back to article US cops point at cell towers and say: Give us every phone number that's touched that mast

US telecoms giant Verizon says police are increasingly asking it to cough up massive dumps of cellphone data rather than individual records. This according to the latest Verizon US transparency report for the first half of the 2017 calendar year. The dossier tracks government requests for phone records both of individual …

  1. corestore

    Why do they think they NEED to store that information long-term? It's transitory by nature!

    As always, the best thing an organization which cares about the privacy of their customers can do is **not store the data in the first place**. If they haven't got it they can't be compelled to hand it over.

    1. Anonymous Coward
      Anonymous Coward

      @corestore

      If I told you, I'd have to kill you...

      Just kidding.

      Actually there is value.

      It allow the police to build a map and identify travel within an area. (tower to tower over time.)

      It also allows you to build a picture over time. Is the number someone just passing thru or if they are a local.

      It also gives you a pattern of when someone was in the area.

      There are other patterns but you get the idea.

      1. Old Used Programmer

        Re: @corestore

        That explains (at least in part) why the *cops* want the data. It doesn't explain why the carrier would store some of the data being asked for. The answer to that question is probably that the regulators (at the behest of the various alphabet agencies) are requiring them to do so.

        1. InNY
          Big Brother

          Re: @corestore

          Just think of the money to be made from advertising. Compare the registered address of the phone owner with where they are. Up scaling? Down scaling? Real estate agents; removal firms; insurance brokers; car dealers and so on. They'll all pay good money for that data.

          Just visiting? Regularly? Car dealers; insurance agents; coffee shops; supermarkets and so on.

          All you have to know is that no matter where you are or what you are doing, someone, somewhere is trying to figure out a way to make money off you. It's quite amazing how many succeed...

          Big Brother, complete with sponsors messages...

        2. Field Commander A9

          Re: It doesn't explain why the carrier would store some of the data

          The cops required for the carriers to keep this data(At least that's case here in China).

          1. K

            Re: It doesn't explain why the carrier would store some of the data

            Also if you've ever worked at a tech company, you'll know that data is "gold".. They hoard it, slice it, dice it and monetise it!

            From that data alone, they can generate a map of where you hang out, what shops you visit etc etc, then try to find a way of making money from it (via advertising, selling it etc).. even if they anonymise the data, it still has value to somebody.

          2. Anonymous Coward
            Anonymous Coward

            Re: It doesn't explain why the carrier would store some of the data

            I get people storing large amounts of data in the email server . Some even see the wastebin in outlook as a great place to store information. It seems to be a measure of how important they are.

            "I'm very important so I have top keep all my emails for six years. Its because of data protection . No , wait its cos of health and safety , its one of those catch all excuses anyway"

            "ah so that's why you need all these 'Party next friday' word documents with the 10mb jpgs in?"

        3. Ian Michael Gumby

          @old used programmer Re: @corestore

          Actually it does.

          Cell phone companies have multiple towers in an area. They need to route traffic between towers as well as determine where they need a new tower if the area is heavily congested.

          For example, where I live, during the evening rush hour out of the city, I have calls dropped, even though our building has a telco's mast.

          Its gotten better, however there are still some days where calls get dropped.

          The cell companies will want to be able to determine load on the system and track usage.

          Is the load due to a special event? Or is the load due to every day commuters. You really can't depend on an aggregation because you don't know who's a regular and who's just visiting the area.

          There's more, but you should get the idea.

          1. Donn Bly
            Boffin

            Re: Cellular Coverage

            For example, where I live, during the evening rush hour out of the city, I have calls dropped, even though our building has a telco's mast.

            Your phone is not connecting to the mast on your building. Being under a mast, or within a half kilometer of one, is one of the worst areas you can be for cellular coverage. A base station antenna is something like a lighthouse -- you have to be some distance from the the tower to see the light directly.

            Typically the beam width on a base station antenna is 15 degrees or less with a downtilt aiming the center of the lobe down below the horizon. At 60 meters high you need to be over 400 meters away before it can "see" your phone. Any less and you are picking up a reflection or side lobe which will be unreliable for communications. Shorter towers of course lower those numbers, but being below the antenna is still the worst place to be.

