This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Surveillance of personal mobile comms is no big deal for telcos

Share this article:

Requests for the collection of personal data should not prove to be a challenge for telecommunication companies.

As detailed in last week's Queen's Speech, the Government "intends to bring forward measures to maintain the ability of the law enforcement and intelligence agencies to access vital communications data under strict safeguards to protect the public, subject to scrutiny of draft clauses".

Information Commissioner Christopher Graham told SC Magazine there were still core decisions to be made around limiting the intrusion into people's privacy, to be sure it is compliant with the Data Protection Act on safeguarding data.

Leeor Ben-Peretz, V-P of business development at Cellebrite, said its solutions for the transfer and forensic analysis of data were complementary to what was in the bill, but a challenge may come for governments in terms of legal rights and data management.

He explained that telcos are supposed to be able to provide users with access to call logs, so the capability will not be too much of a challenge. “As long as you have the device, then you have a lot of data available and you can recover the content itself, not just meta data,” he said.

“With email or an SMS, you can recover the content itself, but with a phone call, the phone does not record the voice channel, so you cannot recover that – but there is a lot you can recover and that is helpful in a forensic investigation process.”

In terms of the legality of collecting data, Ben-Peretz said some nations and states are stricter than others.

Asked how simple it is to extract data when a device is ‘in hand' as opposed to ‘over the air', Ben-Peretz said the former scenario was the less challenging.

In terms of how surveillance can be done discreetly, Ben-Peretz said: “Extraction is complex and I split it into two areas: with physical it would not be possible as to bypass the OS it has to not be running; the other side is logical extraction, so it is possible to do it over the air, but that is phone-specific.

“Typically you need a client to do this if you want to do it over the air, so the challenge is in how you push the client remotely. It is feasible for a third party to hear when you are running an open OS like Android or Symbian, with iOS it is not so easy. Any talented app developer can do this.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Researcher develops BadUSB code to compromise USB sticks - and their computer hosts

Researcher develops BadUSB code to compromise USB sticks ...

Karsten Nohl also reveals how an enhanced security approach can beat his USB architecture compromise.

Cybercrime threat landscape evolving rapidly

Cybercrime threat landscape evolving rapidly

New research claims to show that, whilst spam levels fell to a five-year low last month, the increasing complexity of cyber-criminal attacks shows no sign of easing, with increasing levels ...

Tor Project unearths attack that identifies users

Tor Project unearths attack that identifies users

Users of The Onion Router (TOR) network have been warned of an attack that could deanonymise them if they used the service from February to July this year.