There is a requirement in place on anonymity for both the requestor and the target in the LCS Stage 1, TS 22.071, and there are or will be regulatory requirements to support anonymity in location services in some countries. It is seen as a basic service requirement that the user should be able to request anonymity at will. There are various methods available for providing anonymity-support for LCS. One model has been described by the GSM Association in the LS in TD S2-021104 to 3GPP. In short, GSMA's model introduces the following logical architecture.

In this PUSH model the pseudonym of the target UE is always generated for certain LCS clients on behalf of the terminal's subscriber without a specific request. The PUSH model describes the case when the target UE requests its own location using e.g. SMS or WAP. SMS and WAP functions currently have problems in supporting anonymity, because the SMS/WAP gateways forward the originating MSISDN to the receiver. This weakness may be resolved in practise e.g. such that the SMS or WAP Gateway requests pseudonyms from a common device (PMD), as shown in Figure E.1. In this process the gateway requests a pseudonym from PMD in signalling step 2 and in signalling step 3 the gateway uses the pseudonym in the service request that it sends to the LCS client. The gateway includes the requesting terminal's verinym, i.e. the MSISDN, in the service response it sends to the terminal in step 9. In this way the LCS client only knows the pseudonym of the terminal and not the verinym. This solution is not LCS specific, since the SMS/WAP gateway inserts pseudonyms in all SMS/WAP messages, which the gateway forwards to the receivers (LCS clients) defined by the operator in advance. The Liberty Alliance Project has standardized methods that can be used to ensure the anonymity of the target UE in location services using pseudonyms as shown by the example in Figure E.2 below. The specifications of the Liberty Alliance project are publicly available at http://www.projectliberty.org/.

In this PULL model the LCS client requests the pseudonym from the Gateway before accepting the service request from the terminal. The proxy/gateway is a so-called Liberty Enabled Client/Proxy, which also may support standard WAP proxy/gateway functions as described in the appropriate WAP Forum specifications. Note that the mechanism described above is a generalized solution to the problem of transporting something from party 1 (PMD) to party 3 (GMLC) so that intermediate party 2 (LCS-client) cannot find out the real content transferred between party 1 and party 3 (verinym in this case). Also note that since the proxy/gateway does not push any pseudonym in step 2, it is not required to understand the destination application and what information it may need. Step 3 allows any application to request a pseudonym or any information it may need, thus making this a generalized solution, which may be used for many types of applications, not only LCS. It is to be noted that the Liberty release 1.1 specification has been carefully studied by the EU article 29 committee and found to be in accordance with the current EU privacy requirements. It is stressed, however, that it is the responsibility of someone implementing or deploying a system in accordance with the Liberty Alliance specifications to comply with EU directives and requirements on privacy. For roaming cases clause 9.1.1 in this specification describes the cases where the pseudonym contains the address(es) of the target UE's Home-GMLC so that the Requesting-GMLC can forward the location request to H-GMLC, which may determine the corresponding verinym itself or request the verinym from its associated PMD.