As mobile
devices rise in popularity and sophistication, so does their use among people
conducting illegal activities. For that reason, evidence from mobile devices is
becoming increasingly important to law enforcement in fighting crime. In
addition to no warrant being required to request a tower dump containing the
mobile phone data of thousands of people to track down one or more criminals
involved in a crime, privacy advocates also question what is being done to the
data collected once an investigation is complete. In fact, digital evidence
from a mobile phone led international police to the terrorists responsible for
the Madrid train bombings that killed at least 190 people in 2004.
Digital
forensics is a branch of science encompassing the recovery and investigation of
material found in digital devices, including computers, cell phones, and
digital cameras. Every time someone uses a cell phone, a signal is sent out
that pinpoints where the user is. Cell towers and the GPS features in some
smartphones track where a phone is at any moment. Cell phone carriers can
provide authorities with a cell phone’s location via proper court documents.
By exporting
information from multiple digital devices (such as call logs from multiple
cellular phones or e-mails from computers) and importing that data into an
analytical software package, investigators using data-mining techniques can
diagram and visualize a criminal enterprise or a timeline of events. This
graphical representation can make it easier for investigators to understand the
complex relationships in a criminal enterprise or for a jury to understand
criminal activity and the possible connections among offenders in a courtroom
presentation.
The law
enforcement agencies require basic knowledge of tools for collecting and
analyzing digital evidence from mobile phones. They are also required the
efficiency of assessment of the current knowledge level in the field like Identification
of tools available to collect digital evidence from mobile devices; Identification
of all the cell phones in use that may become evidence in an investigation and
a determination of how many can be forensically acquired and analyzed with the
existing cell phone forensic solutions; Identification of the gaps in the
number of cell phones in use and the existing cell phone forensic solutions for
future technology development project.
Now mobile
network operators receive occasional requests from law-enforcement agencies to
provide communications information from a specific tower. These requests
usually cover short periods and the information provided is only metadata. Metadata
is information about the time, duration and destination of calls but not their
content. Metadata can also include location data about a mobile phone, even
when it’s not on a call. To successfully collect and analyze evidence from
mobile devices, law enforcement needs tools that can recover system files,
operating system information, applications, deleted files and unallocated
space. Some available tools capture the logical image (what users can see
without using special tools), which is only a portion of the phone's data
storage capacity. However, law enforcement needs more tools that capture the
entire physical image including deleted files, messages, photos and call logs.
Often, the deleted data is extremely valuable to the investigation and provides
more comprehensive evidence for prosecution.
The
law-enforcement agencies can also use a technique known as a "tower
dump", which gives police data about the identity, activity and location
of any phone that connects to targeted cell towers over a set span of time,
generally an hour or two. A typical dump covers multiple towers, and mobile
providers, and can net information about thousands of mobile phones. The dumps
are usually used in circumstances when police have few leads and can be a
useful, powerful tool in tracking down criminals. But privacy advocates say
that while they may be helpful to police, they also target thousands of
innocent people and don’t have any judicial oversight. A request for
non-content information on the use of a particular tower during a specified
period of time may be lawful under certain circumstances. What we need is
transparency as to what's being done and who is doing it. But we need a
well-defined law regarding this type of data. Considering thousands of users
are affected by tower dumps, they should
count for the number of those who are affected. Around 330,000 requests for
metadata were made by law-enforcement agencies in 2012-13, according to the
latest report published by the Attorney-General’s Department of Australia.
Cell phones
contain call history, contacts, text messages, web browser history, email, a
Global Positioning System (GPS), and other location information that police and
law enforcement agencies find valuable. Evidence from cell phones can help
investigators piece together motives and events and provide new leads. Now Smartphones
and cell phones have become a regular part of criminal investigations because
they are now owned by most people and provide information about a person’s
whereabouts and a person’s contacts.
Tracking
subjects via their mobile devices has been utilized for many years and has
become very much a part of many, if not all, investigations. Cell phone records
can identify calls made and received. You also can obtain the cellular towers
that were used in the conversation, SMS (short message service), or data
communication. The cell phone records hold latitude and longitude information
and can be used as a historical reference to where the mobile device was at a
particular time. In addition to collecting cell phone communication records,
police also encourage citizens to use their mobile devices to report crimes and
send in tips. Police often reach out to the public and make it clear to them
when they need help in an investigation.
People can
send their digital photos and videos of crimes in progress to call centers in
some cities. New technology allows sent images to be directly added to the
record of a related call, and be forwarded to emergency responders on their way
to the scene. An example of such technology is CrimePush, a multiplatform
smartphone app that allows users to report crimes quickly and efficiently. It also gives users the ability to send
multiple, GPS-tagged distress messages to designated emergency contacts. High-profile
incidents throughout the world have proven how valuable mobile phone images can
be to crime investigations.
