Cell Phone Tracking

As cell phones have become more common, privacy concerns about the ease of tracking users have arisen. To work properly, cell phones must continuously make contact with a signal service provider (typically by connecting to a network of signal towers). Consequently, users are unable to use the phone effectively without being tracked. The data gathered through this tracking—such as location data, contact lists, call history, text message logs, and network cache—allow for a fairly complete profile of a user to be constructed. Law enforcement officers can employ tracking technology and the resulting data to track and apprehend suspects, but because this technology is relatively new, the enactment and enforcement of laws associated with it are inconsistent. This entry reviews the technology that allows for cell phone tracking, reveals the capabilities of law enforcement to access telecommunication records, and points out the privacy vulnerabilities of cell phone users.

A working cell phone inevitably tracks the user’s location while maintaining connectivity to signal towers. As the cell phone moves from the range of one tower to another, the user’s movements are tracked. If the mobile service provider maintains connectivity logs, as most do, detailed location histories can be generated. With deliberate effort, more specific location data can be derived through triangulation, comparing connection strength at the tower with connection to a second location, either a second tower or, more typically, a mobile signal repeater.

Law enforcement’s use of cell phone technology—such as signal repeaters, which help strengthen or “boost” a cell signal—to track individuals came to media attention through the American Civil Liberties Union (ACLU) and a report by USA Today. According to both organizations, law enforcement officers have used these devices without seeking warrants or other judicial oversight. Because these devices can locate an individual within his or her private space, they raise substantial privacy concerns. However, there is little jurisprudence on law enforcement’s use of mobile signal repeaters, so, like much new technology, they operate within a legal gray area. In June 2014, the U.S. Marshals seized records connected to the use of such devices by the police in Sarasota, Florida. The seizure effectively blocked a public records request by the ACLU to obtain more information about how law enforcement officers use the “Stingray” model of mobile signal repeater. Public debate over the use of these devices continues.

In addition to the cell telephony signals, smartphones transmit more rich data about the user through email, social media applications, and web browsing. Smartphones and other data-equipped devices are assigned an International Mobile State Equipment Identity (IMEI), a number that uniquely identifies the device to connected networks. As many cell phone providers associate the IMEI with subscribers, the IMEI can be considered personally identifiable information. Because smartphones are also Wi-Fi-enabled, users can be tracked according to the Wi-Fi networks scanned by the smartphone, even if they do not connect to those networks. Finally, the Global Positioning System (GPS) installed on most smartphones provide a direct path to location tracking as long as the GPS is active. All of these functions provide rich location information about the user.

Smartphone applications, both user-installed and bundled with the factory-installed operating systems, use location data to present targeted advertisements, weather forecasts, or traffic information. While these services may be convenient for the user, they also report location data to the application provider (e.g., Google, Facebook, Apple). Location-based services establish all smartphone users as data subjects, monitored by various service providers to generate market data and to improve services. Although users are typically asked to consent to such location tracking when installing or configuring these applications, there is little information offered about how these data will be used. In addition, these “click-through” consent forms do not offer users an opportunity to opt out of some tracking or use only services that do not involve tracking. Once consent is given, smartphone operating systems do not provide the user with rich information about when location is reported, so users may be unaware of how much fine-grained location data they have exposed. Smartphone operating systems are typically locked from user modification, preventing users from effective administration of their devices.

In addition to all of these concerns, cell phones allow for backward-looking surveillance. When an individual becomes the subject of surveillance, the individual’s history can be reconstructed to the limit of the service provider’s records. The server-side storage of short message service (SMS), or text, messages provides an especially telling example. If law enforcement requests records from an individual’s cell service provider, these records could include SMS messages stored by the service provider. Depending on the provider’s storage policy, all of an individual’s SMS messages from the past week (or the past year) could be exposed. Because cell service providers do not often publicize their storage policies, users are typically unaware of this vulnerability. Records received by the ACLU reveal that some service providers maintain various records, including location-sensitive information, for years.

All of these issues are made more problematic by “bring-your-own-device” policies now common in many professions. Employers save money through policies that allow employees to use their own smartphones or other mobile devices in conjunction with work. In such situations, employers have an interest in ensuring that trade secrets or other confidential information remains secure, so that employees may be obligated to allow their employers to regularly inspect their devices or agree to allow employers to manage device software. Employees may be required to install software that gives the employer access to their cell phone or smartphone’s location data or remote management of information stored on the device.

The use of cell phones has changed the way in which individuals communicate and relate to information technology. While the location sensitivity of these devices can be an advantage, it can also be a vulnerability to users concerned about privacy. Although cell signals are transmitted in the open air, tracing these signals can reveal locations within traditionally private spaces. At the time of this writing, many legal questions remain unsettled. Against the background of many questions about pervasive surveillance of the Internet, cell phone tracking forms a point of contact between online and off-line tracking. Advocacy groups, including the ACLU and the Electronic Frontier Foundation, argue for stronger privacy protection and judicial oversight for all electronic surveillance. As more users become aware of the privacy consequences, they are also faced with the inability to prevent tracking and still use their devices. Law enforcement agents and first responders can use location tracking to improve response time or to apprehend suspects, but citizen expectations of privacy are at odds with current capabilities of cell phone tracking technologies.

Michael Falgoust

See also American Civil Liberties Union and Electronic Privacy Information Center ; Civil Liberties ; Smartphones ; United States v. Jones (2012) ; Warrants

Further Readings

Freiwald, Susan. “Cell Phone Location Data and the Fourth Amendment: A Question of Law, Not Fact.” Maryland Law Review, v.70 (2010).

Heath, Brad. “Police Secretly Track Cellphones to Solve Routine Crimes.” USA Today (August 24, 2015). http://www.usatoday.com/story/news/2015/08/23/baltimore-police-stingray-cell-surveillance/31994181/ (Accessed October 2017).

Junglas, Iris A. and Richard T. Watson. “Location-Based Services.” Communications of the ACM, v.51/3 (2008).

Kerr, Orin S. “The Case for the Third-Party Doctrine.” Michigan Law Review, v.107 (2008).

McLaughlin, Kevin. “Fourth Amendment and Cell Phone Location Tracking: Where Are We.” Hastings Communication and Entertainment Law Journal, v.29 (2006).

Roux, Brian and Michael Falgoust. “Information Ethics in the Context of Smart Devices.” Ethics and Information Technology, v.15/3 (2013).

Soghoian, Christopher and Stephanie K. Pell. “Your Secret Stingray’s No Secret Anymore: The Vanishing Government Monopoly Over Cell Phone Surveillance and Its Impact on National Security and Consumer Privacy.” Harvard Journal of Law and Technology, v.28/1 (2014).