Sophos Cloud Optix
Mobile phones broadcast their location even when they’re not being used to place a call or text and even when GPS is off, emitting signals sent to cell phone towers nearby from wherever we are in the world.
The US’ National Security Agency (NSA) is collecting and storing those locations in a vast database that contains the locations of at least hundreds of millions of devices, at the rate of nearly five billion records a day or two trillion records per year, according to newly released documents from Edward Snowden, the Washington Post reported on Wednesday.
The agency is able to track the movements of individuals and to map their relationships with others, the Washington Post made clear in a video simulation that showed glowing dots traveling in close proximity.
The NSA says it’s not interested in everyone’s data, but the agency collects it as broadly as possible using international authority.
Specifically, the NSA is using Executive Order 12333 to cover the data collection, according to the Washington Post’s Ashkan Soltani.
That order allows them to conduct any surveillance internationally as long as it’s not constitutionally prohibited.
A lawyer for an intelligence agency emphasized to the newspaper that location data are obtained by methods “tuned to be looking outside the United States”. In fact, he repeated that three times, the Washington Post reports.
When US cellphone data are collected, the lawyer said, the data are not covered by the Fourth Amendment, which protects Americans against unreasonable searches and seizures.
Many US persons’ locations are incidentally swept up into this bulk data collection in order to find hidden links to surveillance targets, the newspaper says.
Using its location databases, the NSA applies analytic techniques to find what it calls co-travelers: unknown associates traveling with or meeting with a known target.
The Washington Post has outlined here how the sophisticated data-mining analytics, known collectively as Co-Traveler, work.
As a mobile phone passes between cell phone towers, its location is triangulated by the NSA. If a person travels through a city that has lots of foot traffic, potential co-travelers will appear alongside as their own mobile device broadcasts its location to towers.
Using the co-traveler analytics, the NSA can enter a suspect’s name into their system and identify any other people physically located near that person or traveling with them, monitoring the global network of cell phone towers to do so.
How does one avoid being tracked by cell phone towers that track you even with GPS turned off?
Most consumers would likely imagine that turning off their handsets should prevent it from emitting or receiving a signal.
But since Snowden first began to release documents about the NSA, the possibility has arisen that the surveillance agency can trace even a phone that’s powered off.
From a Washington Post story published in July:
By September 2004, a new NSA technique enabled the agency to find cellphones even when they were turned off. JSOC troops called this "The Find," and it gave them thousands of new targets, including members of a burgeoning al-Qaeda-sponsored insurgency in Iraq, according to members of the unit.
This possible tracking of powered-down devices could well have informed the advice handed out earlier this year in a leaflet from the US State Department’s Bureau of Diplomatic Security, which warned those traveling to the Winter Olympic Games in Russia to be extremely cautious with communications.
The State Department said that business travelers should be “particularly aware that trade secrets, negotiating positions, and other sensitive information may be taken and shared with competitors, counterparts, and/or Russian regulatory and legal entities,” the document advised.
The department’s list of precautions for ensuring safe communications included removing batteries from phones entirely when not in use.
The state department’s advice might be nothing more than precaution. Then again, the US government could know for sure that powered-down mobile devices are trackable.
Either way, those who care about their privacy and don’t want to be swept up in surveillance dragnets, be it in Russia or anywhere else, should likely err on the side of caution and remove the batteries from their mobile devices whenever they don’t want their movements and relationships tracked.
Image of cell phone tower courtesy of Shutterstock.
Better yet, take a burner phone to make phone calls, with a minimal contact list, and a burner laptop if you absolutely need one. Don’t store corporate data on either. It means you can still be contacted if needed, but you’re not placing any potentially sensitive data at risk.
…do you have that kind of money to “burn”… most of us don’t.
Wasn’t this a Blackberry-related news story back in 2007? Bankers putting their batteries down on the meeting table — to prove no DF, remote mic, recording, etc?
Yep I remember reading about this way back in ’07.
For Americans, this should be the most troubling line of the article:
“When US cellphone data are collected, the lawyer said, the data are not covered by the Fourth Amendment, which protects Americans against unreasonable searches and seizures.”
According to whose definition of the 4th?
But as we all now know it’s immaterial anyway. Just get GCHQ on board for any activities that are inconveniently unconstitutional.
Surely if a device is switched OFF, not just in a ‘standby’ mode, it is not capable of sending or receiving any signals so it cannot be tracked. Not even by the phone company. If it is in its ‘standby’ mode, where it can receive incoming calls, then it can be tracked. The Off mode is almost like taking the battery out so it is impossible for it to send or receive calls/data/etc. That’s the way they are designed to work.
It can be tracked even if it is OFF. The only way, and the absolute only way to stop it is to take out your battery. In some phones, like the Nexus, you cant even do that!
Firstly let me say that there only appears to be a single source for the assertion that mobile phones that have been switched off can be tracked by the NSA. Nobody has proven it, explained it or demonstrated how it works.
So that’s our context.
Now within that context there is a fairly active discussion on-line along the lines of “if it were true, how could it be done?”.
One of the more popular theories is that it could be done with malware, perhaps a kind of hypervisor, that makes the phone appear to be off when it isn’t.
As Lisa notes in the article it’s interesting that the State Dept’s own advice is to take out the battery. This doesn’t mean that the NSA can monitor phones that are switched off or that if they can they’re doing it with malware but it does indicate that the State Dept don’t trust phones to tell you they’re off as much as they trust the physical assurance of distancing the power source from its contacts.
Thanks for the interesting article.
The question that concerns me most is this: Has the NSA saved any lives, or foiled any terrorism attempts through their surveillance?
If they have, then surely that justifies it. If they haven’t, then what’s their real agenda?
My second question: As a Brit, how concerned do I have to be by NSA surveillance? I mean, how could any information they have about me conceivably affect me – so long as I am law abiding? If it can’t, I’m happy with that. If it can, I’d like to know how.
Any light that you can shed, Lisa – greatly appreciated.
As a non-american (brit) , the NSA feels it can spy on every single aspect of your life whether you like it or not. And there is nothing you can do about it. And they have no intention of stopping. If they can get the information , they will , and keep it , and save it incase in 10 years you decide to get elected , then they can say “I don’t like your NSA attitude. Change your mind or we release the naked selfies you took with your girlfriend way back 10 years ago …”
“Law abiding” bit the dust as a concern the moment the NSA decided that american corperations should win all bids because they can be used as spies , and started in on the industrial espianoge.
Does that mean I can call the NSA and find out where my teenage daughter is?
Every time I hear you ranting on about the NSA listening to phone calls and other means of finding out who is trying to hurt us, my mind immediately goes to the pictures of American Citizens jumping out of the Towers on 9-11. The security service are not after someone having an affair they are after
the mad crazy individuals who want to change the way we live our lives
Get real,,,,, and put your efforts to building some product or other and make a profit so every one can have a better way of life
Everytime I hear someone make fun of the ranters , I wonder how much of American Innovation is actually American.
I mean seriously , if you’re listening in on every phone call in the world, and you’re commiting indistrial espianoge because you want american corperations everywhere, why would you *NOT* steal any trade secret that came your way and have one of your puppet corperations patent it before the original owners can ?
I have to wonder , is America really such a wonder land of innovation ? Or is the real harm that Edward Snowden committed that of preventing them from stealing inventions from all over the world and claiming it’s they’re own ?