Mobile phones - the perfect tool for mass surveillance

Second article in my column “Brave new digital world” in Confidential.com.ni

image0 A life without mobile phones is almost impossible to imagine. People’s everyday life is highly influenced by these small communication devices. And even more in countries where big distances have to be covered, and/or economic interests would not be significant enough to build land lines. Even in the most remote areas of our blue planet, people rely on mobile phones to communicate.

The huge benefits of using the phones are usually the only side of the medal we see. But it is frightening to understand what negative implications mobile phones have to the privacy of everybody. It’s indeed “a spy-master’s dream”, as Julia Angwin, investigative journalist, explains in a BBC documentary, to which a lot of scientists, engineers and programmers, without really realizing it, have all volunteered to develop “the world’s best tracking device”.

The governments

All global voice telecommunication is generally based on the Signalling System #7 (SS7), a set of technical protocols, which allow phones to connect to each other. It is the gigantic network, where all telecommunication providers have access to. When it was built, no security had been implemented. There were only a few telecommunication providers, and they were either state controlled or really big corporations. But today everybody can be an operator, and therefore access to the SS7 is easy to get, especially for intelligence agencies or any other instance with the desire to spy.

The SS7 includes the technical specifications needed for mobile phones to work (like roaming and SMS).Those can be used perfectly to locate almost any person on the planet. There are even some grimy services to locate your loved ones, maybe your cheating partner. But it also means that suddenly almost everybody in the whole world is trackable, and when visiting another country and doing roaming, by default your location is constantly transferred over the system. The second, and broadly used, technique is silent SMS: within SS7 silent messages can be sent by any mobile phone and would not react to the user in any way; but it would generate the information necessary to locate a person. Police is doing this mostly when trying to locate criminals. But by Edward Snowden’s revelations about the National Security Agency (NSA), it is now known that this single institution gathers about 5 billion records every day from SS7 worldwide. Putting this into relation to a total world population of 7 billion people, we can imagine to what extend everybody is getting tracked. It is only possible, of course, because the NSA is connected to almost all main server nodes of SS7. But the NSA is not the only one: on national levels it is easy for law enforcement agencies, or oppressive regimes to get at least all the information running through telecommunication providers of their jurisdiction.

But not only the data about location of people, and who they communicate with are getting observed, also phone calls worldwide can be easily intercepted by these powerful parties. We actually all carry a microphone in our pockets, and there is no technical reason, why it shouldn’t be used for surveillance and listening to anything from it, even when not making a phone call. Obviously the same applies, to built-in cameras.

Private companies

But also the telecommunication providers themselves can use the data to obtain information about their clients, and they do that all over the world: At least by saving meta information about calls and messages in a greater extend as used to guarantee the functionality of their service. Unofficial information by employees of Movistar and Claro, both mobile providers in Nicaragua, let suppose that those two companies wouldn’t even delete the content of SMS messages, but save them forever.

Especially smartphones, mostly connected to the internet, are targets for much further information gathering by a lot of different, mostly private, parties: Providers of the build-in operation systems (such as Apple with iOS, Microsoft with Windows Phone and Google with Android) are constantly collecting information about the users, their contacts, phone calls, used applications and geographic position. But also the developers of programs and applications are taking way more information from the users than they would expect. To give one example: messaging applications, like WhatsApp, upload the user’s address book. This allows them to hold a very good database on a world wide phone directory, even if people would prefer not to use WhatsApp for that reason, their friends do, and therefore they are included into the directory.

Brave new world

We have built a system that allows tracking almost any person on this planet and we have not incorporated any suitable mechanism of control. We now know that all this is very out of control, but we are far away from being able to do anything about it.



Share on: Diaspora* | Twitter | Facebook | Google+ | Email