ProPublica

Journalism in the Public Interest

Cancel

That’s No Phone. That’s My Tracker

Cellular systems constantly record the location of phones in their networks, data treasured by police and advertisers alike. The surveillance and privacy implications are simple: If someone knows where you are, they probably know what you are doing.

(Flickr/matsuyuki)

7/20/2012: This story has been updated.

This story was co-published with The New York Times.

This story is not subject to our Creative Commons license.

The device in your purse or jeans that you think is a cellphone — guess again. It is a tracking device that happens to make calls. Let’s stop calling them phones. They are trackers.

Most doubts about the principal function of these devices were erased when it was disclosed Monday that cellphone carriers responded 1.3 million times last year to law enforcement requests for call data. That wasn’t even a complete count, because T-Mobile, one of the largest carriers, did not initially reveal its total. It appears that millions of cellphone users have been swept up in government surveillance of their calls and where they made them from. Many police agencies don’t obtain a search warrant when requesting location data from carriers.

Thanks to the explosion of GPS technology and smartphone apps, these devices are also taking note of what we buy, where and when we buy it, how much money we have in the bank, whom we text and e-mail, what Web sites we visit, how and where we travel, what time we go to sleep and wake up — and more. Much of that data is shared with companies that use it to offer us services they think we want.

We have all heard about the wonders of frictionless sharing, whereby social networks automatically let our friends know what we are reading or listening to, but what we hear less about is frictionless surveillance. Though we invite some tracking — think of our mapping requests as we try to find a restaurant in a strange part of town — much of it is done without our awareness.

“Every year, private companies spend millions of dollars developing new services that track, store and share the words, movements and even the thoughts of their customers,” writes Paul Ohm, a law professor at the University of Colorado. “These invasive services have proved irresistible to consumers, and millions now own sophisticated tracking devices (smartphones) studded with sensors and always connected to the Internet.”

Mr. Ohm labels them tracking devices. So does Jacob Appelbaum, a developer and spokesman for the Tor project, which allows users to browse the Web anonymously. Scholars have called them minicomputers and robots. Everyone is struggling to find the right tag, because “cellphone” and “smartphone” are inadequate. This is not a semantic game. Names matter, quite a bit. In politics and advertising, framing is regarded as key because what you call something influences what you think about it. That’s why there are battles over the tags “Obamacare” and “death panels.”

In just the past few years, cellphone companies have honed their geographic technology, which has become almost pinpoint. The surveillance and privacy implications are quite simple. If someone knows exactly where you are, they probably know what you are doing. Cellular systems constantly check and record the location of all phones on their networks — and this data is particularly treasured by police departments and online advertisers. Cell companies typically retain your geographic information for a year or longer, according to data gathered by the Justice Department.

What’s the harm? The U.S. Court of Appeals for the District of Columbia Circuit, ruling about police use of tracking devices, noted that GPS data can reveal whether a person “is a weekly church goer, a heavy drinker, a regular at the gym, an unfaithful husband, an outpatient receiving medical treatment, an associate of particular individuals or political groups — and not just one such fact about a person, but all such facts.” Even the most gregarious of sharers might not reveal all that on Facebook.

There is an even more fascinating and diabolical element to what can be done with location information. New research suggests that by cross-referencing your geographical data with that of your friends, it’s possible to predict your future whereabouts with a much higher degree of accuracy. This is what’s known as predictive modeling, and it requires nothing more than your cellphone data.

If we are naïve to think of them as phones, what should we call them? Eben Moglen, a law professor at Columbia University, argues that they are robots for which we — the proud owners — are merely the hands and feet. “They see everything, they’re aware of our position, our relationship to other human beings and other robots, they mediate an information stream around us,” he has said.

Over time, we’ve used these devices less for their original purpose. A recent survey by O2, a British cell carrier, showed that making calls is only the fifth-most-popular activity for smartphones; more popular uses are Web browsing, checking social networks, playing games and listening to music. Smartphones are taking over the functions that laptops, cameras, credit cards and watches once performed for us.

