T 5.99 Analysis of call data relating to the use of mobile phones
With mobile communications, the signals transmitted over the transmission route cannot be shielded physically against unauthorised eavesdropping or recording. For this reason, an attacker could execute his/her attack without the access problems common to line-based communication. A second problem which generally occurs with most radio communication services arises from the fact that for technical reasons the mobile communication partners have to be located in order to be contactable. If the devices establish a connection themselves, they also provide information on their location - in the course of establishing the connection. This location information can be used by the network operator or service operator - but also by third parties - to build up movement profiles.
If an attacker is familiar with particular filter characteristics over a mobile phone, he/she could (although it would be technically effort-intensive) identify individual phone calls by means of these characteristics. These or other attacks require that the customer number (IMSI), mobile transceiver number (IMEI) and subscriber call number (MSISDN) are known.
An insider who, for example, had access to the corporate or private telephone directories in a company would be able to identify the MSISDN call number.