        4. art guerrilla

          Re: @corestore

          @ old previously-owned proggy-

          AND, for bonus points, i defy you to *try* to access any of 'your' data Big Telco has on YOUR account...

          had a situation where i had to 'prove' i called a certain state office about an employment matter, and they -effectively- claimed i did not do so... went to 'my' (sic) Big Telco who I PAY MONEY TO FOR SERVICE, if they would kindly provide my phone call records for about a 3 month period...

          first, took going up the hierarchy and yelling and stamping my foot to get ANY response, and that response was 'no'... um, say wha ? those are 'my' records, of 'my' calls, WHY can't i have a copy of said records ? ??

          well, not sure, but they were damn well NOT going to give me the records until i both wrote them a snail mail letter threatening legal action, as well as contacted a state rep... not sure what changed their mind, but they did relent and provide said records...

          (which 'proved' my case, and made the state acknowledge the validity of my claim...)

          what i *thought* should have been a simple request and easily fulfilled response, became a protracted and maddening process of punching at smoke...

          grrrr, me hates me some Big Telcos...

      2. Anonymous Coward
        Anonymous Coward

        Re: @corestore

        "It allow the police to build a map and identify"

        Remember this is not the UK, it's the US where they shoot first and ask later. It is highly doubtful that kind of intelligent can build anything or even identify anything.

        Just to put some intelligent into this case, why didn't the police just give information to the telecoms giant and let them search it for them? It doesn't take that much brain-cells to notice it is a lot quicker and cheaper (just pay the telecoms) than to get hold of a few billion log records that still need to be manually searched. It is like they are not really trying to solve a case like racing against the clock.

        1. Roger Varley

          Re: @corestore

          So morale of the storey is that if you are out and about for some nefarious purpose (like armed robbery), don't take your mobile phone with you. Or, better still, take someone elses.

        2. Anonymous Coward
          Anonymous Coward

          Re: @corestore

          Seriously "they shoot first and ask later"?

          Yet some how in my city, (only 80k population) the cops do their job and haven't shot anyone yet this year, last year, maybe not in the last 20 years. But hey, don't let facts get in the way of your prejudices. City of Nashua, NH.

          1. Someone Else Silver badge

            Re: @corestore

            But hey, don't let facts get in the way of your prejudices. City of Nashua, NH.

            Can the same be said for Nashua, CA? Or Nashua, MT? Or even Nashua, IA? Don't let your prejudices get in the way of the facts.

        3. Ian Michael Gumby

          @AC Re: @corestore

          Sorry mate, I have to down vote you.

          How much do you want to bet that this is also happening in the EU and the UK?

          Hypothetically, if you wanted to find a bad actor who frequently changed phones, how would you do it?

          One idea would be to monitor the cell phone traffic in the area as well as monitor when the bad actor was in the area. While you don't know the specific cell number, you can, over time eliminate phones in the area based on their usage pattern. Thus limiting the cell phones that could be used by the bad actor.

          Then you can get a warrant to use StingRay and find said phone.

          You can't give the information to the telcos and have them search because you risk the investigation being blown or the bad guy being tipped off.

          Also consider that it could be a terrorist cell at work. So you could be racing the clock.

    2. a_yank_lurker

      @coresstore

      Part of the reason for storing the records is financial. Depending on one's plan there might still be roaming charges or other usage charges based on location. So the telcos have to keep detailed records of all phones pinging off their towers for accurate billing and must keep them for a period of time in case of billing disputes. This is mostly legacy but there might be a few older or dirt cheap plans that have roaming charges.

      I do question why the local Stasi and their feral counterparts need all the numbers that pinged a tower. It seems as if the doughnut eaters are being lazy and not asking the correct questions. If they have some idea of the phone id/number or the general travel direction they can ask a narrower question that should reduce the amount of data they need to dig through. Even if they do not know the specific phone, if they know the general direction someone fled (e.g. north), check for the records of those phones that moved north at about the right time from tower to tower. It will be far fewer than a general dump.

      1. FozzyBear

        Re: @coresstore

        There is another reason and that is smaller teleco's will rent infrastructure off the larger providers. That means keeping track of all the numbers utilising that tower for any reason. The utilisation may not be billable to the customer but that can be to another telco.

      2. SundogUK Silver badge

        Re: @coresstore

        If a firearm is used in location A and later again in location B, and the only mobile number that has been at both locations is number nnnnnn then bingo! You probably have your perp's mobile number.