If you want to avoid some surveillance, the best option is to use cash for prepaid cellphones that do not require identification. The phones transmit location information to the cell carrier and keep track of the numbers you call, but they are not connected to you by name. Destroy the phone or just drop it into a trash bin, and its data cannot be tied to you. These cellphones, known as burners, are the threads that connect privacy activists, Burmese dissidents and coke dealers.

Prepaids are a hassle, though. What can the rest of us do? Leaving your smartphone at home will help, but then what’s the point of having it? Turning it off when you’re not using it will also help, because it will cease pinging your location to the cell company, but are you really going to do that? Shutting it down does not even guarantee it’s off — malware can keep it on without your realizing it. The only way to be sure is to take out the battery. Guess what? If you have an iPhone, you will need a tiny screwdriver to remove the back cover. Doing that will void your warranty.

Matt Blaze, a professor of computer and information science at the University of Pennsylvania, has written extensively about these issues and believes we are confronted with two choices: “Don’t have a cellphone or just accept that you’re living in the Panopticon.”

There is another option. People could call them trackers. It’s a neutral term, because it covers positive activities — monitoring appointments, bank balances, friends — and problematic ones, like the government and advertisers watching us.

We can love or hate these devices — or love and hate them — but let’s start calling them what they are so we can fully understand what they do.

Update:

An earlier version of this story said T-Mobile had refused to reveal how many cellphone data requests it received from law enforcement. Based on additional information from T-Mobile and Rep. Ed Markey, D-Mass., it has been updated to say the company did not initially reveal its total. After the story appeared, T-Mobile responded that it had privately provided a number to Markey’s office before the congressman, on July 9, publicly reported that other cell companies had answered 1.3 million data requests from law enforcement last year. Markey’s office said T-Mobile declined repeated appeals to make the company’s number public, so the office agreed to keep it confidential. The figure — 191,000 requests in 2011 — was not included in T-Mobile’s May 23 letter of response to Markey, who had written to nine carriers asking for the data. In an email to ProPublica, company spokesman Glenn Zaccara explained: “Because each carrier has different ways of calculating the total number of lawful requests, we were initially concerned the comparison could lead to an inaccurate portrayal.” T-Mobile did not respond to specific questions about conversations with Markey’s office. Zaccara said T-Mobile gave the number on July 9 to TR Daily, a subscription-only trade publication.

Is there any way that we can control the GPS signal? Can we turn it on when we need directions and off when done?

Nope. Not unless you pull out the batteries.

Actually, on an htc evo at least, you can turn off gps, I keep mine off unless I need directions.

T what extent does ProPublica track it’s readers? To what extent does ProPublica provide user information to marketing companies that also provide marketing services for left-wing political causes?

We know ProPublica blocks use of proxies in comments, which evades users who prefer to avoid being tracked. To what extent does ProPublica filter responses on an IP basis in an effort to skew public impressions of reader’s responses?

The requests that are being discussed in this article aren’t being made for GPS data from the phone but for cell tower data from your carrier.  You cannot stop them from storing this data and tracking you unless you stop connecting to the cell towers (by turning off your phone).

Cell phones leak all kinds of data, not just your location.  Third party applications can copy your contact list, read your text messages, and access your photo’s.  The fact is that you cannot trust your cellphone, you cannot trust the software that runs on it, and you cannot trust the network that it connects to.

I care as much about my privacy as anyone, but I have to say that this article is packed with misinformation.

It claims that “these devices are also taking note of what we buy, where and when we buy it, how much money we have in the bank, whom we text and e-mail, what Web sites we visit, how and where we travel, what time we go to sleep and wake up — and more.” But actually, the only information available to the phone company (or anyone other than the cell phone owner) is the location of the phone and the numbers that are texted or called. Maybe the contents of texts and calls, with a warrant.

Later it says, “Shutting it down does not even guarantee it’s off — malware can keep it on without your realizing it. The only way to be sure is to take out the battery. Guess what? If you have an iPhone, you will need a tiny screwdriver to remove the back cover. Doing that will void your warranty.” I’ve heard of no malware that can make a phone appear to be off when it’s on. It certainly doesn’t exist for iPhones, so in fact you can be sure of turning them off without removing the battery. Finally, opening the back does not void the warranty (a common misconception with no basis in fact).

