TAG:

<META NAME="ROBOTS" CONTENT="INDEX, FOLLOW, ARCHIVE" />

    Home      About       Articles        Graphics/FAQ’s       Recent Projects         Areas of Expertise         Contact

Bookmark and Share

U.S. 4th Amendment Issues & Cellular Handset Location Privacy -

Is it all about the Privacy Override Indicator & LIRAuth/LIRMode?

 

By John B. Minor, CSA CCE CSE, Communications Expert

All Rights Reserved – Copyright 2012

 

Cellular subscribers determine the location privacy of handsets during normal usage deciding which social network or mapping app can determine the location of the handset. This app by app configuration effectively closes and locks the door to revealing the location of the handset to anyone outside the handset.

 

A growing debate

 

After a declaration of exigent circumstance, a common practice by law enforcement investigators today, cellular carriers will request and receive the location of a subscriber’s cellular handset, regardless of privacy settings configured by the subscriber.

 

Background

 

Cellular carrier networks are among the most complex and sophisticated networks, are required to integrate each succeeding generation of technology while maintaining compatibility with earlier generation technologies and must maintain multi-path communications networks that exhibit self-healing characteristics when cell site components fail. Cellular carrier networks maintain cellular handset position determination capabilities that can narrow the estimated location of a cellular handset to a few feet.

 

Multiple technologies are utilized within cellular carrier networks including radio frequency isotropic propagation technologies, well-known Public Switched Telephone Network (PSTN) communications standards based technologies, patented communications flow technologies, and a variety of data recording and gathering technologies. This article is not an attempt to reiterate the corpora addressing the cellular carrier technology layers utilized in what are commonly referred to as 1G, 2G, 3G and 4G cellular communications but rather will address the privacy settings on a cellular handset more directly applicable to geo-locating a mobile phone handset.

 

Cellular networks worldwide use adopted standards upon which network design and operations are based.

 

 

Cell Phone Location Determination Techniques – An Overview

 

Cellular carrier networks in the United States implemented Location Based Services (LBS) for the purpose of geo-locating cellular handsets both during active and idle communications modes primarily as a means of meeting government E911 requirements but also to enhance carrier revenue from the subscriber base. The government mandate for Enhanced 911 hyperbolic ranging techniques initiated development and installation of LBS as early as 1998 as part of the required implementation of E911 Phase I. Hyperbolic ranging accuracy was enhanced during E911 Phase 2 and by 2005 over 95% of cellular handsets were capable of position determination within 50 to 300 meters. Cell phones containing GPS or Assisted-GPS chipsets are capable of location resolution of 5 to 30 meters. During active and idle communications mode location queries, the LBS system attempts to perform hyperbolic ranging at high accuracy levels. High accuracy level multilateration or trilateration techniques which include Enhanced-Observed Time Difference, Advanced or Enhanced Forward Link Trilateration, Angle of Arrival, Time Difference of Arrival, Assisted-GPS and other techniques are employed, reverting to less accurate methods until a satisfactory certainty of geo-location determination has occurred.

 

If insufficient results are produced from one or more hyperbolic ranging attempts the next less accurate geo-location method for LBS is the determination of cell site & sector, termed Cell-ID, within which the cellular handset is communicating. During normal voice communications, absent E911 calls or law enforcement real-time tracking activity, a cellular handset’s geo-location may only be historically determined by this least accurate Cell-ID method.

 

Subscriber location services privacy profiles are established within a cellular handset and enable limited subscriber self-serving real-time location tracking for common applications including navigation assistance and social networking.

 

Finally, the least accurate geo-location method for a cellular handset is the determination of a general locale, generally a city or other landmark used to identify the area in which a handset resides during call activity within certain billing records. In some instances a general geographical area the handset was operating within can be determined by reviewing Location Areas Codes (LACs) found within carrier records. Each LAC consists of a group of cell site locations.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Aggregation of Location Determination Techniques in use by Cellular Carriers

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Cell Phone Call Fundamentals

 

An understanding of how a cell phone call works, during both Mobile Originated (MO) or placed calls and Mobile Terminated (MT) or received calls, is essential to an understanding about how the billing call detail records are related to specific Base Transceiver Stations (BTS) or cell sites in a given region.

 

When a cellular handset is switched on, and after performing an initial boot, a search is performed for cell sites in the vicinity. Cell sites may be as near as a few meters or as far away as 40 miles. The cellular handset produces an internal list of available cell sites, normally alternating from 2 up to 6 cell sites depending on which cells are visible to the handset, called a Neighbor Set. The Neighbor Set is the Pilot superset of which Active Set and Candidate Set are subsets. The cellular handset evaluates signal strength and other factors during communications with the network producing an orderly Active Set cell list from the Candidate Set cell list, receives an authorization from the network and registers with the most suitable cell site from which to place or receive a call. This interaction between cellular handset and cell sites is accomplished using signaling channels (in CDMA networks signaling channels consist of Pilot, Sync, & Paging channels) not visible to the cellular handset user. The Neighbor Set is typically updated on average every 6-12 seconds from the moment the cellular handset is booted.

 

When a call is placed or received and a cellular handset is moving then a “handover” between cell sites (inter-sector) or between adjacent antenna faces of the same cell site (intra-sector) may occur during the call as signal levels change during movement.

 

Location Services and Privacy Standards

 

Cellular networks worldwide adhere to standards developed to enable calls to connect between different carriers regardless of the point of origin.

 

The 3rd Generation Partnership Project (3GPP.org) Standards Series TS 23-271 addresses Location Services on GSM (Global Systems Mobile) networks.

 

AT&T and T-Mobile are the primary GSM technology based cellular carriers in the United States. The GSM standards based technology dominates cellular carrier networks worldwide.

 

3GPP Network Standards

The Location Service Request, Immediate or Deferred (LIR or LDR) is addressed in the following standards: 3rd Generation Partnership Project (3GPP.org) Standards Series 23-271 Technical Specification Group Services and System Aspects; Functional stage 2 description of Location Services (LCS) (Release 9.5.0)- Section 5.4.

The Privacy Profile Register (PPR) is addressed in the following standards: 3rd Generation Partnership Project (3GPP.org) Standards Series 23-271 Technical ….

 

The Complete Article is Available