[Stalking by Cellphone]

Eugen Leitl eugen at leitl.org
Tue Feb 7 03:09:02 PST 2006

---------- Forwarded message ----------

How I stalked my girlfriend

Ben Goldacre
Wednesday February 1, 2006
The Guardian


For the past week I've been tracking my girlfriend through her mobile
phone. I can see exactly where she is, at any time of day or night,
within 150 yards, as long as her phone is on. It has been very
interesting to find out about her day. Now I'm going to tell you how I
did it.

First, though, I ought to point out, that my girlfriend is a journalist,
that I had her permission ("in principle ...") and that this was all in
the name of science, bagging a Pulitzer and paying the school fees. You
have nothing to worry about, or at least not from me.

But back to business. First I had to get hold of her phone. It wasn't
difficult. We live together and she has no reason not to trust me, so
she often leaves it lying around. And, after all, I only needed it for
five minutes.

I unplugged her phone and took it upstairs to register it on a website I
had been told about. It looks as if the service is mainly for tracking
stock and staff movements: the Guardian, rather sensibly, doesn't want
me to tell you any more than that. I ticked the website's terms and
conditions without reading them, put in my debit card details, and
bought 25 GSM Credits for =A35 plus vat.

Almost immediately, my girlfriend's phone vibrated with a new text
message. "Ben Goldacre has requested to add you to their Buddy List! To
accept, simply reply to this message with 'LOCATE'". I sent the
requested reply. The phone vibrated again. A second text arrived:
"WARNING: [this service] allows other people to know where you are. For
your own safety make sure that you know who is locating you." I deleted
both these text messages.

On the website, I see the familiar number in my list of "GSM devices"
and I click "locate". A map appears of the area in which we live, with a
person-shaped blob in the middle, roughly 100 yards from our home. The
phone doesn't go off at all. There is no trace of what I'm doing on her
phone. I can't quite believe my eyes: I knew that the police could do
this, and telecommunications companies, but not any old random person
with five minutes access to someone else's phone. I can't find anything
in her mobile that could possibly let her know that I'm checking her
location. As devious systems go, it's foolproof. I set up the website to
track her at regular intervals, take a snapshot of her whereabouts
automatically, every half hour, and plot her path on the map, so that I
can view it at my leisure. It felt, I have to say, exceedingly wrong.

By the time my better half got home, I was so childishly over-excited
that I managed to keep all of this secret for precisely 30 seconds. And
to my disappointment, she wasn't even slightly freaked out. I don't know
if that says good or bad things about our relationship and I wouldn't
want you to come away thinking it's all a bit "Mr & Mrs Smith" around
here. Having said that, we came up with at least five new uses for this
technology between us in a few minutes, all far more sinister than
anything I had managed to concoct on my own.

And that, for me, was the clincher. Your mobile phone company could make
money from selling information about your location to the companies that
offer this service. If you have any reason to suspect that your phone
might have been out of your sight, even for five minutes, and there is
anyone who might want to track you: call your phone company and ask it
to find out if there is a trace on your phone. Anybody could be watching
you. It could be me.

-- end of forwarded message --
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820            http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]

More information about the cypherpunks-legacy mailing list