Most cellphones also have an option to turn off the GPS (or location services). But cell phone companies can still identify your general location, based on which tower you connect to.

So, the gist of this article should have been, “Cell phone companies can keep track of where you are and who you contact. This makes it possible to spot trends in your movements and those of everyone else around you. Law enforcement agencies often get access to this data, sometimes without warrants. This is scary if you are worried about the emergence of a police state.” This is a legitimate argument, but rather briefer and less hysterical than the article.

You could always wrap your phone in tin foil when you’re not using it.  While you’re at it, probably safest to make a hat of the stuff as well.

Nancy J Padgett

July 14, 2012, 1:37 a.m.

This article appeared also in the New York Times on-line. I read it on July 15, 2012. Right below the article was “an ad by Google” which states:

“Track Any Cell Phone
Remotely track any cell phone online. Get Call and Message Logs now.
http://www.CellPlus.com/Phone-Tracking”

For me, this says it all.

I also just read it in the NYT online.  My complaint with the article is lack of clarity.  Yes, I see that if you’re connected to the internet, all kinds of data on the phone is available, but what if you aren’t ever connected to the internet with it?  What if you have no Apps running?  What if you use the phone as a phone only?  Is this a bit like warning everybody of the dangers of Facebook?

Here’s a good phrase description for these phones, “Freedom Killers.” Honestly, those of you who post comments questioning the validity of the story have no concept of what government and corporations do, or are too content and complacent from taking their money. Prosecutors drink the data streams from your phones like milk, it makes their difficult jobs easier. Police suck it down like roaches at a sugar pile. Can you blame them? Their caseloads are in the extreme numbers and our legislatures are way too busy catering to the whims of the rich to actually take the time to investigate this crucial matter. Enforcement agencies are extremly underfunded and need this technology to give them the opportunity to catch and convict the real criminals, but the innocent ones, we just get sucked up into data stream until someone with bad intentions opens one eye, comes in our direction, and wipes away all of freedoms with single click of a button. You could be at a job interview for very important position, and all of the sudden data about a long term health condition pops up on your potential employer’s screen that you never get to see. Your friend does bad things you never knew about, but your cell phone ping shows you met with him on a few occasions. The police show up at your work posing questions to your employers. Your reputation has been tainted, but you never get told why it happened, it remains on someone computer screen, the one you never get to see.

I’m taking the battery out of “Freedom Killer” and throwing it into the garbage. Paying $100 or more a month to give up my constutional rights is not what I signed up for. I’m going to carefully read my cell phone service contract, look for a provision that states I have surrendered my constitutional rights to privacy and that my cell phone service provider has all access and rights to my private information, if its not in there, I’m sending service provider a letter that they are breach of contract, will stop payment immediately, and that I expect them to comply with all applicable state and federal discovery rules in anticipation of litigation so that I can later go through their smelly records and exposed them for their being the foul rats that they’ve become.

This did not have to be this way. Cell phone companies could have easily sat in their board rooms and decided to do the right thing. When the question came around table “should we track our customers, record their personal data, and sell it to the highest bidder” they could have easily said no or let’s give our customers the choice of whether we can track them and sell their data. But no, greed overpowered any common sense or pride they may have once held in our nation’s rich heritage of the protection of individual liberty and freedoms.

Think you are powerless to stop them? Threaten them. See what they do. At first it will be a few calls and a lowly phone operator threatening to sue you, but after a couple thousand phone calls and people yelling on the streets holding up their “Freedom Killers” in protest, they will panic and give in to whatever we want. You have more power than you think. It’s in your pocket and in your head. Once you wake up, it’s game over for them. A clause in their endless contracts is placed in bold letters. “The company will not tread on my individual liberties and freedoms and sell my personal data to the highest bidder without my informed consent.”

