Opinion: Not where they think you are

Location data based on mobile-phone records is weak evidence

When recently questioned about (among other things) why he removed the batteries from his and his allegedly murdered ex-wife's mobile phones, legal counsel for Hans Reiser invoked a "geek defense" -- asserting that the developer known for his namesake file system is unable to stop doing nerdy analytical things that have the appearance of malicious calculation.

Whether Reiser is a harmless compulsive or a murdering fiend is a matter for the court to decide. However, I'm not impressed with the assertion that mobile phone activity and location data constitute reliable evidence.

With US telecommunication companies being pressured to provide metadata and to tap US calls to or from non-US points, or those that merely pass through the US, much of the furor has focused on the civil liberty issues and potentially illegal nature of the surveillance.

Instead of inconveniencing travelers to give the appearance of better security, however, this security theater's audience is the intelligence and law enforcement community. Beyond actual voice recordings of known people, telecommunication companies feel pressured to provide information that is more accurate than they actually have, and the intelligence analysts and prosecutors are at risk of believing it.

Mobile identity?

I am not my phone. Due to a confluence of events, I happen to have six GSM mobile phones right now, only one of which has my identity attached to it. I have an old and new phone for work because a long-term client is switching carriers at the end of this month; a new personal phone, and a backup I brought with me in case I broke it on a long trip. Another two I bought secondhand at a local market last week for about $20 each, because I couldn't make up my mind about which to get my son for his first phone.

Only my client -- not the telephone company -- knows who has which phone, and trades are commonplace. Moreover, one of my personal phones has a prepaid SIM I bought for cash in Europe. Both of the secondhand phones came with activated pay-per-use subscriber identity module (SIM) cards in them.

Outside of the US, in places ranging from proper stores in London to dusty alley markets in Damascus, a new SIM card can be had with no questions for the equivalent of a few dollars. Those who don't wish to be identified often trade SIM cards along with their retail affinity cards, library card, and Oyster or SUICa transit cards.

The truly paranoid might buy several SIM cards for a single contact, and then give them away after each use -- a voice version of one-time pad encryption. Whether a mobile phone is identified by a SIM card or the handset's electronic serial number, assuming it strongly identifies a particular person is a misconception based on a US-centric technology and sales model that died years ago.

1 2 3 Page 1
Page 1 of 3
7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon