Right now, there’s a good chance your phone is tracking your location – even with GPS services turned off. This is because, in order to receive service, our phones reveal personal identifiers to cell towers of major network operators. This has resulted in a huge and largely unregulated data collection industry that aims to sell users’ location data to third parties without consent.
For the first time, researchers from the Viterbi School of Engineering at the University of Southern California (USC) and Princeton University have found a way to stop this data breach using existing cellular networks. The new system, which was presented at the USENIX security conference on August 11th, protects users’ mobile privacy while providing normal mobile connectivity.
The new architecture, called “Pretty Good Phone Privacy” or PGPP, decouples phone connectivity from authentication and billing by anonymizing personal identifiers sent to cell towers. The software-based solution, called “architecture change” by the researchers, does not change the hardware of the cellular network.
“We unknowingly accepted that our phones were camouflaged tracking devices, but until now we had no other option – using mobile devices meant accepting that tracking,” said Barath Raghavan, study co-author, assistant professor of computer science at USC. “We figured out how to decouple authentication from connectivity and maintain data protection while maintaining seamless connectivity, all in software.”
Decoupling of authentication and telephone connectivity
For your phone to work, the network currently needs to know your location and identify you as a paying customer. Therefore, both your identity and location data are tracked by the device at all times. Data brokers and large operators use this system to take advantage of the disclosure of sensitive user data – the United States does not yet have federal laws restricting the use of location data.
“Today, when your phone is receiving or sending data, radio signals go from your phone to the cell tower and then onto the network,” said Raghavan. “The networks can collect all of this data and sell it to companies or information-for-hire brokers. Even if you stop the app to track your location, the phone is still talking to the tower, which means the carrier knows where you are. Until now, it seemed like a basic thing that we could never get around. “
But Raghavan and study co-author Paul Schmitt, who recently moved from Princeton University to the USC’s Information Sciences Institute, found a way: they decoupled so-called authentication – who you are – from your phone connectivity. The most important takeaway: there is no reason why your personal identifier should allow you network connectivity.
Your new system works by breaking the direct communication link between the user’s cell phone and the cell tower. Instead of sending a personally identifiable signal to the cell tower, it sends an anonymous “token”. This is done by using a mobile virtual network operator such as Cricket or Boost as a proxy or intermediary.
“The key is – if you want to be anonymous, how do you know you are a paying customer?” said Raghavan. “In the protocol we developed, the user pays the bills and receives a cryptographically signed token from the provider, which is anonymous. Now the identity in a certain location is separated from the fact that there is a telephone there.”
Restoration of control
The duo, who founded a startup called Invisv, prototyped and tested everything in the laboratory with real phones. Crucially, their approach adds almost no latency and does not introduce new bottlenecks, thereby avoiding performance and scalability problems of other anonymity networks. The service could manage millions of users on a single server and would be seamlessly delivered to customers via the network operator.
Since the system works by preventing a phone from identifying its user to the cell tower, all other location-based services – like finding the nearest gas station or contact tracking – continue to work as usual. The researchers hope that the technology will be accepted as the standard by large networks, especially in light of growing legal pressures to adopt new data protection measures.
“For the first time in human history, almost every single person on the planet can be tracked in real time,” said Raghavan. “So far, we’ve had to quietly accept this loss of control over our own data – we believe this new measure will help restore some of that control.”
Comments are closed.