Thursday, April 12, 2007

A cell phone is a physical tracking device

Every mobile phone, whenever it's turned on, is *already* a physical tracking device. *EVERY* mobile phone. Even when idle, phones periodically transmit "registration" messages to the base station so that the network will know where to deliver an SMS or inbound call message. (This is why airlines require phones to be completely shut off in flight; it's not sufficient to simply avoid making calls to prevent transmissions.)

In the old analog days, low user populations and lack of automatic wide-area roaming sometimes made it practical to "flood" paging messages over a network so that mobile registrations were not necessary. But flood paging has long become impractical in digital cellular networks.

Cellular networks have a perfectly legitimate need to know where you are, at least to the nearest cell sector, so they can do their job. The recent addition of GPS reporting to E911 calls increases the positioning accuracy still further.

And this is what's so problematical. Location data, like so much other personal data necessarily collected in the routine operation of modern communication networks, has both benign -- lifesaving, even -- and harmful uses.

At least the content confidentiality problem has an effective technical defense (end to end encryption) even if it isn't widely used. But there seems to be no such technological defense against the abuse of cellular location data. Your only choice is to turn your phone off, preferably by removing the battery, when you don't want to be tracked. If you turn it on, even for a moment, the system will again know where you are.

Another alternative is to forego a cell phone in favor of a one-way pager, if they're even still available. But should you answer a page, even with a pay phone, you could in principle still be tracked unless you encode your pages.

Phil Karn
Post a Comment