Zachary McCoy went for a bike ride on a Friday in March 2019. The avid biker would do loops around his Gainesville, Fla., neighborhood and track his rides with a fitness app on his Android phone. McCoy didn’t think anything unusual had happened that day. But months later, in January of this year, McCoy saying that his data was going to be released to local police. He’d become a potential suspect in a local burglary—and had no idea why. got an email from Google “There was absolutely nothing that tied Zack to this at all, other than Google saying he was there on the street,” McCoy’s lawyer, Caleb Kenyon, said. Police pegged McCoy as a potential suspect without security camera footage, eye-witness accounts, or any sort of forensic evidence because his device had shown up as near the burglary site. The Gainesville Police Department had gotten something called a geofence warrant granted by the . Alachua County court , or reverse-location warrants, are a fairly new concept. Geofence warrants With permission from a judge, they allow law enforcement to obtain anonymized data from Google from almost any device that was in a certain geographic area at a specific time. Police can then go back to Google for more specific user information on anyone they deem a suspect. There was absolutely nothing that tied Zack to this at all, other than Google saying he was there on the street. In McCoy’s case, he was tracking his bike ride using Runkeeper, which makes use of Google’s location services, just as many apps do. (Check your settings in your Google account—if “location history” is on, then Google has data on your movements.) He hired an attorney to fight the warrant before his personal information was released, and police ended up not pursuing the case. (The Gainesville Police Department declined to comment, except to say that there has not yet been an arrest in the burglary.) Google is the only tech company publicly known to release this kind of information to law enforcement specifically in response to geofence warrants. It is not clear how many other companies do the same. Microsoft assistant general counsel Hasan Ali, in an email response to The Markup’s request for comment, said “Microsoft does not and would not be in a position to comply with any warrants seeking such information.” Apple and Facebook declined to comment on the record regarding the warrants and whether they have any similar data and do or do not provide it to law enforcement. There’s no centralized database or oversight of geofence warrants, so it’s hard to measure exactly how often they’re used and for what sorts of crimes. Criminal cases springing from such warrants have largely involved robberies, burglaries, and murders—but there’s growing that police may use them to gather information on people who attend protests. speculation According to The New York Times, federal law enforcement first used the warrants . Since then, local police departments have adopted the tool—and its use is growing rapidly. in 2016 500% Increase in number of law enforcement requests Google received for geofenced location data between 2018 and 2019. In a court filing late last year, said law enforcement requests for geofenced location history data in its trove went up 1,500 percent between 2017 and 2018, and at least 500 percent between 2018 and 2019. Google has yet to release any exact figures, but reportedly they have received as many as . Google 180 requests in a single week In an email response to The Markup’s request for comment, Google’s Director of Law Enforcement and Information Security, Richard Salgado, said, “We vigorously protect the privacy of our users while supporting the important work of law enforcement.  We developed a process specifically for these requests that is designed to honor our legal obligations while narrowing the scope of data disclosed.” Civil liberties groups—and increasingly politicians and judges as well—are watching the rise in geofence warrants with concern. There are around the country the constitutionality of such warrants, to limit their use, and at least one member of Congress who believes the federal government should get involved. cases challenging proposed legislation in New York “I think they’re incredibly dangerous, particularly if there are not significant guardrails put in place,” Rep. Kelly Armstrong (R-ND) told The Markup. So What Exactly Do Police Get Through These Warrants? A traditional search warrant for a car or a house or a laptop typically targets a specific person police have probable cause to suspect of a crime. Geofence warrants allow law enforcement officers to search when they don’t have a potential suspect. Geofencing itself simply means drawing a virtual border around . Data can then be gathered on users who enter that area. a predefined geographical area Geofencing is often used by marketers trying to reach specific audiences. A conservative political organization called CatholicVote has used geofencing technology and send targeted political ads to their devices. Clothing retailer Gap used the technology to send virtual ads to users . An NBC News report from late last year found that the University of North Carolina was using geofencing to of protesters on campus. And the American Civil Liberties Union found in 2016 that law enforcement was using a social media monitoring service called Geofeedia to . to identify Catholic church-goers within