How private are the contents of regular cell phone calls? Does my ISP have some way of recording what I say?
1 Like
Cell phone conversations are generally private and their contents are not automatically recorded or stored by ISPs. If the party you are calling has a recording software or app, you have no way to know (unless that party explicitly tells you). Depending on where you are, some countries prohibit the use of such software.
ISPs primarily handle internet traffic, not phone calls, while cell phone carriers manage the actual phone service. Unless you were talking about WiFi-calling?
However, it’s important to note that carriers can see metadata about your calls, such as phone numbers dialed, call duration, and time of calls. You can probably see that on the bill you pay.
4 Likes
They are normally private enough.
Of course, with a valid court order, cellular service providers can always tap into any calls you’re having and even try to triangulate your location. So, yes - technically they do have the technical capacity and ability to record your calls but they don’t or won’t unless forced by law.
I would still try to have all my voice calls through Signal or other private and encrypted IM app, as much as possible.
Originally I was going to say how insecure phone calls are, mainly due to what I read from Snowden and my limited knowledge of phone calls. But on further research they are actually quite a lot more secure and private than I thought.
Phone calls over Wi-Fi are encrypted, I could not find definitively what encryption method is used, maybe it’s different per provider, seems like HTTPS and IPSEC tunnels are used. Network security is apparently a big factor too for Wi-Fi calling. Regular phone calls are also encrypted in accordance to over what you are calling from, like 4G or 5G as they have encryption in their specifications. All this is to prevent Man in the Middle attacks, snooping, and other attacks, but it definitely is not impossible to still do those attacks.
And now! How private are phone calls? Not at all. At least, in terms of what your mobile service provider can see since in theory they are able to see and collect everything you do in terms of calls and text messages via their network. The encryption I mentioned before is not E2EE. Whether they actually collect all that or not will likely be mentioned in their privacy policies (or not at all mentioned), but the capabilities are always there anyways unless future standards change something. And as Edward Snowden had leaked, the US was collecting phone calls from foreign countries at least back in 2013.
The points everyone else has commented on are valid too, and in the end this is about your threat model.
Exactly. A friend of mine is a Samsung user and every time it receives a call its phone automatically starts recording, so isn’t just an ISP thing.
But not E2E encrypted, so if you (OP) and the other party have the possibility to communicate via WhatsApp, for example, which offers E2E calls go ahead for that (IMO). In regular phone calls you’re basically trusting your ISP, and if that’s in your threat model use an encrypted service.
Try blocking ‘2G network’ on your mobile terminal.
Source?
2 Likes
The actual answer unlike what stated by others is that phone calls are highly insecure and non private.
Telecommunications run over very outdated protocols that lack proper security and can rather easily be evesdropped. See also Veritasium: Exposing The Flaw In Our Phone System
You really should not rely on traditional phone calls for sensitive conversations and rather avoid having them anywhere possible.
I would not be to sure about calls not been retroactively recorded. Think a bit like of the body cams that can go back in time when an officer presses record. Let’s say it wouldn’t suprise if such systems exist.
6 Likes
You know what I was thinking about? What if there is an option to call someone without using phone numbers? For example, through mail providers? Instagram has the feature to call someone without using a phone number.
We are at the technology level that any unencrypted phone call can be transcribed by a computer, transcription taking up a lot less space than the audio, and audio can be stored for a week before deleted. Storage limits removed for persons of interest.
My knowledge of quantum decryption is nonexistent but if we presume it’s a coin flip chance of happening then every encrypted text is probably being stored for later in the hope that they figure it out. So read your user manual to check that your encryption is quantum resistant.
Such thing is already there: Signal.
You can already call someone via username there.
1 Like
I think we will never have a source for this.
But (technically) the data is too large to store… 10 years every sound which transmitted by millions of people (Think the spam callers, call center waiting melodies etc…) In my opinion practically the possibility is near %1. But Im curious your opinions here.
Storage is not really an issue, and totally within ISP / Gov agencies / equipment manufacturers / state-backed hackers’ capability and reach, and some have been doing this for long time.
With the advance of technology, they can do things very differently from a decade ago.
Speculations Here
It is not necessary to keep the audio clip, they only need to keep the transcript / summary / keywords of mass conversations, and flag the individuals when they hit certain words frequent enough, then they start doing the targeted surveillance. it is just like how Smart TV ads works.
Even VoWifi/ VoLTE/VoNR is not entirely secure, but of course much better than the stone age 2G / 3G calls.
2 Likes
As an example, T-Mobile says:
Your CPNI doesn’t include your name, address, phone number, or the content of your phone calls. Phone call content has stricter protections under wiretapping laws.
https://www.t-mobile.com/privacy-center/education/phone-privacy
And you can find the details here by country and state on who can record in a private conversation (not about carriers):
How would that work? This sounds like FUD.
There are many laws protecting against carriers recording in a lot of countries. Like I said previously though, in some countries, private recording of calls are allowed without the other party’s consent.
So if the question is, is it technically possible? Absolutely yes. Is it done by the carriers? Depending on your country, most likely not.
1 Like
Anything routed through PSTN can be sniffed.
Sigh. Wtf…
Adding another article to your point:
Well, I guess being illegal didn’t stopped them from doing it in the past (NSA / Snowden leaks), so they could indeed be doing it for phone call as well. Illegal in the US doesn’t mean anything anymore though 
The U.S. government does not generally record phone calls of private citizens without permission or a warrant, as this would violate the Fourth Amendment, which protects against unreasonable searches and seizures. However, law enforcement agencies can obtain records of phone calls, such as metadata (which includes information like the time, duration, and numbers involved in calls) through legal processes, such as subpoenas or court orders.
Additionally, under certain circumstances, like national security or criminal investigations, agencies such as the NSA (National Security Agency) may conduct surveillance that could include monitoring phone calls, particularly those involving foreign targets. The extent and legality of such surveillance have been subjects of significant debate and scrutiny, especially following revelations about mass surveillance programs.
In summary, while the U.S. government does not typically record phone calls without legal justification, it can access call records and metadata through legal means.
So to answer OP’s question, if you’re in the US, all phones calls seem to be recorded.
The fact that is is technically possible should already be alarming enough IMHO. Do not rely on vague promises (trust me bro) but rely on actual cryptography instead.
I wouldn’t just point at the USA I am fairly confident this happens everywhere
4 Likes
How did you come to that conclusion?
Unless there’s evidence to the contrary, nowadays I would assume almost all telecommunications providers log the metadata of all phone calls.
Anyone can download an app that records the contents of phone calls, and then hit the record button. This may or may not be legal, but capability certainly exists and enough people do it.
Banks, call centers, government agencies, prisons etc. routinely collect people’s voice prints or record the contents of phone calls. Some of them turn off recording upon request, while others either claim they are compelled to record the phone call, outright refuse or pretend to comply.
In the US, the government spies on phone calls involving foreigners, and the NSA is reported to have voice recognition capabilities and can search back in time.
Based on the above, I would say phone calls are normally not private enough, with some niche circumstances where they are private enough.
As others have suggested here, pinky-swear promises that telecommunications providers, intelligence agencies, other institutions and anyone who intercepts phone calls won’t monitor phone calls are not good enough. Cryptography is a requirement for privacy of phone call content. Unfortunately not much can be done about metadata logging and recording by the other parties to the phone call.