You can ring, but you can’t hide: mobile phone tracking of user locations

This was the first of several articles I wrote on mobile phone tracking of users for Guardian Online, with later articles on services using the same technology to track children, and to let the emergency services locate callers.

First published in the Guardian’s Online supplement, Thursday 29 November 2001 titled ‘You can ring, but you can’t hide’

More than half the population of this country carries a tracking device. Its records can be accessed by police officers, intelligence authorities, customs officials and Inland Revenue inspectors. Crimes, unpaid taxes or government dues can be investigated using this information. The data is held for several months: in some cases, for several years.

We carry these devices voluntarily. They are called mobile phones.

Last March, the mobile network Orange said it kept location information for six months and passed it on when obliged to by law, but wouldn’t discuss details.

Online can now reveal that the base station used by an Orange subscriber is retained at the beginning and end of every call, whether outbound or inbound, including calls to retrieve voicemail.

The system also records the base station used by the other person, if they are part of the Orange network. A call to its answering service produces a destination code of 65535.

This information was obtained under the Data Protection Act, which gives individuals rights to see data held on them. Orange staff repeatedly denied the existence of location data, then said it wasn’t covered by the Act. It took two months of inquiries, and countless telephone calls and letters, before the firm produced the document pictured opposite.

Approached for comment this week, the company said it trains its staff in data protection and privacy, and “is continually looking at ways of adapting its customer service in order to meet the fresh challenges brought about by new legislation and regulation”. But the firm refuses to provide the location of the base stations numbered in the document, saying this is not held against personal records and is “commercially sensitive”.

This is despite the provisions of the Data Protection Act 1998, which says: “An individual is entitled to have communicated to him in an intelligible form the information constituting any personal data of which that individual is the data subject.” It adds that when data “expressed in terms which are not intelligible without explanation the copy must be accompanied by an explanation of those terms”.

The situation is now under consideration by the Office of the Information Commissioner, which polices data protection law.

Each of the four UK mobile phone networks, Vodafone, Orange, BT Cellnet and One2One (also used by Virgin Mobile), controls several thousand base stations – BT Cellnet has more than 6,600 – through which subscribers’ calls are connected.

When a phone is switched on, and every few minutes when working, it sends out a signal, which you can hear on nearby sound equipment as a sequence of interference. All base stations of that network within range respond, and the firm allocates the phone to one station.

BT Cellnet will, for legal purposes, state that a call using one of its base stations was made from a phone within 35 kilometres of that station. John Fletcher, a senior consultant for the telecoms consultancy Analysys, says 35km is the “practical maximum” range for base stations used by a GSM 900 network, the kind operated by Cellnet and Vodafone. Orange and One2One operate GSM 1800 networks, which use base stations within half this range.

In practice, the base station is likely to be far closer. This can be because of hills shortening its range, but is usually because towns and cities have large numbers of stations to cater for the greater demand.

“You may find that the cell radius is collapsed to 500 or 600 metres,” says Fletcher. “Then there are picocells, 50 metres in radius, for office blocks or shopping centres.” He adds that networks plan urban coverage for different kinds of users, so an urban motorway might feature a base station positioned to cover a long stretch of road, with other smaller cells positioned for pedestrians.

So the base station provides a fairly accurate idea of a user’s position, especially within cities. As a precise locator it is fallible, as a network may not allocate a phone to the nearest station, particularly if congested.

However, the Orange data showed consistency for calls made from this reporter’s home in central Bath: all went through base stations 39307 and 39308.

It also shows how cells can change within a few hundred yards. Two calls made on separate days from Bath Spa railway station, less than half a mile to the south, used base station 20428.

Even without the location of the base stations, a user could employ this data to prove his approximate location, if he had previously been witnessed connecting through the base station cited.

Law enforcement authorities can obtain both the data and the location of the numbered base stations. Under the Regulation of Investigatory Powers Act of last year, such an application has to pass a test of “necessity”. “It is an invasion of someone’s privacy, so proportionality is the key,” says a home office spokesperson.

But the reasons for application are wide: from national security, to crime, preventing disorder, public health and safety, emergency protection of an individual’s physical or mental health, through to assessing or collecting any tax or other charge due to a government department. Law enforcement authorities contacted by Online refused to discuss how applications work.

Although the anti-terrorism bill which was rushed through parliament isn’t going to change the conditions for access, it is set to allow communication providers to retain this data for longer. The provisional figure is a year and the home secretary can make retention compulsory through secondary legislation.

This may affect Orange, which currently retains location data for six months. Vodafone already keeps it for a year, BT Cellnet for “at least a year”, and Virgin Mobile has retained it since its foundation in November 1999. It plans to hold such data for six years, citing financial regulations. One2One refused to disclose its retention period. Other than this information, none of the networks would discuss location data further than to say they complied with the law.

Location data can be useful in fighting crime. There have already been a number of high-profile cases where mobile phone records have been sought by police. However, savvy criminals are increasingly buying unregistered prepaid mobiles, or stealing other people’s, in order to escape the tracking abilities of their mobile phones. And there’s a wider point. “The fundamental question is whether, in a democratic society, it is necessary to track everyone’s movements and store them for long periods of time, to prevent and detect crime,” says Caspar Bowden, director of the think-tank the Foundation for Information Policy Research.

“The police have no compunction about lobbying for these retention powers in secret, but there should be a wider debate about basic values needed to preserve liberty,” he says, adding that judicially authorised retention of data on named individuals would be preferable.

Location data is getting more accurate. BT Cellnet already offers traffic news based on which base station the caller uses, and the potential for such services would be greatly increased by tighter accuracy. One bright idea is that phone users could get text messages from shops as they passed them, with special offers enticing them inside.

More usefully, accurate location data could save lives. A call to the emergency services from a mobile cannot be traced accurately, unlike one from a landline: if a mobile caller rings off without giving a location, little can usually be done. The US authorities recently told mobile makers to include technology to solve this problem. This could also help motorists who break down.

To achieve this, phones could be fitted with GPS (global positioning satellite) technology, which can be accurate to within a few feet. However, this would increase the cost of mobiles.

Or networks could use triangulation, requiring no phone upgrades. This long-standing technique uses time-delays and strengths of radio signals between a transmitter and at least two base stations to calculate the user’s position.

Analysys’s John Fletcher says triangulation would be possible with existing network hardware, although it would require new software and procedures, and be less accurate and reliable than GPS, although far more accurate than the current system.

“This is under active investigation,” he says. “The first thing would be location-based tariffs. Vodafone introduced these in 1992, but withdrew them when it realised the phones didn’t always use the cell nearest the home address.”

Networks charging by location, would presumably retain your exact location with your billing information – and if data is retained, the police can see it.

Given everyone from MI5 to the tax man can check out where you have been, why are the networks reluctant to release it to you in an intelligible form, or even discuss its existence?

Analysys’s John Fletcher thinks this reticence dates from the networks’ race to establish coverage. “It was advantageous to keep their locations quiet,” he says. “Now, I think there are two reasons: physical security of assets from vandals or extortionists, and public concern over microwave radiation.”

Rupert Battcock, an IT lawyer at Nabarro Nathanson, adds another: “Telecoms providers may fear they will be flooded with requests: maybe that’s why they are reluctant to do this.

“But if they have facilities to provide it to someone else, such as the police, and it can be shown to qualify as personal data, I’m hard-pressed to see how this request could be denied.”