Finding You: The Network Effect of Telecommunications Vulnerabilities for Location Disclosure

This report analyzes how vulnerabilities in mobile signaling protocols (SS7, Diameter) and commercial practices (global title leasing, lax interconnect security) enable state and private surveillance actors to actively and passively track subscribers’ geolocation across 3G/4G and transitional 5G networks; it documents technical attack vectors, packet-capture examples, case studies (including Saudi operators’ PSI-based tracking of travelers in the U.S.), telemetry attributing activity to specific network GTs, and policy/technical recommendations to reduce these pervasive privacy and security risks.