"Pretty Good Phone Privacy" (PGPP): Decoupling authentication and phone connectivity

Right now, there is a good chance your phone is tracking your location—even with GPS services turned off. That's because, to receive service, our phones reveal personal identifiers to cell towers owned by major network operators. This has led to vast and largely unregulated data-harvesting industries based around selling users' location data to third parties without consent.

For the first time, researchers at the University of Southern California (USC) Viterbi School of Engineering and Princeton University have found a way to stop this privacy breach using existing cellular networks. The new system, presented at USENIX Security conference on Aug. 11, protects users' mobile privacy while providing normal mobile connectivity. The new architecture, called "Pretty Good Phone Privacy" or PGPP, decouples phone connectivity from authentication and billing by anonymizing personal identifiers sent to cell towers. The software-based solution, described by the researchers as an "architecture change," does not alter cellular network hardware.

Currently, for your phone to work, the network has to know your location and identify you as paying customer. As such, both your identity and location data are tracked by the device at all times. Data brokers and major operators have taken advantage of this system to profit off revealing sensitive user data—to date, in the United States, there are no federal laws restricting the use of location data. But Raghavan, with study co-author Paul Schmitt who recently joined USC's Information Sciences Institute from Princeton University, found a way: They decoupled what's known as authentication—who you are—from your phone connectivity. The key finding: There is no reason why your personal identifier has to grant you network connectivity. Their new system works by breaking the direct line of communication between the user's cellphone and the cell tower. Instead of sending a personally identifiable signal to the cell tower, it sends an anonymous "token." It does this by using a mobile virtual network operator, such as Cricket or Boost, as a proxy or intermediary.

The duo, who have launched a startup called Invisv, prototyped and tested everything with real phones in the lab. Crucially, their approach adds almost zero latency and doesn't introduce new bottlenecks, avoiding performance and scalability problems of other anonymity networks. The service could handle tens of millions of users on a single server and would be deployed seamlessly to customers through the network operator. Since the system works by stopping a phone from identifying its user to the cell tower, all other location-based services—such as searching for the nearest gas station, or contact tracing—still work as usual. The researchers hope the technology will be accepted by major networks as default, particularly with mounting legal pressure to adopt new privacy measures.

"For the first time in human history, almost every single human being on the planet can be tracked in real-time," said Raghavan. "Until now, we had to just silently accept this loss of control over our own data—we believe this new measure will help to restore some of that control."



  1. Anonymous13/8/21 19:21




  2. Anonymous14/8/21 10:54