Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I think the devil is in the details with this type of data hand off. If there's no PII in the first batch of phones, just location and a unique ID, it doesn't seem intrusive compared to the benefit. Law enforcement would need to make a second request to de-identify a few specific numbers. If PII is handed over during the first request, then it's a lot more intrusive


the unique id is probably the phone number or the device id


Phone number is definitely PII and can easily be used to de-identify. Mac address is better, but still not great. A Google or dump specific id would be best


I'm not sure if MAC addresses are used in cell network negotiation, and they are easily spoofed, but the cellular network provider could certainly link an IP address to a device id. then again, most criminal "burner" phones are not internet enabled anyway


IMSI, IMEI, MSISDN, etc.

Systems to associate 'burner' phones to individuals, with patterns of metadata, have been commonplace for decades

https://github.com/kimgr/asn1ate/blob/master/testdata/public...


yes those can be used as device ids and in network negotiation. harder to spoof as they're a lower abstraction layer than MAC addresses


I read in an earlier NYT article about geo-fencing that the initial response involves unidentifiable tags.


Why phone number? My phone number has no association with my google account lol. I swap sims and phone numbers on a whim. My email address is the most constant thing about me.


it's not about linking you to a specific google account, it's about personally identifying you with a unique phone number at any given time




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: