Every now and then somebody writes a piece (such as the one Brian referred to the other day) which talks about “Some pestilential scientist has invented a device that allows parents to trace their child’s location via his mobile telephone” or similar.
Now it actually isn’t actually scientific or technical issues that are the issue here, for mobile phones are tracking devices by their very nature, and have been since their invention. You see, if you call a mobile phone, then the phone has to be made to ring. In order to be able to make it ring, the network as to know where it is. And in order that this be so, your mobile phone network is tracking you at all times. It isn’t tracking you that precisely, but with sharing of information between networks (which they do, in order to track down mobile phones and sometimes to cooperate with the police) it is possible to track the location of anyone with a mobile phone to within a couple of street blocks. In terms of tracking the person with the phone, although the technology can be improved to track movements more accurately – particularly by putting GPS devices or similar into phones, in some sense it is good enough already. In this case the issues are not so much technological – the technology is already there – but regulatory and legal. Just how much of this information will be logged and stored. Having a database recording everywhere I have been in the last five years is different from being able to record where I am now on demand. How much of this information may or must be shared with government and law enforcement. And how much of this information may be used commercially and in what ways. Is it appropriate to provide a service to parents that allows them to track the movements of their children? (Certainly if I was a teenager, I would find it pretty rough if my mother was tracking me at all times).
But, of course, technology is advancing. Reading this article suggests that things are going to get far worse. Before too long we may have so called “passive radar”. Essentially the point of this is that our mobile phones are throwing lots and lots of radio signals around all the time. These signals are bouncing off things, being partially absorbed by other objects, and similar. If our phones and base-stations record signal strength, signal direction, gaps in the signal, doppler effects, and other such pieces of information, it may be possible to essentially construct an electronic map of the terrain that the signals are travelling through. Essentially if you are walking down the street not carrying a mobile phone or any form of electronic tag, it may be possible to track you using the mobile phones of other people in the street. Unlike conventional radar systems, this type of tracking cannot easily be detected, as it uses radio signals that have other purposes and are there already. The privacy implications of this are, of course, worrying.
Even if this particular means of ubiquitous tracking does not come into being, or at least not quickly, some technology that achieves essentially the same thing is going to come into being at some point, like it or not. If we want to attempt to establish rights to not be tracked, or clear laws as to how such information can and cannot be used, we need to do so now, when tracking is possible but not ubiquitous. Trying to do so so after it becomes ubiquitous is going to be too late.
The last passage of the story you linked to
further underlines the point that privacy is basically a political issue rather then a technological issue.
We have been worried about Celldar since it was first announced as a serious research project. It is much more likely to be used initially as a passive stealth bomber detection system.
(remember the stories of US stealth fighter bombers being detected and shot down in yje Balkan conflicts ?)
Like many privacy threatening technologies, this one could also be life threatening.
Even if Celldar does not yet work as claimed, and even if it is not yet deployed anywhere, if you were a military airforce commander planning a strike on a country, the mere possability that this system might exist must now influence the list of targets that you select.
Telephone exchanges etc have always been military targets, but now, due to potential of Celldar, GSM or 3G Mobile phone transmission masts must also now be included as potential radar transmitters i.e. the very first targets which an airforce commander will want to destroy to protect his own forces in a conflict..
Those people who are worried about the potential health risks to themselves and their children due to mobile phone masts near their houses or schools etc should really also consider the much larger threat of anti-radar missiles and cluster bombs.
Privacy and Security are often inextricably linked.
Consider the PR campaign and hype about the new service called ChildLocate, a commercial service run by a company called MobileLocate, which claims to track the location of your child’s mobile phone.
ChildLocate concerns
Their website, is used to take credit card details and also to locate the phones/Children and to send them trusted SMS messages
The popup forms use Flash and do not make use of SSL/TLS encrypted sessions, which is what one would expect for credit card transactions over the internet, let alone extremely sensitive Child Location data and messaging. – it is all going out in plaintext , enencrypted.
The servers which run this system seem to be run by TrackWell, and are based not in the UK, but in Iceland. i.e. outside of the European Union.
This has Data Protection Act implications for the export of personal data outside of the EU, or it would do if there were any entries at all on the Data Protection Register for MobileLocate , ChildLocate or TrackWell, despite their claims to have consulted the Information Commissioner back in April.
In order to work with children as a teacher, or school caretaker or even a scoutmaster or volunteer, you need to go through Criminal Records Bureau checks. One would expect that any comany selling a Child “protection” service would have all their staff undergo such checks. However, since all the people who control the tracking computers etc and who could potetially abuse this system are in Iceland, and who will there fore not appear on the UK CRB records, just how credible can this be ?
It is bad enough when credit card information is put at risk on the internet, but to create a tool so potentially useful to kidnappers etc without taking all the precautions possible, is inexcusable.