What I was wondering is this - how could anyone have records of when a device was turned on and off, into and out of airplane mode, date and time specific... from 7 years ago, no less? What method would be used to store such device usage info, where would it be stored, for what purpose, and by whom?
RSBM
What I was wondering is this - how could anyone have records of when a device was turned on and off, into and out of airplane mode, date and time specific... from 7 years ago, no less?
The information MEID (noted in the SWA) provides is mainly added when the phone is built. It doesn’t include any information about the name or address that the phone is registered to, or the number on the SIM card. There is some information about network and location that is transmitted by the MEID number but only locally BUT
this data resets every time the phone turns off.
Sim data includes location data you can subpoena the phone company for, but it will include the data from before the phone is turned off/then back on. This data would be available for a certain amount of time (usually companies only store this data for so long), and would only include data (like GPS/location/etc) from when the phone was ON or on Airplane mode. If the phone is off there would be no data transferred.
Theoretically, you could deduce the phone was off or the battery dead during times the phone wasn’t transferring any data. But that doesn’t tell you anything except the phone was off or dead. There’s no way to deduce whether something nefarious was going on during the time the phone was off or not. At least not technologically, from the phone.
….from 7 years ago, no less?
I think it is very doubtful. The FBI has some of the best forensic recovery tech, which I don’t know much about. But the phone company only keeps data for so long, and the phone company will not just give out the sim data,
LE would have to subpoena the phone company within the amount of time the phone company keeps this data.
What method would be used to store such device usage info, where would it be stored, for what purpose, and by whom?
Sim data would be stored via the phone company, for numerous reasons, if you mean the data itself?
If you are asking how LE specifically would store this data, ideally on something more reliable than a DVR that records over the data. An external HD. A private server with IT people, shared through something like Dropbox, for example. Ideally the investigators on the case are crowdsourcing the data, therefore, could individually save it also (which would be smart IMO, because you don’t want to lose important information/potential evidence in a homicide case).
Let’s say the Unified Command has important data, they could upload to Dropbox and each person could make a copy of the data and save on their computer, an external HD, etc. LE could technically “clone” a phone with a warrant or permission with some type of cloning software, which would save the cloned phone’s data. This would be more common in PDs that are larger and have more funding, but I am positive the FBI has cloning software, and I believe they are typically happy to help smaller PDs with stuff like this when asked-especially when crimes against children are involved.
(AJMO, from my understanding.)
Apologies for the tl;dr nerd rant, did I answer your questions?