For those of you who are still asleep, it’s 2012, the fictions you read in high school about companies and governments taking away your freedoms and liberties have all become true. At your doorstep are simple questions that the government and companies are paying billions to convert into irrelevant emocons concerning matters that will keep you divided, confused, and apathetic. The real questions, the ones they are afraid of you knowing about, are “do you value your freedoms and liberties as guaranteed to you and your children by the consitution of the United States? Should you do something to stop the flood of cash that is corrupting our governments and sucking away our freedoms and liberties, or go back to sleep in front of your iphone?” How you answer them, will affect not only you and your loved ones, but grandchildren and great grandchildren. What will they say about you? Will thier eyes tear up with pride as they recount the heroic and peaceful efforts you made on their behalves, or will they shrug their sholders, pick up their personal data tracking devices, never tasting the liberties and freedomes that our forefathers bravely died to defend.

Everyone already knows cell phones are trackers, and that “smart” phones simply expand the tracking capabilities of the old text-less versions. The convenience and instant gratification of having all of those mobile capabilities far outweigh our fears of surveillance risk for the most part, and most of us aren’t dumb enough to risk insecure connections in conducting financial transactions with them. We also know that we’re increasingly losing privacy through our use of these devices as well as home internet, but also realize the only non-criminals left who may have some real privacy are jobless hermits living off the grid. Any sensible criminal will continue using burner phones.

If the ACLU still exists down the line, perhaps another supreme court ruling on privacy may take place in the very distant future. I’ll be dead by then.

Stephen: Your solution is stellar! I’ve made my hat in the shape of a helmet. :)

I hear lot of people compare social media as an opportunity for governments to keep tabs on people like Big Brother in George Orwell’s novel Nineteen Eighty-Four.

In China, it is the reverse that is true: Big Brother wants to stop any conversation they cannot control. There’s a worldwide struggle to control the conversation, the focus and meaning. Fortunately, there’s a diminishing monopoly on information not only by the government in China, but also here in the US as people are directly engaging in conversations without the need for some middleman on television who interprets what it all means.

“Tracker” sounds sort of sporty, like gamesmansip.

“In just the past few years, cellphone companies have honed their geographic technology, which has become almost pinpoint.”

You could call smartphones “pointers”. They point to who you’re calling, they point to where you’ve been, and they point to where your money goes, and they tip off those who want or like to get into other people’s business.

Prepaids mask identity?  Not if the investigator knows your habits.  In the electronic or real world you’re known less by your name than what you do, your own “network.”  Some researchers have shown that they can guess 99% of the time where you’re heading knowing only the first two turns you make out of your neighborhood.  What real-world detectives do is even easier to do in the electronic realm. 

The only privacy protection that’s possible is what the (law requires the) courts deny as evidence (see Judge Posner’s writings on the fact that sand and rust don’t violate privacy, only carbon (protein) can).

We’re returning the static, no strangers, small town of 150 years ago where everyone knew your name, and all your childhood weaknesses - and if you didn’t grow out of them, your adult character better than your own mother.

What about making regular use of “Airplane Mode” - the seeting intended to comply with the requirements to NOT connect with other devices while in flight.

I have used this in the past on camping trips to save battery for when I need it. Could that mode also reduce the amount of location sharing?

While Mattias is correct in principle, that is, the phone company only tracks your location, these tracking devices are also loaded with apps that are often hungry for your personal information—credit card numbers, addresses, contacts, etc., and security on these devices is pretty junky when you get right down to it.

Yes, you can turn off some of the tracking features but then what’s the point in having the “smart” part of the smartphone/portable computer in the first place then?  Turning them on only when you need them, as someone above suggested, is certainly feasible but it’s a pain and most people will just give up and let the phone take over their privacy.

The best course of action is to simply not have one.

I don’t have a cell phone and I seem to be surviving.  Yes, I’m an old geezer who grew up when there were still “party lines” and dial phones (we had both up until the time I left home for college!) and I admit I’m not as plugged in to the mobile digital age as those who were born more recently, but I’ve also worked on the cutting edge of research computing for a good fraction of my adult life and understand both what a boon and what a danger computers can be.

Oddly enough, I’m not as worried about the government tracking my every move (I also worked for a time in the Civil Service and know how competent the government can be) as I am resentful of the fact that my habits, likes, and dislikes are being recorded in some database (or, more accurately, multiple databases), datamined by anonymous and unaccountable algorithms, and then used against me to pursuade me to buy junk that I don’t need or, quite likely, to deny me (or price out of my reach) things like insurance that I do need.

