Internet Protocol Detail Records IPDR reveal a lot of secrets about WhatsApp, Telegram and other IP based Voice / Video Calling Services

What is IPDR / Internet Protocol Detail Records?

IPDR is a record of internet activity of an internet user, which is maintained by the ISP for purposes of billing and accounting, but it can also be used to track the internet usage of the user or subscriber. It is very useful for forensic investigation and tracking of suspects and can be helpful to Police or other investigating agencies.

Are my WhatsApp Voice Calls truly safe? Can the government tap into my WhatsApp Voice Calls?

Though the content of your WhatsApp calls are “End-to-End encrypted” and cannot be intercepted or tapped into, the fact of your calling someone can be determined by some educated guesswork by investigating agencies which use information like Call Detail Records and Internet Protocol Detail Records from both suspects’ cell phones to establish a link of possible communication between them. This information buttressed with circumstantial evidence can be a useful tool in the hands of investigating agencies to determine interaction and communication between suspects. Even if the actual content or information shared during the call or the text chat is not available, the fact of the call backed by some other facts can help determine a sequence of events surrounding an incident.

What does IPDR Contain?

IPDR logs contain many field which reveal alot about a user’s internet activity.

It includes fields like:

  • Calling Mobile Number
  • Called Mobile Number
  • Duration of Session
  • Start Time / End time of Session
  • Amount of Data Transferred in that session
  • Internal / External IP Address of user IPv4 or IPv6
  • Port Number of the user
  • Cell Tower ID / Location
  • Azimuth Angle of the User’s Device from the Cell Tower
  • Protocol Used
  • Service Used

Under which law can the Police in India request for IPDR from the Service Provider?

Under section 91 and 92 of the Criminal Procedure Code, the police or Court can request the IPDR information from the service provider and get an officially certified copy of the same from the Nodal office of that ISP. 

91. Summons to produce document or other thing.—(1) Whenever any Court or any officer in charge of a police station considers that the production of any document or other thing is necessary or desirable for the purposes of any investigation, inquiry, trial or other proceeding under this Code by or before such Court or officer, such Court may issue a summons, or such officer a written order, to the person in whose possession or power such document or thing is believed to be, requiring him to attend
and produce it, or to produce it, at the time and place stated in the summons or  order.
(2) Any person required under this section merely to produce a document or other thing shall be deemed to have complied with the requisition if he causes such document or thing to be produced instead of attending personally to produce the same.
(3) Nothing in this section shall be deemed—
(a) to affect sections 123 and 124 of the Indian Evidence Act, 1872 (1 of 1872), or the Bankers’ Books Evidence Act, 1891 (13 of 1891), or
(b) to apply to a letter, postcard, telegram or other document or any parcel or thing in the custody of the postal or telegraph authority.

92. Procedure as to letters and telegrams.—(1) If any document, parcel or thing in the custody of a postal or telegraph authority is, in the opinion of the District Magistrate, Chief Judicial Magistrate, Court of Session or High Court wanted for the purpose of any investigation, inquiry, trial or other proceeding under this Code, such Magistrate or Court may require the postal or telegraph authority, as the case may be, to deliver the document, parcel or thing to such person as the Magistrate or Court directs.
(2) If any such document, parcel or thing is, in the opinion of any other Magistrate, whether Executive or Judicial, or of any Commissioner of Police or District Superintendent of Police, wanted for any such purpose, he may require the postal or telegraph authority, as the case may be, to cause search to be made for and to detain such document, parcel or thing pending the order of a District Magistrate, Chief Judicial Magistrate or Court under sub-section (1).

Which laws, rules or guidelines govern and protect IPDR in India?

For how long does a service provider or intermediary need to store the IPDR information?

As per the old Circular No. 820-01/98-LR /Vol. (VII) Part-II issued by the Department of Telecommunications on 13-4-2021, all ISP’s needed to maintain all commercial records/ Call Detail Record (CDR) / Exchange Detail Record (EDR) / IP Detail Record (IPDR) with regard to the communications exchanged on their network for at least one year for
scrutiny by the government for security reasons and may be destroyed thereafter unless directed otherwise by the government.

In December 2021, the DoT amended the earlier guidelines and as per Circular No. 20-271/2010 AS-I Vol. (III) issued by the Department of Telecommunications on 21-12-2021, all ISP’s now need to maintain all commercial records/ Call Detail Record (CDR) / Exchange Detail Record (EDR) / IP Detail Record (IPDR) with regard to the communications exchanged on their network for at least two years for
scrutiny by the government for security reasons and may be destroyed thereafter unless directed otherwise by the government.

As per law, what information does the IPDR in India need to contain?

As per the DoT letter dated 1-10-2013 bearing No. 820-01/98-LR/Vol. (IX) Pt. I, the IPDR needs to contain atleast this information:

  1. Name of user / organization
  2. Address
  3. Contact No.s
  4. Email address
  5. Landline / MSISDN / MDN / Leased circuit ID
  6. Internet access User ID
  7. IP Address assigned
  8. Static / Dynamic IP Address allocation details
  9. Source port in case of NATing
  10. IP Allocation Start Date / Time in IST format
  11. IP Allocation End Date / Time in IST format
  12. Source MAC Address / Device ID No. / Virtual MAC Address
Point 1 to 5 are available in the Customer Acquisition Form i.e. CAF
 

Common IP addresses / Port Number List for well-known services

Whatsapp:
TCP Ports: 4244, 5222, 5223, 5228,50318, 59234 & 5242
UDP Ports: 34784, 45395, 50318, 59234

Telegram:

This information is sourced from the Internet through Public and Private forums. This information may keep changing depending on the Service Provider / Intermediary.

How is IPDR Different from CDR?

Information which the IPDR contains but CDR does not contain

Information which CDR contains but IPDR does not contain

Information available in both, the CDR and IPDR

Can the police hear my phone call recordings through the IPDR?

No. Just like Call Detail records (CDR) the IPDR only contains the meta data of your Internet activity. It does not store the actual content sent or received.

It does not have the audio recording of your call or the text messages that you have sent through services like WhatsApp, Telegram etc. but it has ancillary information about the call, which can reveal some facts about the nature of the call.

What are some of the limitations of IPDR information?

  • IPDR and CDR both do not store your actual call recordings or the audio from your call.
  • IPDR information has an element of guess work in determining who were the called and calling parties. Without external circumstantial evidence, IPDR maybe of little use.
  • IPDR analysis is heavily dependent on publicly available information of the Service Providers or intermediaries. Not all intermediaries or service providers have their IP Addresses and Port Numbers publicly listed. This is sourced from public domain information on the Internet which may not be verified.

Is there any way to prevent being tracked through IPDR?

You may also like...

Leave a Reply

Your email address will not be published.

error: The content on this website is (C) Lawgic.info. Ask for permission at info@lawgic.info !!