Skip navigation
Criminal Legal News
The Habeas Citebook: Prosecutorial Misconduct - Header

New Service Highlights Cellphone Privacy Issues

Loaded on Sept. 1, 2023 by Michael Thompson published in Criminal Legal News September, 2023, page 32
Filed under: Searches - Cellphones/Computers/Internet, Electronic Communictions Privacy Act, Privacy Act/Rights. Location: United States of America.

by Michael Dean Thompson

Corporations have turned cellphones into mobile snooping devices that monetize consumer habits and daily activity. A new service, Pretty Good Phone Privacy (“PGPP”), addresses some of the privacy concerns built into the cellular system.

The problem comes down to the architecture of the cellular networks, which were not designed with privacy in mind. Buried within the SIM card is an Internal Mobile Subscriber Identifier (“IMSI”), a globally unique code. The IMSI is used for many things, especially payment status. Essentially, the IMSI ties the device to the person.

Just about every second or so, your phone “pings” the nearby towers to discover which has the strongest signal, as well as which receives its signal best. Those pings carry the phone’s IMSI and generate a record that can be used to provide a rough triangulation of the phone’s location. While not as accurate as a GPS signal, it has found significant use by police who wish to establish the phone owner’s presence. The tower information is used by the carriers to route calls to and from the phone, as well as data requests. The carrier can tie the phone to a location when phone calls and text messages were sent and received, as well as plaintext data such as web searches and email, much of which are logged. Location data can reveal things about a user that corporations have no need to know, including political associations, habits, and religion. Far too much can all be extracted by drilling into cell tower affiliations and the IMSI.

Just as new technologies such as cellphones stepped forward to strip away any real sense of privacy, another set of technologies has come forward to guard it. Many of these tools have been around for ages, others are only just starting to mature. Secure tunneling, which is also known as a Virtual Private Network (“VPN”), allows a user to tunnel their data through an encrypted network connection. All the primary service provider sees is the device connecting to the VPN provider. At the endpoint of the VPN, however, the user is still susceptible to the VPN provider’s logging as well as the data the apps loaded on the device have collected and shared.

A newer privacy technology is the blind signature. When an author of an email or document wishes to state unequivocally that its contents are authentic, they can cryptographically sign the document while leaving it legible to anyone who wishes to read it. Should anyone alter the document, the signature would fail to authenticate. Unlike previous signature systems, blind signatures perform the same function but without the signatory’s identity embedded. Likewise, a zero-knowledge proof allows two people to communicate encrypted private data without needing to share their identities.

PGPP brings together some of these new and old privacy tools to sequester data transmissions. While PGPP can randomize the IMSI, traditional voice calls remain vulnerable to snooping. Nevertheless, with PGPP, a user can browse the web or send messages without PGPP knowing anything about the communication’s contents. For this reason, the tower operator cannot build information on the user. Neither can anyone demand information PGPP does not have. There is simply no way to consistently tie a user to the phone. As the ACLU said, “It cannot be sold, leaked, or hacked, let alone offered to overreaching law enforcement.” Unfortunately, PGPP will not work on iPhones, though Apple could fix that if they desired to do so.

There is a constant battle for your private data. In an age when predictive analytics can choose the song you want to hear next or the words you are most likely to type in your web search or text, and when advertisers can hyper-target 150 people from billions of users based on their specific preferences, we have to demand more privacy from the corporations who build our devices and provide the services upon which those devices rely. PGPP is a giant step in that direction, though still incomplete because privacy was ignored by those who designed the architecture all cellphones must use.   

Source: ACLU.org

More from this issue:

