You realize, with a phone number, all payment details for the SIM can be accessed?
And that from the SIM, you get IMEI, which can be cross ref'd with telecom logs to get geolocation?
Phone numbers are basically a glorified UUID. Also, in most jurisdictions it is required by law that telcos have tight integration with Law Enforcement, and even with the U.S., any type of investigation will start with a pull for the individual's phone number from whereever, cross ref that with SIM financial payment info, cross ref'd with bank accounts/credit card activity for purchase activity. Then cross-ref with Driver's license/civic/court records?
By DEFAULT. Third party doctrine. It ain't protected by the Fourth Amendment. In less zealous states, forget about principled restraint. The phone number is effectively your citizen Id.
When people like me start raising hell about the dangers of UUID primitives, this is what we're trying to protect you from.
No one can be trusted with the view created by the aggregation and cross-reference of this type of info. Every government/legislature/population will eventually "think of the children/criminals" their way to it anyway though, while law enforcement jumps up and down with glee at how complete a picture they can get through their fusion centers. Then it's just a matter of how long it takes for an autocrat to insert themselves into a place of power until the technological marvel that empowers law enforcement to "ensnare the bad guys", has "bad guys" surreptitiously crossed out and replaced with some signifier for a set of people that contains you.
If you don't think that happens, you ain't been paying enough attention. If you wonder why that hasn't been an issue before, it was because part of what puts a check on LE was the burden of physically referencing and cross-ref'ing data, which would put a fundamental cap on the ability for any abuse of power to materialize.
And that from the SIM, you get IMEI, which can be cross ref'd with telecom logs to get geolocation?
Phone numbers are basically a glorified UUID. Also, in most jurisdictions it is required by law that telcos have tight integration with Law Enforcement, and even with the U.S., any type of investigation will start with a pull for the individual's phone number from whereever, cross ref that with SIM financial payment info, cross ref'd with bank accounts/credit card activity for purchase activity. Then cross-ref with Driver's license/civic/court records?
By DEFAULT. Third party doctrine. It ain't protected by the Fourth Amendment. In less zealous states, forget about principled restraint. The phone number is effectively your citizen Id.
When people like me start raising hell about the dangers of UUID primitives, this is what we're trying to protect you from.
No one can be trusted with the view created by the aggregation and cross-reference of this type of info. Every government/legislature/population will eventually "think of the children/criminals" their way to it anyway though, while law enforcement jumps up and down with glee at how complete a picture they can get through their fusion centers. Then it's just a matter of how long it takes for an autocrat to insert themselves into a place of power until the technological marvel that empowers law enforcement to "ensnare the bad guys", has "bad guys" surreptitiously crossed out and replaced with some signifier for a set of people that contains you.
If you don't think that happens, you ain't been paying enough attention. If you wonder why that hasn't been an issue before, it was because part of what puts a check on LE was the burden of physically referencing and cross-ref'ing data, which would put a fundamental cap on the ability for any abuse of power to materialize.
We're losing that check. Quickly.