We’re excited to announce that PGPP (Pretty Good Phone Privacy) is now in Beta and available for download.
PGPP Beta Launch
You probably already know: your cell phone is a tracking device. Your phone’s SIM uses a globally-unique, permanent identifier to authenticate and connect to the cellular network. These identifiers are known as IMSIs, and they leave you vulnerable to privacy attacks. One attack method uses what’s known as an IMSI Catcher, or Stingray, to simulate a valid cell tower signal that tricks nearby phones to connect and offer their IMSI. Fixes to this specific attack, even in 5G, are years away. In perhaps an even more concerning attack – mobile carriers themselves have been known to aggregate, analyze, and sell the IMSI and mobile data they collect.
At this very moment, your phone is talking to a cell tower and the tower is talking to your phone. For it to send you the data you want, the mobile provider knows your IMSI and where you are. It’s always been thought that to provide someone with mobile service there was no alternative to using IMSIs, and allowing the mobile provider to know where every user is and what they’re doing at every moment. IMSIs leave an indelible location and network history for virtually every person on the planet.
And when you use your phone you have Internet service, and with that the mobile provider and many, many others across the Internet collecting rich data on everything you do. These two domains of your connected life – on the mobile network and on the Internet – have had no network-level privacy protections before PGPP.
We live in a world of ubiquitous surveillance – data collection about every aspect of our lives, largely by companies whose names we have never heard of and have no relationship with. Critics of these practices are right that not only is this surveillance widespread, but fighting against it is challenging: perfect privacy in the year 2022 is nearly impossible to achieve. Even when users try to protect themselves, companies are incentivized to adapt: to find new ways they can continue to track and collect this lucrative data.
Data brokers, tracking companies, advertisers, network operators, and others will continue to try to circumvent any protections, and our collective task is to adapt to thwart them. When users install apps that collect more data than needed, or those app developers sell the data they collect, user privacy is compromised. Despite the scale of the challenge, we believe that privacy is a fundamental right and so it is our obligation to work towards it.
Today we’re launching a beta of Pretty Good Phone Privacy (PGPP), a fundamentally new type of service to provide mobile and Internet privacy. PGPP helps to protect users against types of tracking that previously couldn’t be prevented: the tracking of your location by your globally-unique IMSI.
PGPP changes this by enabling you to prove that you are supposed to get service from the mobile network (authentication) and then get connected to the mobile network using a random, time-limited IMSI. We presented this privacy-preserving system in peer-reviewed research we published last year. When using PGPP mobile data service, your IMSI changes periodically, while your device continues to get data service from the mobile network. In this beta launch, PGPP achieves this privacy-preserving IMSI randomization using eSIMs on supported Android devices.
Once your device connects to the mobile network it has an IP address: that is its identifier on the Internet, whether you’re using WiFi or mobile data. That identifier links you to your Internet usage, something that is being scooped up by many different companies and organizations. PGPP includes Relay, a service that provides decoupled Internet privacy through a partnership between INVISV and Fastly. When using Relay, all of your device’s requests are encrypted and sent first through INVISV, where your IP address gets hidden (without decryption), and then to Fastly (who only knows where to forward the request, but doesn’t see your IP address); your request goes where you wanted it to go, still encrypted end-to-end using TLS. PGPP Relay can be used on its own on any Android device, with or without eSIM support.
Normally network security and privacy services, such as VPNs, put themselves in the role of gatekeeper: keeping bad things out and your private information in. But in doing so you have to place total trust in them and their ability to keep your identity, browsing, location, and much more private. PGPP is a new type of service that decouples trust: where INVISV’s job is to ensure that nobody but you has all your critical information. In effect, your requests for data from the Internet, whether with a web browser or with any other app, are unlinked from your identity, and neither INVISV nor Fastly nor your broadband Internet provider nor a mobile operator can link your identity and your Internet usage and location together. INVISV’s technologies leverage a key principle, which we call the Decoupling Principle, to achieve practical privacy protection. (We’ll have more on the Decoupling Principle, and how we use it to protect user privacy, in an upcoming post.)
PGPP is available via three plans (read more here). The Mobile Pro and Mobile Core plans provide mobile data service with IMSI randomization, for use as you travel around the U.S. and Europe, and enable roaming across a wide number of mobile networks in these regions. The Relay plan provides decoupled Internet privacy, for use when you’re on WiFi or using mobile data from any service (via PGPP or elsewhere). Mobile Pro includes daily IMSI randomization and uncapped mobile data and both Mobile Pro and Core include Relay. For voice or video, we encourage our users to use secure apps such as Signal or Matrix; PGPP does not include traditional phone service. And to users with an existing mobile provider who want PGPP mobile privacy: ask your existing provider about PGPP, as we can integrate directly with any existing provider.
INVISV is Building Privacy Infrastructure for Modern Communications
INVISV’s goal is to take practical steps to ensure privacy for ordinary people. We do this by making it simple for existing apps and services to deliver real private offerings. PGPP is just the beginning for people-first privacy. While no system will ever be perfect, we believe it’s important to build things that are pretty good.