[multjoy]

You will never be able to justify the collateral intrusion that getting all the connections to a single cell site would represent.

If you don't know who you're looking for then it isn't actually that much help in any case.

Assuming you know that the suspect phone will have pinged a given cell site, then you still have to work out which phone it was. Assuming that they're not daft enough to use anything other than an unregistered PAYG sim, then you're left hoping that the IMEI of their handset has come to police attention.

If you had the resources, you could get the top-up data for all the unregistered sims attached to that cell site and hope there's CCTV at a given newsagent or that they've used their own bank account to top up online.

[angry_octet]

I'm not sure if you read the links? The UK doesn't have the same requirements as the US. They don't have a collateral intrusion limitation.

Once you have the IMEI of interest you can find everywhere it has been and every number dialled, and all DNS requests and IP transfers. You just need a dialled number which has a plan attached and you can look up the phone book entry from that persons phone (though police would need a warrant for that).

The only thing preventing the Met from finding this thief is a lack of person time.

[multjoy]

Yes, there is a collateral intrusion limitation. You cannot simply go on a fishing trip.

Once you have an IMEI number that you can attribute to the suspect, having exhausted all conventional means of finding the data then you go ahead and start requesting billing and cell site data.

Note, however, that this won't tell you what ip addresses have been assigned to that account.