  1. Geofence Warrants: Little-Known Search Makes Innocent People Suspects Simply for Having a Phone Near a Crime Scene, by Douglas Ankney
  2. What’s ‘Sufficient’ Rehabilitation for Compassionate Release?, by Luke Sommer, James Lockhart
  3. Interrogating a Suspect With an Intellectual Disability Using the Reid Technique: Recipe for a False Confession, by Jo Ellen Nott
  4. Forensic Benefits of a Body Farm Facility, by Jordan Arizmendi
  5. Police Can Get More From Your Phone Than You May Believe, by Michael Thompson
  6. Surveilling AI’s Big Moment, by Michael Thompson
  7. Wyoming Supreme Court Reverses ‘Contempt of Cop’ Conviction Because Police Were Not Lawfully Performing Their Official Duties, by Richard Resch
  8. Sixth Circuit Suppresses Evidence Obtained as a Result of Warrant That Lacked Probable Cause of Criminal Activity in Arson Investigation, by Anthony Accurso
  9. Arizona Blowfly Database Develops Empirical Support for Time of Death Estimation, by Anthony Accurso
  10. California Court of Appeal Reverses Felony Murder Conviction Because Evidence Insufficient to Support Underlying Predicate Felony of Attempted Robbery, by Douglas Ankney
  11. Biased Algorithms Are Still a Problem, by Michael Thompson
  12. Probation Sentences Capped in Minnesota, by Jordan Arizmendi
  13. The Two Faces of the FBI and DOD Facial Recognition Program, by Carlo Difundo
  14. New York Court of Appeals: Constitutional Prohibition Against Restraining Defendant Without Explanation Remains in Force During Announcement of Verdict and Polling of Jurors, by Douglas Ankney
  15. No Discipline for NYPD Officers Who Deface License Plates in Apparent Attempt to Evade Tickets, by Douglas Ankney
  16. Massachusetts Supreme Judicial Court Casts Nearly 30,000 DUI Convictions in Doubt Due to ‘Egregious Government Misconduct’, by Jordan Arizmendi
  17. New York City’s DNA Gun Crimes Unit Reduces Turnaround Times for Gun Crimes by Half, by Jordan Arizmendi
  18. The Serious Threat of Cell-Site Simulators, by Michael Thompson
  19. Second Circuit Vacates § 924 Convictions Predicated on Attempted Hobbs Act Robbery, by Douglas Ankney
  20. New Study Proposes Biological Reasons May Cause Sudden Infant Death Syndrome, by Jordan Arizmendi
  21. Law Enforcement Using Technology That Accesses Live Video From Any Camera Connected to the Internet, by Jordan Arizmendi
  22. New Service Highlights Cellphone Privacy Issues, by Michael Thompson
  23. Mississippi Ends ‘Dead Zone’, by Jordan Arizmendi
  24. ‘Lab in a Box’ Provides DNA Results in Minutes, by Jordan Arizmendi
  25. Report Finds Older Prisoners in Maryland Are Less Likely to Be Paroled, by Jordan Arizmendi
  26. New Robotic Cops Patrolling in NYC, by Jordan Arizmendi
  27. Supreme Court of California: After Amendments to Three Strikes Law, Courts Retain Concurrent Sentencing Discretion for Qualifying Offenses Committed on Same Occasion or Arising From Same Operative Facts, by Douglas Ankney
  28. New York Court of Appeals: Call Intercepted on Wiretap Not Exempt From Statutory Notice Requirements Simply Because Same Call Captured on Separate, Consensual Recording by Jail, by Anthony Accurso
  29. Fourth Circuit Denies Defendant Faced ‘Classic Penalty Situation’ During Polygraph Questioning While on Supervised Release, by Anthony Accurso
  30. Seventh Circuit: Whether Right to Counsel ‘Attaches’ Is Not Dependent on Defendant’s Appearance at Probable Cause Hearing, by Anthony Accurso
  31. Sixth Circuit Holds Bump Stocks Not Regulated Under Machinegun Statute, by Anthony Accurso
  32. New Jersey Supreme Court: Third-Party’s Apparent Authority to Consent to Search Premises Does Not Extend to Defendant’s Personal Property Located on Premises, by Anthony Accurso
  33. Travis County, Texas, Efforts to Keep Mentally Ill Individuals Out of Jail Face Funding, Infrastructure, and Information Management Challenges, by Jo Ellen Nott
  34. Third Circuit: Pennsylvania Second-Degree Aggravated Assault of a Protected Individual Not a ‘Violent Felony’ Under ACCA, Court Acknowledges ‘Bizarre Result’, by Anthony Accurso
  35. From the Sad but True Files: Police Oppose Laws Prohibiting Cops From Lying to Juveniles During Interrogations, by Douglas Ankney
  36. Colorado Supreme Court Clarifies There Is No Per Se Rule Excluding Self-Serving Hearsay, by Matthew Clarke
  37. Collaborative Project Between Innocence Project and National Registry of Exonerations Produces Interim Report Reconciling Data Coding Discrepancies, by Casey Bastian
  38. New Montana Law Bans Warrantless Facial Recognition Surveillance, by Jordan Arizmendi
  39. News in Brief
  40. ‘Silos’ Can Keep Police Departments From Knowledge of Extent of Police Abuse and Consequences of That Abuse, by Matthew Clarke

More from Michael Thompson:

More from these topics:

 

 

Prison Phone Justice Campaign
CLN Subscribe Now Ad
The Habeas Citebook Ineffective Counsel Side