This post is also available in: עברית (Hebrew)

Who should individuals be more concerned about – intelligence and espionage agencies or their own local cellular companies?

In an expose on Verizon (NYSE: VZ), which was featured on arstechnica.com this week, it was disclosed that Verizon uses tiny “cookies”-like ‘tokens’ which it secrets into internet surfing requests by company subscribers – to gather a great deal of information on their surfing habits.

The i-HLS technology and intelligence desk sets the record straight and sheds more light on the way all this valuable data is being gathered by cellular providers, which includes the surfing data of its subscribers along with their physical location at any given moment. Worse still, here’s is what we should all be concerned about (and to what extent).

As of the early 2000s, and in fact when the age of GPRS (2.5G) ended and 3G followed suit (and from then on to LTE and 5G is almost upon us), most cellular providers have also become Internet Service Providers – ISP. This was the result of burgeoning demand on the part of their clients to be able to use their mobile phones to surf the net.

Cellular subscribers can nowadays surf the net at very high speeds practically anywhere, using components embedded in the core of cellular networks (GGSN and PCRF), as well as other devices installed in Radio Base Stations (RBS) and broadband transmission.

Akin to internet connection at home, in the framework of which a client is linked to an infrastructure provider and is also connected, separately, to an internet provider, cellular providers offer their subscribers both aspects, sometimes complete with the content they consume (e.g., news, sports, astrology and so on).

In addition to internet services,let’s not forger that cellular providers also feature calls and text messages, thereby storing a particularly high quantity of data on each and every subscriber: who called whom and when, what sites they surf and what emails they send or receive, complete with accurate locations at each and every given moment.

iHLS Israel Homeland Security

Given that on top of all this data, cellular providers are also in possession of all their subscribers’ payment data. Future plans include an “electronic wallet” feature, so clearly, the power of the information cellular providers have is quite formidable.

The expose on Verizon’s “cookie” hack into its subscribers’ surfing requests attests to its active stance and on its efforts to gather information knowingly and intentionally in order to the generate supplementary, secondary profits at the expense of its subscribers – by using, allegedly illegally, details that no subscriber ever intended to simply give away of their own volition and or freely.

Apart from gathering, storing, indexing and the almost inexhaustible ability to reproduce any detail on any of its subscribers, the question remains, how safe is all this data in the hands of any cellular provider? What kind of security efforts are they making and how effective are they in the case an employee with authorizations to most of their data and engineering systems? And in the case of an occasional outside hacker?

No less important, another source of concern is the cooperation between intelligence agencies worldwide and cellular providers. Stringent and broadly-phrased laws have actually been enacted in the most liberal countries in the West (the US, most of Western Europe, Israel and so on). Inter alia, these laws compel cellular subscribers to allow broadband fixed-line communications between their databases and the intelligence agencies’ HQs.

This odd connection between intelligence and security bodies and cellular providers is surprisingly (or perplexingly) well-founded on regulations by international standards institutions which operate under the auspices of the UN, such as the International Telecommunications Union (www.itu.int), or those which operate in relation to them, such as www.etsi.org.

The commercial sector, in particular the world’s leading telecommunications manufacturers (such as Ericsson, Nokia, Motorola, Alcatel), did not stand bye, and joined in to this carousel of data storage by featuring entire series of products which support wiretapping, recordings and data accumulation, while at the same time meeting international standards for linking their products, which are installed in cellular networks, to intelligence, law enforcement and espionage agencies in their own respective countries.