On Sunday, the Washington Post published an expose revealing that private companies are peddling surveillance systems to foreign governments that track the location of cell phone users in the US and abroad. The report raised a basic question: How can this be happening when cell phone companies generally promise not to disclose their customers’ location information without their consent? The main problem is that location information is available on a global network that can be accessed by thousands of companies. And in the wake of the Post story, US cell phone companies are refusing to discuss how this squares with their privacy policies, or say what they are doing to keep their customers’ whereabouts confidential.
Here’s what’s going on: Carriers collect location information from cell phone towers and share it with each other through a global network called SS7. This allows a US carrier to find a customer even if she hops a plane to India. But according to thePost, surveillance systems makers have gained access to SS7 and are using it to grab location data, allowing these firms to pinpoint people within a few city blocks.
It’s not clear how private surveillance companies have obtained access to the network. Major cell carriers sell SS7 access to other providers, as do third party companies. Karsten Nohl, a cryptographer and telecommunications researcher based in Berlin, says that these players, some of their business partners, and “anybody hacking any of the above” can send and receive SS7 messages. Albert Gidari Jr., an attorney at Perkins Cole who specializes in privacy and technology, says that it’s likely that a surveillance company could get access by representing itself as a provider.