Pre paid phones are not a hassle at all. I have had one for years because I refuse to pay over $75./ month for a cell plan.
Every 3 months I can buy a card or log on and add time or add time straight from the phone. Easy, simple and very cheap.
Would I like an iPhone? Yes. Am I willing to pay so much for a smartphone? No.

All I can say is ‘duh’. FINALLY this is being brought to light. You got GPS or bluetooth? Guess what? I, this commonplace internet user, can track you, hack into your files, steal your pictures and all your personal info that YOU willingly gave your cellphone company. All I have to do is find the right program, download it, and BAM! I found you. You remember that old sci-fi notion where the government placed barcodes on the back of all their citizens necks? Got an I-phone? Ladies and gentleman, you have your barcode.

There are always processes running on mobile phones.  Think back a year or so ago when Apple was busted for having a non-encrypted list of every cell tower your phone used.  There was an outcry.  The solution was simply to encrypt it, not to stop creating the list.  Then after that, it was found that Google’s Android mobile did the same thing.

Then throw in fancy and new Near Field Communication where instead of using a credit card to swipe for payment, you just wave your mobile.

I don’t think turning off the GPS will solve the problem as in an emergency situation like being lost while hiking, the authorities can have it remotely activated so they can rescue you.  It sounds like a great thing until you start wondering who you can trust.

The lapses are so easy, too.  I worked at a video store in college.  On a boring day, it was nothing to search the computer and see if your old elementary school teacher had and account and what she rented.  It was innocent and harmless invasion of privacy.  Now you walk around with much more private information in the palm of your hand.

Perhaps most interestingly, try to use a social networking site like Facebook while using TOR.  They will fight like the devil to keep you out.  Why?  Because they don’t know where you are or what you are doing.

I mentioned most of what I know on the topic in the article on the providers’ extent of cooperation with law enforcement, so I won’t repeat myself beyond repeating the point that the phone companies can turn your phone on remotely (as was done on behalf of the FBI for a mob case), and with a smartphone, they can log in and do whatever they like.

However, there are a couple of other issues to consider.

There was a TED talk over the weekend (I don’t have access to provide a direct URL, but go to ted.com and scan the front page for the title referring to GPSs) discussed that we’re on the verge of millimeter-granular GPS—“on the verge” as in the science is trivial, and just not being manufactured.  That means reporting not only that you’re at a bar, but by asking for the entire tower, we can see who’s sitting next to you.

The same talk briefly discusses jamming (which is illegal, though easy to build with plans online) and spoofing (which isn’t, but expect it to be on some vague claim of potential terrorism).  Of course, as always, the problem is that making something illegal doesn’t stop the criminals from using it.  It just stops us from protecting ourselves.  (Encrypting and timestamping GPS signals might stop the criminals, however, if that ever happens.)

As to “airplane mode,” it’s hard to say.  Since receiving GPS information is passive, it could record it and send your history out on the next reconnect.  That also may have implications for anyone making an adorable tinfoil hat for your phone to protect it.

Brian also makes an important point, too, that you WANT the GPS signal broadcast, in case you have an emergency when you’re alone.  If you pass out in a quiet place, you don’t want to rely on waking up, unwrapping your phone, and reconfiguring the GPS signal for someone to find you.  The signal isn’t the problem.

As noted by a few people, it’s also not just GPS.  Facebook and Google try to wring every last piece of information out of you that they can, including who you know, where you are, what you look like, what aliases you use, and so forth, without worrying in the least about GPS signals.

The problem is officials getting this information (and much more, as that Occupy protestor is finding out) without a warrant and private companies recording it for unclear means that you didn’t explicitly agree to.

To Gen’s point, there’s an enormous market for cellphone hacks, exploits bought in many cases for six figures by organized crime and governments.  This is also (absurdly) illegal.  It’s noteworthy that such a thing is never discussed in the various cybersecurity bills, whereas giving blanket immunity for companies tattling on you for “suspicious behavior” is the centerpiece.

