone operators retains traffic data for six months. The other three retain it for twelve months. The UK Anti-Terrorism Crime and Security Act of December 2001 included a provision for telephone companies [and ISPs] to retain data for up to two years. However, this particular provision has not been brought into force and at the moment mobile phone operators are retaining data on a voluntary basis. The information they keep includes subscriber information and the following

All numbers or other identifiers associated with a call (e.g. physical/presentational/network
assigned CLI, DNI, IMSI, IMEI, exchange/divert numbers)
Date and time of start of call
Duration of call/date and time of end of call
Type of call (if available)
Location data at start and/or end of call.
Cell site data from time cell ceases to be used.
IMSI/MSISDN/IMEI mappings.
For GPRS & 3G, date and time of connection, IMSI, IP address assigned.
Mobile data exchanged with foreign operators; IMSI & MSISDN, sets of GSM triples, sets of 3G quintuples [GSM triples and 3G quintuples means access to the mobile phone encryption keys which protect your conversations].
global titles of equipment communicating with or about the subscriber. SMS, EMS and MMS DATA 6 months Calling number, IMEI Called number, IMEI Date and time of sending Delivery receipt

2 comments:

Mr. H.K. said...

Damn, that is interesting.

I guess much of this is the same technology used in the US.

Big Brother is watching...

Robert said...

I wish that the mainstream press would pick up on this. People need to know that their personal privacy is an endangered species.