[…] In “Pretty Good Phone Privacy,” [PDF] a paper scheduled to be presented on Thursday at the Usenix Security Symposium, Schmitt and Barath Raghavan, assistant professor of computer science at the University of Southern California, describe a way to re-engineer the mobile network software stack so that it doesn’t betray the location of mobile network customers.
“It’s always been thought that since cell towers need to talk to phones then all users have to accept the status quo in which mobile operators track our every movement and sell the data to data brokers (as has been extensively reported),” said Schmitt. “We show how it’s possible to protect users’ mobile privacy while at the same time providing normal connectivity, and to do so without changing any of the hardware in mobile networks.”
In recent years, mobile carriers have been routinely selling and leaking location data, to the detriment of customer privacy. Efforts to alter the status quo have been hampered by an uneven regulatory landscape, the resistance of data brokers that profit from the status quo, and the assumption that cellular network architecture requires knowing where customers are located.
The purpose of Pretty Good Phone Privacy (PGPP) is to avoid using a unique identifier for authenticating customers and granting access to the network. It’s a technology that allows a Mobile Virtual Network Operator (MVNO) to issue SIM cards with identical SUPIs for every subscriber because the SUPI is only used to assess the validity of the SIM card. The PGPP network can then assign an IP address and a GUTI (Globally Unique Temporary Identifier) that can change in subsequent sessions, without telling the MVNO where the customer is located.
“We decouple network connectivity from authentication and billing, which allows the carrier to run Next Generation Core (NGC) services that are unaware of the identity or location of their users but while still authenticating them for network use,” the paper explains. “Our architectural change allows us to nullify the value of the user’s SUPI, an often targeted identifier in the cellular ecosystem, as a unique identifier.”
Its primary focus is defending against the surreptitious sale of location data by network providers.
Schmitt argues PGPP will help mobile operators comply with current and emerging data privacy regulations in US states like California, Colorado, and Virginia, and post-GDPR rules in Europe