The London
bombings in July 2005 marked a turning point in news coverage and the role of
camera phone images. Witnesses to the attacks used their cell phone cameras to
record their experiences in the aftermath. Not only did it signal a new era of
citizen journalism, but police in London were able to use the cell phone photos
as clues to find the terrorists behind the bombings. Just this April, 2014
investigators of the Boston Marathon bombings collected photos and video from
cell phones and surveillance cameras to aid their investigation. Seconds after
the bombs exploded at the marathon, Jacksonville Beach, Fla., businessman and
marathon runner David Green pulled out his smartphone and took a photo of the
chaos developing. He then put his phone away and helped the injured. After
officials released a surveillance video of the two bombing suspects, Green
realized he had a picture of suspect Dzhokhar A. Tsarnaev walking away from the
scene. Editors of The Associated Press were able to establish the authenticity
of Green’s photo and established an exclusive arrangement for distribution of
the photograph. In addition to photos and video, text messages are proving to
be helpful in investigations. Text messages are more discreet and safer in some
circumstances, such as kidnappings or burglaries. Many police departments
throughout the country have text-a-tip programs that allow people to send
anonymous text messages from their cell phones. In order to provide people with
a confidential means of communication, text messages are sent to a separate
third-party server where identifying information is removed and assigned an
encrypted alias to ensure callers’ anonymity. Identifying a phone from its
radio frequency fingerprint is certainly not far-fetched. It is similar to
identifying a digital camera where the image metadata does not provide a serial
number. From underlying imperfections in the lens, which are detectable in the
image, the source camera can be identified.
To keep from
being tracked and getting caught, criminals use evasion tactics such as
modifying the built-in ID code in their cell phone or swapping out SIM cards,
making it impossible for law enforcement to track the criminals down by relying
solely on cell phone signals. German engineers found, however, that the radio
hardware in a cellphone — a collection of components like power amplifiers,
oscillators, and signal mixers — all introduce radio signal inaccuracies. When
these inaccuracies, or errors, are taken together, as seen in the digital
signal sent to a cell tower, the result can be read as a unique digital signal
–a digital fingerprint. These digital fingerprints do not change even if the
built-in ID code has been modified, or the SIM card has been swapped out. Law
enforcement agencies may soon have a new tool at their disposal — a device that
which distinguishes between cell phones based on their digital signal. This new
technology was developed by engineers at the Technische Universität Dresden in
Germany.
A TU Dresden
release reports that law enforcement officials can track criminals as they talk
on their cell phones using triangulation of cell towers. To keep from being
tracked and getting caught, however, criminals began using new evasion tactics
such as modifying the built-in ID code in their cell phone or swapping out SIM
cards – making it difficult, if not impossible, for law enforcement to track
criminals down by relying solely on cell phone signals. The technology
developed by the TU Dresden engineers would allow law enforcement to overcome
the criminals’’ evasion tactics.
Identity
theft, stalking, fraud, pornography, illegal electronic surveillance, and theft
of intellectual property are just some of the examples of crimes committed
every day on mobile devices. A mobile device is simply a portable computing
device, so any crime that can be perpetuated on a computer can be committed via
a mobile device. The portability of mobile devices makes it difficult, but not
impossible, to identify the source of an electronic crime. If a user is using a
public wi-fi, a ‘burner’ prepaid phone, cloud storage, or any other anonymizing
agent, difficulties in identification is compounded not only in 2G phones — but
also defects are present in every radio device and even 3G and 4G phones. Law
enforcement agencies will continue to be challenged to obtain the tools and the
training to perform competent digital forensics investigations and keep pace
with criminal activity.
Serious
criminals are extremely adept in using single-use phones and dumping SIM cards
so new capabilities should be developed to help law enforcement. As the radio
hardware in a cellphone consists of a collection of components like power
amplifiers, oscillators and signal mixers that can all introduce radio signal
inaccuracies.
When these
errors are taken together, as seen in the digital signal sent to a cell tower,
the result can be read as a unique digital signal –a digital fingerprint. Thus,
whatever criminals do to their cell phone — short replacing the internal
components of one phone with those of another phone — the phone will continue
to emit a unique signal which can be read by a device and used to separate the
particular phone out from all the other cell phones. This allows the police to
locate the phone, and the criminal using it, by triangulating cell towers.
Source:http://source.southuniversity.edu/fighting-crime-with-mobile-technology-Law-enforcement technology Locating criminals by tracking their cell phones’
digital fingerprints Published 5 August 2013.