Steve, I agree in that I don’t have a cellphone, either.  However, people like us do need to realize that some people’s lifestyles no longer allow that option.  For example, there’s an entire class of jobs where you get fired if you’re not instantly available 24/7, usually staffed by people who can’t get a better job.  Kids can’t be released from school without parental consent, even in an emergency, in some parts of the country, and “abandoning” them could trigger a visit from CPS.

Plus, while it’s not my thing, they’re far more convenient than carrying change for a payphone, a watch, some maps, a calendar, and so forth, and then worrying about what to do in an emergency.

Why worried about all that if I don’t have nothing to hide? Just let them s**!

You’re right, Gino.  Everything that people have written that they’re worried about couldn’t possibly apply to you because the rest of us must be breaking the law.  Nobody innocent has ever been arrested or convicted of a crime.  Criminals never steal this information to attack people.  And nobody is ever sarcastic in comments…

This article was the straw that broke the camels back for me, and I finally did away with my smartphone. In reality, I have no need to hide, but I don’t need people tracking me. I also don’t need an smartphone either.
The only question I have about the article is the section where it mentions that one can buy a prepaid cellphone that doesn’t require an identification. I spoke with a friend that works at a phone company and they said that under the Patriot Act they aren’t allowed to sell a prepaid phone to anyone without proper identification, citing that the individuals who planned the 9/11 attacks were using that very method. Is this true, or is my friend misinformed?

Yep.  Thanks again, Blair!  Our office weirdly blocks TED under, I assume, a theory that engineering types shouldn’t be learning about stuff…

But yeah, in there, you’ll see the science behind getting GPS down to millimeter accuracy, the logical progression in size, a reference to a buildable jammer, and the science behind spoofing the signal to look like you’re somewhere else.  For anybody who has an interest in the field, it’s a good way to waste fifteen minutes or so.

Pre-paid dumb phone.  Purchase it and minutes with cash.  $25 every three months.  Small enough to fit in the watch pocket of my jeans unlike those big ass smart phones.  Wouldn’t want an iPhone if it was free.

I read this article from my iPhone

Wrapping it in aluminum foil or putting it in a metal case isolates you from having the phone pinged while it is encased.

After wrapping your phone - try calling it from another phone.  Mine never receives the incoming call and, a call in progress is shut down once the phone is wrapped.

Just wrap your cell phone with aluminum foil and it will not be able to receive or transmit on any network.  Simple and easy solution.  Uncover to use the phone, cover to leave network connection.

Is it possible to buy a prepaid phone now without a tracking device and without using your real name? Do phone companies even allow that. I buy prepaid minutes on my phone, only because I started doing this a way long time ago. But it dawned on me that maybe now they might start asking for ID, I don’t know.

“Prepaids are a hassle, though. What can the rest of us do?”

If the question is rhetorical, then the answer is ‘nothing’. But if not, the answer for now is ‘get an Android phone model that is well supported by the white hat hacker community and hack it into near invisibility.’

Like buzzards circling around this matter are axioms about getting out what you put in. In their role as consumer, people who want their cake and eat it too, who want the magic of mobile functionality without any personal responsibility or burden of self-protection, they are bound to be taken advantage of by carriers, governments, technology providers, and malicious hackers.

If the predictions of 100 years of sci-fi and the histories of corporate greed and government surveillance did not give you a clue, then get one now.

Assume that if you will use a modern cellphone or smartphone, that you will need to

1. actively choose one that lets you take maximum control of its function and electronic visibility, and

2. commit to take and maintain that control, or

3. tacitly submit to the invasion of your privacy by parties who knowingly act at your expense.

There are a few things one can do short of getting rid of your hand-brain tracker.

1. Run Cyanogenmod 7 instead of stock Android (iPhone users probably like being tracked). CM7 has a thing called “permission management” which allows you to, for example, prevent a ring-tone app from reading your phone number and sending text messages. (It appears at this point that CM has bowed to, and I quote, “the powers that be”, meaning Google, who apparently demanded they remove it in future versions such as CM9.)

2. Run CM7 or, failing that, another ROM with the P-Droid patch and app. P-Droid is another type of app permission management.

(More info about the above topics can be found via duckduckgo.com search or at xda-developers.com).

3. Use Orbot and Orweb for less-trackable browsing.