        1. Hans Neeson-Bumpsadese Silver badge

          Re: @coresstore

          Another case I can see is this.... You know your pep's phone number. Looking through logs of *all* phones attaching/detaching from a tower, can you see any other numbers which attach/detach at the same time as the perp's? That could help you identify other phones used by said perp, and you may want to dig more deeply into those as well.

        2. strum

          Re: @coresstore

          >bingo! You probably have your perp's mobile number.

          Or the guy he was shooting at.

          For every problem, there is a solution which simple, straightforward - and wrong.

        3. JK63

          Re: @coresstore

          You have a possible suspect. You don't have a perpetrator until you can establish a lot more information. Unless they're using data from multiple towers, you haven't established that the person is actually at the locations of the shooting, just at the nearest tower.

          What you don't have is a case, but rather a coincidence.

      3. Teiwaz

        Re: @coresstore

        I do question why the local Stasi and their feral counterparts need all the numbers that pinged a tower

        Seems obvious - take said list and run a search for known numbers of perps or potentials they want to pull in - if they pop up on the ping list, they have their excuse to pull them in and see if they can get the 'ole' slipper to fit'.

    3. Prosthetic Conscience

      Because everyone is jumping on the "big data" wagon.

    4. Random Q Hacker

      They "need" to store it because police and spooks pay good money for the data. Selling out their customers to the government is another revenue stream:

      "AT&T stores customer data as far back as 2008, and charges from $100,000 to over $1 million a year for law enforcement agencies to access this data. This program, called Project Hemisphere, gives law enforcement access to your phone records without a warrant, at the cost of millions of taxpayer dollars."

      http://www.popularmechanics.com/technology/security/a23567/att-phone-records-police/

  2. veti Silver badge

    Who doesn't love saying "I told you so"?

    Anyone remember the heady days of, ooh, 2005 or so, when Americans used to sneer at Brits for being so heavily surveilled by cameras?

    "Just you wait", I told them. "We're pioneers. Your authorities will learn from ours, and when they build their own systems, they'll make ours look petty and amateurish by comparison."

    Welcome to the future.

  3. Anonymous Coward
    Anonymous Coward

    If you are a bad-un all you need to do is:

    1. Turn off your mobile during times of nefarious activities.

    2. Turn it back on when well away from said activities.

    Plausible deniability unlocked.

    1. eldakka

      Re: If you are a bad-un all you need to do is:

      Actually, that would be a clue in and of itself.

      Better would be to leave the phone turned on, but at home, while you are out and about doing nefarious things.

      1. Nick Kew

        Re: If you are a bad-un all you need to do is:

        Actually, that would be a clue in and of itself.

        Damn, yes. I must be a very dodgy criminal every time I switch the thing off for the theatre or a concert.

        1. Prosthetic Conscience
          Big Brother

          Re: If you are a bad-un all you need to do is:

          Damn, yes. I must be a very dodgy criminal every time I switch the thing off for the theatre or a concert.

          You might be one day! Was the showing pre-approved?! WHO WERE YOU WITH?!

          1. BongoJoe

            Re: If you are a bad-un all you need to do is:

            Damn, yes. I must be a very dodgy criminal every time I switch the thing off for the theatre or a concert.

            You might be one day! Was the showing pre-approved?! WHO WERE YOU WITH?!

            Was it Les Mis? Then you're someone with revolutionary tendancies, as would be if it were Evita. And if it were Chicago then clearly you're hanging around with nefarious types.

    2. Will Godfrey Silver badge
      Unhappy

      Re: If you are a bad-un all you need to do is:

      @AC

      But how 'off' is off? If you can't remove the battery it's probably not off.

      1. Anonymous Coward
        Anonymous Coward

        Re: If you are a bad-un all you need to do is:

        "But how 'off' is off? "

        Burn it (wear protective gear and stand well back)

        Wrap it in tin foil

        Wrap yourself in tin foil

        Bury it at a cross road and hammer a stake into it.

    3. Anonymous Coward
      Anonymous Coward

      Re: If you are a bad-un all you need to do is:

      This means my wife's lawyers can use the data / metdata to link me to another so I'll use a burner phone. ;)

      AC, of course.

    4. Anonymous Coward
      Anonymous Coward

      Re: If you are a bad-un all you need to do is:

      Leave it switched on and attach it to a stray dog then use your phone finder to recover it.

      Then you can claim to be a bin dipper to the cops.

      1. Prst. V.Jeltz Silver badge

        Re: If you are a bad-un all you need to do is:

        "attach it to a stray dog then use your phone finder to recover it."

        Hmm, the makings of a new sport

      2. Anonymous Coward
        Anonymous Coward

        Re: If you are a bad-un all you need to do is:

        You could just affect a scouse accent.

    5. Jtom

      Re: If you are a bad-un all you need to do is:

      If you can go without the phone on, why take it at all? Leave your phone behind, with it turned on. Let it be 'proof' that you never left that area. Why didn't you answer your calls, assuming you recieved any? You were simply engaged in other activities (showering, on the toilet, showering, sleeping, etc.).

      If you need a phone during the commission of a crime, burner phones are cheap.

    6. Someone Else Silver badge

      Re: If you are a bad-un all you need to do is:

      Actually, you need to turn off your mobile, and remove its battery. What? Battery is soldered in? Well, you could pull the sim card.... What? No sim card either?!? I guess yer right fucked, then.

  4. Kreton

    UK Poolice one step ahead

    Britain's largest police force has been using covert surveillance technology that can masquerade as a mobile phone network to intercept communications and unique IDs from phones or even transmit a signal to shut off phones remotely, according to the Guardian.

    The system, made by Datong in the United Kingdom, was purchased by the London Metropolitan police, which paid $230,000 to Datong for "ICT hardware" in 2008 and 2009.

    1. An nonymous Cowerd

      Re: UK Poolice one step ahead

      Datong is quite a good uk export success company.

      I met Dr. David Tong on many occasions and have bought several of his excellent designs (not sure how much he's currently working there), but not their 'stingray' as they are fairly easy to make yourself!

      Strangely, a village cop-shop near me recently used a (warranted) GSM tower data-slurp to solve a death. A jogger was killed whilst out jogging at night in a black outfit in the rain. No witnesses. The police requested the data of all GSM terminals that went through the village that night, then went to visit the owners. They eventually found a little old lady with a slightly crumpled ancient Fiat, she remembered a bump but thought it was a pot-hole. That's one valid use for warranted surveillance. I'm not so keen on the unwarranted snooping, but hey, Gladio hardly ever occurred , no?

  5. whoseyourdaddy

    *cough* airplane mode *cough*

    If you're insane enough to not trust that, leave your phone at home next time you go on a murderous rampage.

    Instagramming it would just be weird.

    1. Charlie Clark Silver badge

      The point is that these requests cannot be related to individual events but only as part of surveillance and profiling of everyone in the area.

      I'm neither American nor a lawyer but I think it is an attempt to work around the restriction on mass surveillance of US citizens. Of course, the NSA probably already has a direct feed because why should they waste time getting warrants?

    2. Anonymous Coward
      Anonymous Coward

      in airplane mode apps can still activate gps and record position to be uploaded later when not in airplane mode

      1. katrinab Silver badge

        Maybe, but the phone company doesn't get that info

  6. Chris G

    Fishing

    Considering the growing number of requests, it looks as though the fuzz have software that allows them to fish a data dump.

    I imagine something similar can be done with ANPR data too.

    1. Prst. V.Jeltz Silver badge

      Re: Fishing

      you mean notepad.exe?

  7. Anonymous Coward
    Anonymous Coward

    The only good thing you can say about this

    Is that at least they appear to still need a warrant, even if it is granted almost automatically. If they stopped asking for warrants that's when we should be worried, because at that point we would be forced to assume they're getting a full real time dump of everything.

    I wish judges would exercise more discretion, and make them prove a much higher bar to justify a full dump over information for a few numbers.

    1. Charlie Clark Silver badge

      Re: The only good thing you can say about this

      What kind of judge would need to rubber stamp these kind of requests? An appointed one or one who might occasionally need to stand for re-election?

      1. Anonymous Coward
        Anonymous Coward

        Re: The only good thing you can say about this

        That's a good question, but I'm afraid I don't know the answer. Federal judges are life appointments, but if the city or state police build a case can they seek wiretaps from state appointed judges who may be elected depending on the state...anyone know?

        I think electing judges is a terrible idea, you don't want them to base their decisions on polling, only the law. Appoint them for life, and provide a way to for a supermajority of voters and/or legislators to kick them out if they do something outrageous.

