Sequenced Release of Privacy Accurate Call Data Record Information in a GSM Forensic Investigation

The Global System for Mobile Communication (GSM) is a popular mobile communication standard. GSM networks collect personal communication information required for the billing of its subscribers. These communication records, known as Call Data Records (CDRs), may infringe on basic subscriber privacy principles as personal details of performed network events are managed and stored by the serving GSM operator. The dilemma exists, how to achieve subscriber network operator privacy that is accountable, while retaining access to subscriber activities for a forensic investigation without the need for a search warrant. To balance the requirements of protection and forensics against those for privacy, one promising direction is to investigate methods that facilitate key escrow techniques where CDRs are concerned. This paper discusses, from a technical perspective, the network components involved when conducting a mobile forensic analysis, and how these aspects are influenced by a forensic investigation in a GSM network. It finally shows how a balance is reached between security, privacy and forensics in a GSM network through the release of, by our definition, “privacy accurate” CDR information in a sequential manner. Access to the individual elements that comprise the private CDR information, is based on prior knowledge and proof of defined hypotheses at the outset of the investigation. Our approach focuses on an accountable CDR Forensic Anonymity Model combined with the theory of compatible keys, forms an integral part of our requirement for the release of privacy accurate CDR information during a GSM mobile forensic investigation.