T-Mobile is one of the most frequently used sources of digital evidence in modern criminal investigations. A properly written search warrant to T-Mobile US can return detailed call records, device identifiers, and location-related data that help investigators place a device in context with a crime. Because T-Mobile operates one of the largest wireless networks in the United States, nearly every investigation involving a mobile phone has the potential to involve T-Mobile in some capacity, either directly or through a third-party provider that relies on its infrastructure. Understanding how T-Mobile systems generate and store records, and how to request those records clearly, directly impacts both the speed of response and the evidentiary value of the material returned.
T-Mobile Background
T-Mobile is headquartered in Bellevue, Washington, but law enforcement requests are handled through its legal compliance center in Parsippany, New Jersey. This distinction is important when preparing a T-Mobile search warrant, as directing legal process to the correct location helps avoid delays and ensures the request is routed through the appropriate review channels. T-Mobile’s network supports voice calls, SMS and MMS messaging, and mobile data usage, and each of these services generates records that can later be obtained through legal process. Every time a device connects to the T-Mobile network, whether for a call, message, or data session, the system logs information about that interaction, creating a detailed historical record of activity tied to the device and the associated phone number.
Drafting T-Mobile Search Warrants
A well-drafted search warrant for T-Mobile requires a base understanding of telecommunications networks and those aspects unique to T-Mobile. As with any telecom, the bulk of available records are Call Data Records (CDR). Simply put, CDRs are logs that document the details of a telephone call or other telecommunications transactions that passes through the telecom. They were originally created to track calls for billing purposes and some CDR returns still how cost per minute charges. T‐Mobile uses a tool named Digger to produce Call Detail Records (CDR) which consist of:
- Incoming & outgoing calls (phone numbers included)
- Sent & received SMS & MMS (no content)
- IMEI & IMSI numbers (if present)
- Service codes that indicate call actions (ie. call forwarded, sent to voicemail, etc.)
- Duration of the call and completed or answer status.
- Cell tower(s) that the handset connected to during the call. (beginning, ending and in between)
- Mobile data usage as bytes uploaded / downloaded.Location data known as PCMD
Although T-Mobile does not store text message content, California law enforcement should still be aware that anything beyond subscriber information must comply with the California Electronic Communications Privacy Act (CalECPA)
Per Call Measurement Data & Location
Per Call Measurement Data (PCMD) is used to determine the distance of a mobile phone from a specific cell tower during a call. T-Mobile uses a Timing Advance system known as Time Difference On Arrival (TDOA) for E911 services to pinpoint a subscriber’s location with a reported accuracy of about 10 meters. TDOA achieves this by measuring the time it takes for a signal to travel from a mobile device to three or more network antennas, thereby determining a more precise position of the device. T-Mobile’s PCMD records were known as “TrueCall” data, but they have since retired that name. The accuracy of TDOA locations can vary widely based on a variety of factors, often environmental. Some TDOA locations are as good as 6 meters, unfortunately some are as poor as 1,000 meters.
T-Mobile’s Time Difference On Arrival (TDOA) is similar to a bat’s echolocation. The signal is sent from the tower like a bat squeak. Instead of the sound bouncing back from an object, the mobile phone which responds to that signal. T-Mobile knows exactly how long it take for a signal to travel. Remember though, that signals radiate from a tower in a circular shape so the phone can be anywhere in a 10 meter wide arc within the connected azimuth.
Through triangulation, T-Mobile a determine where these arcs cross and may be able to identify where within the arc that the mobile phone is located. Potentially, this could place the mobile phone in an area about the size of a semi-truck.
Mobile Virtual Network Operator (MVNO)
Not all phone numbers associated with T-Mobile are direct T-Mobile customers. Many services operate as Mobile Virtual Network Operators, meaning they use the T-Mobile network but maintain their own customer accounts and billing systems. Providers such as Metro by T-Mobile and Mint Mobile rely on T-Mobile infrastructure to deliver service. This distinction is critical when preparing a T-Mobile warrant, because it affects where different types of records are stored. In these cases, the MVNO typically maintains subscriber information such as account holder identity and billing details, while T-Mobile retains the underlying network records, including call detail records, tower data, and timing information.
For investigations involving an MVNO on the T-Mobile network, investigators should send legal process to both the MVNO and T-Mobile. The MVNO will provide subscriber and account information, while T-Mobile will provide the network activity and location-related data. Failing to send process to both entities can result in incomplete records and gaps in the investigation.
In cases involving MVNOs, T-Mobile may not have complete subscriber information for the target account. Investigators should expect that T-Mobile records may focus primarily on network activity and device identifiers, rather than account ownership details. This does not reduce the value of T-Mobile data, as call detail records, tower information, and device identifiers can still provide strong investigative leads and corroborating evidence. When combined with subscriber information obtained from the MVNO, T-Mobile records can help establish both identity and activity.
Conclusion
T-Mobile, as a part of the revered “Big Three” alongside AT&T and Verizon, holds a vast expanse of data that could be pivotal in legal investigations. The merger with Sprint and their position as a top MVNO servicer has further broadened their impact on investigations, making the process of drafting a T-Mobile search warrant a more nuanced endeavor.
