FC: Why not to have "Privacy Commissioners"

Anonymous nobody at remailer.ch
Tue Jul 14 16:44:27 PDT 1998


> Declan, These articles (unfortunately in German) are excellent
> examples of the true purpose of EU-style "Privacy
> Commissioners". Their purpose of course being to provide a whitewash
> to privacy violating activities by the government.

> Anyone want to translate 'em?

Here's a very quick translation. I loved that bit where AltaVista
translated "crackle" as "kneeling asterisk", anyway I hope this is
more readable than those miracles of machine translation.


SonntagsZeitung Online, July 12, 1998:

The movement profiles do exist

A confidential report by the data protection commissioner unveils:
Swisscom collects the complete Natel cell phone data every three hours

BY NIKLAUS RAMSEYER AND DENIS VON BURG

BERNE - a secret report by data protection commissioner Odilo Guntern
proves: Swisscom locates all powered-on Natel phones in Switzerland
with an accuracy of 100 meters every three hours and stores these data
for seven days.

Things are not as bad as all that, it's all legal, and there's no
problem whatsoever, the Swiss federal data protection commissioner
Odilo Guntern appeased the public last Monday. Swisscom AG apparantly
has "the possibility of locating every powered-on Natel at any time",
he admitted. That however only within the so-called Location Areas
comprising of 50 kilometers each - and certainly not down to the 2,500
a few kilometers small radio cells in the country "as claimed by the
SonntagsZeitung", Guntern said.

What the public did not learn: Gunterns lean three-page paper is only
the tip of the iceberg. Hidden behind it there is a 30 pages long
secret report that Guntern delivered only to "the parties involved",
as he calls it. "Involved" are Swisscom, Leuenberger's
(communications) and Koller's (justice and police) departments and the
parliament's revisions delegation.

Gunterns confidential report not only contains the crucial information
to the Natel issue. It partly contradicts the public remarks and to a
large extent confirms the SonntagsZeitung article of 28 December
1997. In particular Guntern concealed that the 800,000 Natel users in
Switzerland can not only "be located", but are subject to a fully
automatted Periodic Location Updating (PLU). PLU means: Every active
Natel will announce itself to the closest antenna every three hours,
then Swisscom will register its location.

Each Natel owner can verify that himself: It is sufficient to put the
switched-on mobile telephone next to a transistor radio. It then will
emit a clearly audible galloping crackle.

Movement data in some cases are stored for many weeks

The location information covers not only "one of only 30 location
areas" in the country, as Guntern wanted to make believe, it descends
down to "radio cell level". In cities it has a precision of a few 100
meters - in open rural areas still a precision of max. 10
kilometers. At least that is what experts from a leading Natel company
assure. Thus the quite precise Natel location is registered every
three hours. Worse yet: Swisscom stores the cell phones' corresponding
"movement data" for seven days - in some cases even for weeks and
months.

SVP member of parliament Bernhard Seiler, who is president of the
parliament's GPK delegation, confirms these facts to the
SonntagsZeitung. Data Protection commissioner Odilo Guntern too
admits: "The subject PLU is discussed in detail in my report." He will
not talk about "technical details" however.

It is quick to calculate. Eight location reports from 800,000 cell
phones per day, stored for one week: Swisscom permanently has more
that 40 million data available on where and how the 800,000 Natels are
moving through the country. They only serve for making connections, is
said officially. But whoever has access to this information can
immediately print out a "movement profile" and learn where exactly the
Natel (and thus, its owner) has been during the past seven
days. Guntern: "That is not impossible." Using radiogoniometics (see
graphics) Swisscom can even locate each Natel to an exactness of 50
meters and tap the conversations.

That also applies to the controversial Natel D Easy: "we have movement
data and operational data for these devices as well", Odilo Guntern
assures. That explains why the Conferedate Justice and Police
Department and Federal Attorney General Carla Del Ponte demand that
buyers of such devices should be registered systematically. If
necessary the police would like to know whom the movement profile of a
given Natels belongs to.

And why did the Guntern report remain secret? The "parties involved"
blame each other for the secretiveness. Guntern: "I didn't even ask
them if they would like to publish the report, and decided myself that
it was not public."

The controlling authorities at the Swiss parliament are not going to
accept that: "We were of the opinion that the entire Guntern report
would be presented in public", says the SP deputy Werner Carobbio from
Tessin, who also is a member of the GPK delegation. "We will bring up
the issue of "movement profiles of Natel users" for deepened
discussion", he promises.

---------------------------------------------------------------

Les Temps Online, July 7, 1998:

COMMUNICATION

TELECOMS. Yesterday the federal data protection commissioner presented his
annual report

Odilo Guntern: «Natel owners must be able to remain anonymous»

By Gabriel Sigrist

In Switzerland, every citizen can walk into a store and acquire a
smard part to be inserted into a portable telephone for 120
francs. Swisscom's system Natel D Easy does not require any
subscription and thus the user can remain anonymous. This anonymity
disturbs the Attorney General of the Confederation, Carla Del Ponte,
who on several occasions set her face against a system «used by all
the criminals». According to the department of public prosecution, the
new ordinance on telecommunications imposed identification of Natel D
easy users beginning January 1st. The federal data protection
commissioner's report completely contradicts this assertion. «There is
no legal base for keeping records of Natel easy customers», Odilo
Guntern concludes in his annual report. The data protection
commissioner goes even further: «In our society, protection of the
individual requires the possibility to talk on the phone without being
recorded in files, he stated towards Les Temps. Record the purchasers
of «easy» cards does not make sense because the criminals use other
means to remain anonymous, such as foreign cards but also call-back
services or simply phone booths.» In the neighbour countries however
the purchasers of such cards must declare their identity. «It is
because the laws are different, explains Odilo Guntern. In
Switzerland, identification is obligatory only when there is a
long-term customer provider relation, which is not the case with
pre-paid cards.» The card easy is thus legally comparable to a CFF
multicourse subscription or a phone card to use in booths. Goods which
can be acquired anonymously.

However the debate is not closed: «In our opinion the legal base is
sufficient to impose registration of the users, explains Jürg Blaser,
spokesman of the department of public prosecution. It is essential for
the security of our country to be able to identify the holders of
portable telephones.» The federal Office of communications (Ofcom)
will decide. According to Odilo Guntern, it currently remains
«perfectly legal» to acquire a card easy without giving your
name. Swisscom however encourages the purchasers to identify
themselves: the operator offers a small gift to those who reveal their
personal data.

The comissioner also occupied himself with in the possibilities of
tracing mobile telephones. According to his report, Swisscom can
locate a simply powered-on portable in a relatively large zone, but
not to the cell (a circle of ten kilometers). There too, opinions
diverge.

According to Christian Masson, enthusiastic activist of the freedom of
circulation, the GSM system used by Swisscom's Natel stores the
precise localization of the devices every three hours, for maintenance
purposes. Odilo Guntern does not mention such a process in his
report. According to Swisscom, the users' positions are erased
during their movement.

The report also puts emphasis on customer fidelity cards such as the
M-Cumulus by Migros. «Any holder of such a card must be informed of
the various discounts of which he can profit, as well as of the data
processing relating to it», indicates the report.

On the Internet:

The full report of the federal data protection commissionser on
www.edsb.ch

The site of Mr. Masson on www.iimel.com/interception/mobile_trace.htm






More information about the cypherpunks-legacy mailing list