So we can safely say that IMSI catchers have been used as a matter of routine since 2002.

and the guys with the IMSI catchers, would complain about the fake IMSI's, right?... RIGHT?...

> (1) A person commits an offence if:

> he changes a unique device identifier,

Technically, IMSI is not a device identifier. MT has IMEI and SIM (or more precisely ICC) has ICCID (which is normally never transmitted over the network). And the legislation probably specifically targets spoofing the IMEI, as spoofing IMSI does not gain you anything other than absence of service (on normal GSM/3GPP network).

The fact the Government is using it as an identifier likely means they can argue legally you are attempting to change the identifier.

Technically correct for technical discussions is not the same as contextually correct in a court room.

That's why I prefixed that with "technically". :)

From legal standpoint, device that spams IMSI catcher with registrations with random IMSIs is mostly same thing as the IMSI catcher itself, ie. device that requires it's own broadcast license to operate, as such device certainly does not meet legal (and technical) requirements for it to be an cellular phone.

On the other hand, generating random IMSI, burning that into ICC and thus producing unusable SIM is probably perfectly legal even when you put that inside normal GSM phone (from network standpoint it will behave mostly same as phone without any SIM). In practice SIMs with completely made-up IMSIs are even commercially available (idea there is that some phones will not fully boot without SIM).

IMSI is not a mobile phone identifier, it literally means International Mobile Subscriber Identity and is provisioned in the SIM card.

You will change your IMSI by simply changing the SIM card.

No you won't, IMSI provisioning is mostly done today remotely. The SIM card will have an empty IMSI partition and once you've "activate" it with the parent network the network will provision an IMSI on that card. If you have an account with a cell provider you'll carry the same IMSI number when you switch devices and SIM cards.

If you use pre-paid sim cards then those usually have thin provisioning of IMSI numbers they network buys a certain amount and activates them when the SIM card is activated and deactivates them once the SIM card has been inactive or not been topped off for a certain period of time (usually around 90 days).

When some one has your IMSI they can tie it directly to your personal details, phone number and various other details if they have sufficient access to the global cell system they can also get your location and what tower you are connected to. Historical log data will give them any tower you've been connected too from the first tower during the initial activation and provisioning to the last tower you've been connected too. Depending on the network and device most phones also send out nice diagnostic information about other towers and networks they see all the time regardless of what tower they are connected too at the time that with a given IMSI number will allow some one to triangulate the position of the device to under 10M in most urban areas if some one knows your IMSI they can pretty much pin point what room you are in at your house (give your house have several rooms pointing at different directions ;)).

And to be somewhat more pedantic, it even is not "unique device identifier" of the SIM, as SIM is not an device, but software application (typically one of applications) running on some hardware platform (usually an ICC, which is what is colloquially called "SIM card")