Earlier this year, The Washington Post claimed that the National Security Agency (NSA) had developed a method nine years ago to locate cellphones when they were powered down. The publication didn’t provide technical details on the software or hardware involved, leaving security researchers puzzled by the revelations. Seeking clarification on the technologies invoked, British privacy watchdog Privacy International conducted a survey of eight cellphone manufacturers in August to obtain details on how it would be possible to track a cellphone once it’s turned off.
Half of the firms involved in Privacy International’s research have responded, but none of the companies have provided a clear explanation for The Washington Post’s claims. Google, one of four companies to respond, rejects the idea that it could control Android handsets that are powered down. "When a mobile device running the Android Operating System is powered off, there is no part of the Operating System that remains on or emits a signal," explains a Google spokesperson to Privacy International. "Google has no way to turn on a device remotely." Similarly, Samsung seems unaware of how an NSA process could track cellphones that are not powered on. "Without the power source it is not possible to transmit any signal, due to the components being inactive," says Samsung vice president Hyunjoon Kim.
Could malware be key to the alleged tracking?
Nokia is equally clueless over the claims. "We are not aware of any way they [radio transceivers] could be reactivated until the user switches the device on again," says Nokia’s chief ethics and compliance officer Chad Fentress. Nokia also claims its devices are designed so that radio transceivers "should be powered off" once a handset is switched off. Conversely, Ericsson explains that while, generally, its handsets do not transmit signals or identify themselves while they’re powered off, the tracking might be possible using malware. "There could, however, be potential risks that once the phone runs there could be means to construct malicious applications that can exploit the phone," says Elaine Weidman Grunewald, an Ericsson vice president.
Ars Technica reports that Samsung’s response also includes a mention of "spyware which mimics the status of the battery being fully drained." Malware controlling modern handsets certainly isn’t unheard of, but it invites questions over how such complex software could be installed on handsets nearly 10 years ago. Privacy International is still awaiting comment from Apple, BlackBerry, HTC, and Microsoft, but the current responses provide little technical explanation on the claims.