Tech companies respond to reports of NSA tracking switched-off mobile phones

News & Analysis
Tech companies respond to reports of NSA tracking switched-off mobile phones

It was a throwaway line in a Washington Post article, one of the many stories about government surveillance in the past few months.

By September 2004, a new NSA technique enabled the agency to find cellphones even when they were turned off. [Joint Special Operations Command] troops called this “The Find,” and it gave them thousands of new targets, including members of a burgeoning al-Qaeda-sponsored insurgency in Iraq, according to members of the unit."

Being able to track a mobile phone, while switched off? It was the first time we had read about the NSA having such a capability, and a revelation that has far-reaching implications. For most consumers, when they turn off their handsets, they have a reasonable expectation that the device is powered off, is not emitting or receiving a signal, and does not have any piece of the mobile phone still 'on'.

If the report is true, a phone being traceable while powered off could have significant implications for the locational privacy of all cell phone users. Fundamentally, this poses the question of whether mobile phones have an inherent vulnerability in them that permits this to happen or whether the security services can only achieve this by manipulating the device with malware.

That's why we wrote to 8 major handset manufacturers and mobile operating system providers (Apple, Ericsson, Google, HTC, Microsoft, Nokia, RIM, and Samsung) to find out how exactly this could be going on. The responses we received were interesting, which while varied suggest that in order for intelligence agencies to track mobile phones while powered off requires a form of malware to be installed on the user's device.

Mobile phones and privacy

It's the thing carried around in pocket, and detail where you are, who you communicate with, and what you think about. Because of the highly sensitive information gathered and stored on mobile phones, most, if not all, mobile phone manufacturers and mobile operating system providers state that they place a high value on the privacy of their customers. In addition to this, international bodies have produced guidelines that many of these companies have signed up to protecting.

  • Obligations to respect the privacy of handset customers arise under the First Principle of the United Nations Global Compact, which states that “businesses should support and respect the protection of internationally proclaimed human rights”, which includes the fundamental right to privacy.
  • The GSMA Mobile Privacy Principles mandates “a robust and effective framework for the protection of privacy, where users can continue to have confidence and trust in mobile applications and services.” The Principles go on to say that they apply to “[d]ifferent stakeholders, such as the relevant service or application provider, the mobile operator, the handset manufacturer and the operating system or other software provider”.

Their responses

So when investigating how surveillance could be conducted on a phone, even while switched off, we posed questions regarding the operating systems as well as the state of components in the hardware. Four companies replied, Ericsson, Google, Nokia, and Samsung, and we are still awaiting formal written replies from remaining companies.

While the responses varied, two themes stood out among the companies that replied: hardware manufacturers claim they strive to switch off almost all their components while the phone is powered down, and if tracking occurs it is likely due to the installation of malware onto the phone.

For instance, Google replied:

When a mobile device running the Android Operating System is powered off, there is no part of the Operating System that remains on or emits a signal. Google has no way to turn on a device remotely."

The companies' responses were quite telling, given that a mobile phone company would acknowledge the existence of malware and that it could penetrate whatever security they have in place for the software or hardware. Furthermore, given the likelihood that malware on a handset is responsible, it would seem vitally important that a device allow for the complete removal of the power source in order to prevent tracking.

Because of the openness of their responses, we are looking to reach out to more mobile phone companies in the near future, including LG, Motorola, and Sony. As we hear more, we will continue to update our investigation.