“When you connect to the network, you offer the IMSI number to show the main database that you are a paying customer, and these are the services you are subscribed to,” says Schmitt. “The system then informs the rest of the kernel to give you access to the network. But what we do with PGPP changes the math. The subscriber database can verify that you are a paid user without knowing who you are. We have decoupled and moved billing and authentication.
Redesigning some billing systems and distributing an app to users would be much more manageable for operators than deeper network redesigns. Raghavan and Schmitt are transforming their research into a startup to facilitate the promotion of the project to American telecoms. They recognize that even with the ease of adoption, there is still a long way to go for the entire industry to switch to PGPP anytime soon. But getting just a few carriers, they say, could still make a big difference. This is because bulk location data becomes much less reliable if a significant portion of the total set is tainted. Yes 9 million Boost Mobile subscribers, for example, had to broadcast identical or random IMSI numbers, which would affect the accuracy and usefulness of the data set.
The fact that small virtual providers that don’t even operate their own mobile towers, known as MVNOs, can implement this program independently is important, says cryptographer Bruce Schneier, who initially heard about it. from PGPP in January and recently became a Project Advisor.
“A carrier can do it themselves without anyone’s permission and without anyone else changing anything,” explains Schneier. “I can imagine one of these small businesses saying that they are going to offer this as added value, because they want to differentiate themselves. It’s privacy at very little cost. This is the right thing.
In the competitive and monolithic wireless market, standing out on privacy could be an attractive marketing tactic. It is possible that the Big Three are trying to prevent MVNOs from adopting something like PGPP through contractual moratoriums. But researchers say some MVNOs have shown interest in the proposal.
Between the potential pressure from law enforcement and loss of access to data, as well as the need to distribute an application or involve mobile operating systems, operators may have little incentive to adopt PGPP. Insofar as law enforcement could object to such a program, Schmitt notes that it would still be possible for operators to perform targeted searches of the location history for specific phone numbers. And researchers say they believe the approach would be legal in the United States under the Communications Assistance for Law Enforcement Act. Indeed, one caveat from PGPP is that it only adds privacy protections for interactions with cell towers that involve data networks like 4G or 5G. It doesn’t try to interact with historical phone protocols that facilitate traditional phone calls and SMS text messages. Users should rely on VoIP calling and data-based messaging for maximum privacy.
The approach also focuses on IMSI numbers, as well as their 5G counterparts known as Permanent Subscription Identifiers, or SUPIs, and does not protect or exclude static hardware identifiers such as IMEI (International Mobile Equipment Identity) or media access control (MAC) addresses. . These aren’t used in interactions with cell phone towers that researchers are trying to anonymize, but they could provide other means of tracking.
Having a simple, straightforward option to remedy a major location data exposure is still important, after years of data misuse and growing privacy concerns.
“Just to be totally frank, the feeling for me now is, how haven’t we seen this before?” Raghavan said. “It’s not ‘Wow, that was so hard to understand.’ This is evident in hindsight.
“In fact, it made us feel better as systems researchers,” adds Schmitt. “At the end of the day, the simpler the system, the better the system.”
More great WIRED stories