  8. Pascal Monett Silver badge

    almost 150000 requests over 6 months

    That boils down to over 830 per day.

    I wonder how the Police still has time to catch petty criminals when they're sifting through mountains of data every day.

  9. Anonymous Coward
    Anonymous Coward

    Data for Sale

    In Norway, Telenor Mobile has just announced that they intend to sell this kind of stored data for analytics purposes. They are saying the data is anonymised, but even their example of using the data for traffic planning by seeing start and end points of journeys makes me sceptical given how much other data is openly available in the public domain in Norway. For example it's possible and easy to do a reverse lookup on a phone number, an address or even a car registration number and car journeys are increasingly tracked using the road toll network and an extension of this that can read your toll RFID tag at other random non-toll related points. Putting this all together with one of the best 4G networks in the world and a culture where they've been paying for everything electronically for decades and you're already living in 1984 or Minority Report!

    1. Prst. V.Jeltz Silver badge

      Re: Data for Sale

      You can find the owner , and by extension - address , of a car from its reg in Norway?

      That seems like a dangerous data breach / invasion of privacy.

      It basically means that all the time you are in public in your car you are wearing a huge sign saying your name and address!

      Given that situation I'm surprised you bothered hiding your already anonymous reg handle with AC :p

      1. Wupspups

        Re: Data for Sale

        > You can find the owner , and by extension - address , of a car from its reg in Norway?

        Not only that you can find out how much they earn and their tax returns as well (All tax and earnings have been public knowledge in Norway since the 1800s)

        https://www.theguardian.com/money/blog/2016/apr/11/when-it-comes-to-tax-transparency-norway-leads-the-field

        1. Gio Ciampa

          Re: Data for Sale

          Nothing the DVLA isn't already doing here...

        2. GrapeBunch

          Re: Data for Sale

          It's my way or the Nor Way. Looks like it's Nor Way. Speaking, of course, only for those who cannot speak for themselves.

  10. Anonymous Coward
    Anonymous Coward

    Makes me wonder

    If the police ever discard those dumps once they obtain them. A warrant to obtain the list for one reason and it could be used to implicate people for other reasons and... No search warrant required after the one used to obtain the data.

  11. Anonymous Coward
    Anonymous Coward

    Anyone seen the The Wire?

    Surely every perp knows about 'burner' phones...

    1. Munchausen's proxy
      Big Brother

      Re: Anyone seen the The Wire?

      "Surely every perp knows about 'burner' phones..."

      This isn't about perps. It's about YOU.

    2. katrinab Silver badge

      Re: Anyone seen the The Wire?

      If you can trace the movements of a burner phone, you can probably figure out who owns it, especially if you can combine it with information obtained from elsewhere.

  12. Aodhhan

    I'd like to see...

    I'd like to see the law enforcement agencies compile information to let us see how many arrests and convictions came from cases where they were awarded a warrant for cell phone monitoring.

    Also the numbers where the cell phone history assists in proving an individual's innocence of a crime.

    Hopefully the US government will never put up the same type of camera systems used in England. Most states here will not even allow cameras to be used to catch speeding drivers. So gathering the location history of a cell phone to prove someone's innocence or possible involvement of a crime isn't something which should be too hard to get.

  13. JaitcH
    Happy

    The Answer Is ...

    to respond with printouts from a crappy 9-pin dot matrix printer.

    Impossible to scan and too long to retype!

    1. John Brown (no body) Silver badge

      Re: The Answer Is ...

      Pah! The first OCR scanner I ever used was a manually operated one and it's default was for reading 9-pin dot matrix printouts line by by line, by physically pulling the scan head along a captive ruler. It dumped ASCII out of it's serial port and had limited typeface selection. It worked better after we ripped it apart and fitted the scanning head to a flatbed plotter. This all ran on a CP/M host computer :-)

  14. Anonymous Coward
    Anonymous Coward

    the boss most places

    we have all been there with a boss that doesn't know what they are doing. Must be plenty of bozo's still blocking a seat that ask someone to print off a vast document and get them to look through it and highlight a few lines here and there.

    Obviously the staff that say sod off will be viewed dimly whereas the eager to please will find themselves as a trusted lieutenant for many years till both are eventually canned purely by accident in an offshoring incident.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like