Cellular carriers store a wide variety of information about how, when, and where customers use their cell phones. A search warrant or subpoena to the carrier can return (among other things) Call Detail Records (CDRs), which describe calling and TXT’ing activity.
Extracting probative findings from CDRs requires an understanding of how cellular networks are designed and operated, as well as knowledge of how CDRs can, can’t, and shouldn’t be used. Because of this, many defense teams aren’t leveraging the CDRs frequently found within discovery, even though they may hold exculpatory or mitigating evidence.
Armistead Investigators has the tools, expertise, and insights necessary to assist with cases involving CDRs. This article provides a brief, and in places over-simplified, introduction to working with CDRs.
Cellular Networks 101
Cell towers are everywhere. The diagram below shows the locations of one carrier’s towers around the Denver and foothills area. Note how the tower spacing varies, depending on factors like population and terrain.
Each cell tower typically holds several antennas each designed and precisely pointed to provide high-quality, highly-reliable communications for a finite area around the tower. While carriers disclose the direction each antenna points, they won’t reveal its exact coverage area (they consider that to be proprietary information).
An antenna’s coverage area can be estimated, however, using knowledge of tower spacing and common antenna design parameters. The diagram below shows the estimated coverage areas of two antennas on a tower along I-70 near Evergreen.
What’s in a CDR?
CDRs are provided in a big table (typically a spreadsheet). This table documents activity for a single phone number for a given period. In simple terms, there’s a row for each call or TXT, and numerous columns containing metadata about that call or TXT.
While each carrier provides different metadata, the following information is almost always present in some way, shape, or form:
- Date and time
- Incoming and outgoing phone numbers
- The geographic location of the cell tower(s) the phone used
- Which antenna(s) on the tower(s) the phone used
Approximating Phone Location From CDRs
Because the CDR tells us the location of the cell tower a phone used at a particular date and time, the phone must have been in the general vicinity of that tower. But the CDR also indicates the antenna(s) the phone used; doesn’t that help refine the phone’s location? The answer is “possibly,” after taking into account factors such as:
● We don’t know the exact coverage area of the antenna
● Radio signals can be reflected and bent ... meaning the phone might be close to, but not actually within, the antenna’s coverage area
On the flip side, knowing the antenna(s) used can also be extremely revealing. Refer back to the antenna coverage diagram above. If a CDR showed that the phone used both antennas during one short call, it would be reasonable to place the phone in a car driving along I-70.
One of the more interesting applications of CDRs is to infer the day-to-day behavioral patterns of a person. Given enough CDRs, and the assumption that a person always has their phone with them, one can determine:
- Areas the person frequently visits
- Days and times they typically visit those areas
- The people most often communicated with
- Where they “lay their head” at night (inferred from the phone’s use of the same antenna from the evening through the next morning)
Armistead Investigators can assist our clients with many aspects of working with CDRs, including:
- Formulating technical language for preservation letters and subpoenas
- Interpreting, and possibly challenging, law enforcement findings
- Creating maps and animations showing a phone’s location
- Gleaning investigative leads
- Conducting Pattern-of-Life analyses
If you’d like to chat about a case involving CDRs, contact Chris Wells, the senior digital investigator for Armistead Investigators, at firstname.lastname@example.org or 303-825-2373 ext. 5.