Telecommunication evidence’ is the broad term used to describe any
data/information retained or otherwise available from the communication service
provider (CSP, such as ‘T-Mobile’ and ‘Orange’), and which has probative value
for investigative or legal purposes.
‘Call Data Records’ (CDRs), sometimes referred to as ‘Call Detail
Records’ (CDRs), are statements that provide information relating to the usage
of the telecommunication services provided by a given operator by a specific
user.
The following information would be created and retained by the
telecommunications operator during the normal course of business operations:
o
Called telephone number or numbers;
o
Name(s) and address(es) of the subscriber(s) or registered user(s);
o
Date and time of the start and end of the communication;
o
Telephone service used, e.g. voice, conference call, ‘Short Message
Service’ (SMS), Enhanced Media Service or ‘Multi-Media Service’ (MMS);
o
‘International Mobile Subscriber Identity’ (IMSI) of the calling and
called party;
o
‘International Mobile Equipment Identity’ (IMEI) of the calling and
called party;
o
Location label (Cell ID) at the start and end of the communication;
o
Data mapping between Cell IDs and their geographical location at the
start and end of the communication.
The information detailed above may be available for disclosure only
following due authorisation by the relevant ‘POLICE & INTELLIGENCE LIAISON
OFFICER’ at the telecommunication operator and/or in response to an Order of
the Court.
The information detailed above will typically be retained for twelve
(12) months following point of creation, to facilitate billing and comply with
regulatory requirements.
The ‘EUROPEAN TELECOMMUNICATIONS STANDARDS INSTITUTE’ (ETSI)
specification for GSM event and call data provides detailed definitions for a
variety of records needed in the administration of subscriber related event and
call data.
‘Call Data Records’ (CDRs) can be analyzed for a variety of purposes and
can provide considerable assistance to investigators and defence specialists.
For instance, a service provider may use them to understand the calling
patterns of their subscribers and the performance of the network.
In the context of an investigation, assessment of CDRs can be used to
identify contact and communication between given individuals, potentially
proving relationships and/or involvement in a conspiracy. CDRs can also be used
to assist in the first stage of ‘cell site analysis’; the identification of the
specific cell station used to handle a communication session.
Such information can be translated into geographical locations for the
cells involved in communication sessions, which in turn assists in appreciating
the general locale from which calls were made/received.