Data retention question
Peter Fairbrother
zenadsl6186 at zen.co.uk
Fri Jul 18 22:57:33 BST 2014
On 17/07/14 17:36, Alex Burr wrote:
> Okay an update: I found a free 'cell site analysis' guide. It is
> downloadable from here:
> http://www.forensicanalytics.co.uk/services/training/free-resources
> but you have to give them contact details. It appears that location
> for data use *is* retained in the UK, except by Three. Records do not
> correspond to packets or tcp sessions, they correspond to 'an entire
> connectivity session' (I'm not familiar enough of mobile phone
> protocols to identify that) which are apparently 'closed' due to, for
> example a time out, which can happen after 5 minutes of inactivity.
>
> So it is plausible that a poll every 10 minutes by an email client
> could cause a comprehensive location record for a UK user, as in the
> Spitze case. But I don't have evidence of whether this typical.
>
> Alex
Thanks, useful link.
I don't know for sure whether mobile service providers are required to
retain location data for internet sessions under the 2009 regs/DRIP -
personally I'd have said no, they do not, but others may disagree.
The meanings of "mobile telephony" and "communication" are in question,
and who knows what a Judge might say?, they seem to make it up as they
go, and usually in favour of the Establishment.
Though perhaps Three agree with me?
However, mobile service providers are free to retain as much location
data as they might want to, under ACTSA.
I would be interested in any more information you can come up with. Or a
link to your paper, if you write one.
-- Peter Fairbrother
More information about the ukcrypto
mailing list