a certain distance of their physical ads monitor the location and social media activity track Black Lives Matter protesters (In response to the ACLU’s report, Facebook, Twitter, and Instagram announced they would no longer provide their users’ data to Geofeedia.) While it’s unclear exactly how deep police can dive into user data they obtain from geofence warrants, current cases where the warrants are being challenged are revelatory. In an , police were able to use such a warrant to not only identify the accused but also access his location history from that day and personal information like his email address. That case is in federal court in the Eastern District of Virginia. In a , a man was identified through a geofence warrant through which police also acquired two email addresses of his, a complete list of Google-associated applications he’d used, and the IP address of at least one of his devices. armed robbery case in Richmond, Va. burglary case in state court in San Francisco (Defendants in both cases, which are wending their ways through court, argue that the warrants were unconstitutional.) In a in the Virginia case, Google said that in addition to location history, geofence warrants can include “account-identifying information” and “account subscriber information such as the Gmail address associated with the account and the first and last name entered by the user on the account.” court filing Are These Warrants Constitutional? Civil liberties groups say the issue with geofence warrants is just how much information from innocent individuals law enforcement can get their hands on. The claim is that they violate the Fourth Amendment, which protects Americans against “ ” and stipulates that warrants only be issued with probable cause “particularly describing the place to be searched, and the persons or things to be seized.” The problem with geofence warrants is that the persons and place to be searched are rarely particular, and there’s no limit to how many innocent people are included if they happen to be in law enforcement’s search boundaries. unreasonable searches and seizures … no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. Police, on the other hand, generally argue that such warrants aren’t so different from other types of surveillance—from using security camera footage to to see which devices passed through the area. sifting through data from cell towers Google has not taken a public position on whether it believes the warrants are constitutional but says it does provide data when presented with a warrant. The company has outlined its process in court filings and said that it considers executing geofence warrants “ ” that’s significantly different from cellphone tower dumps. a broad and intrusive search The constitutional question is largely unsettled—no case involving a geofence warrant has made its way to a high-level court. But on Aug. 24, Magistrate Judge Gabriel A. Fuentes of the U.S. District Court for the Northern District of Illinois issued what is believed to be the on the Fourth Amendment’s relationship to geofence warrants. first federal court opinion Investigators in the state requested a in hopes of finding a suspect who allegedly stole prescription drugs. Despite repeatedly narrowing their request, Judge Fuentes declined to grant the warrant. geofence warrant three times While geofence warrants are not in themselves “categorically unconstitutional,” he wrote, investigators lacked probable cause to scoop up vast location data from cellphones of people who obviously had no connection to a crime but happened to be nearby when it was committed. “The potential to use Google’s capabilities to identify a wrongdoer by identifying everyone (or nearly everyone) at the time and place of a crime may be tempting,” Fuentes wrote. “But if the government can identify that wrongdoer only by sifting through the identities of unknown innocent persons without probable cause and in a manner that allows officials to ‘rummage where they please in order to see what turns up,’ ” then courts should not permit the practice. There Are Political Efforts to Rein Them In On April 8, state senator Zellnor Myrie introduced the in New York. Reverse Location Search Prohibition Act The bill would prohibit “the search, with or without a warrant, of geolocation data of a group of people who are under no individual suspicion of having committed a crime, but rather are defined by having been at a given location at a given time.” If the bill passes, New York would become the first state where geofence warrants are banned. We can either create boundaries on what kinds of data companies can collect—only to be outpaced by new advances in technology—or we can put limits on how law enforcement can obtain and use that data. “We can either create boundaries on what kinds of data companies can collect—only to be outpaced by new advances in technology—or we can put limits on how law enforcement can obtain and use that data,” Myrie said in an email. Armstrong, the North Dakota congressman, has also confronted Google about its compliance with geofence warrants. At a hearing featuring the , Armstrong pointedly asked Google CEO Sundar Pichai about such warrants. CEO’s of Amazon, Apple, Facebook, and Google “People would be terrified to know that law enforcement could grab general warrants and get everyone’s information everywhere,” Armstrong . “It requires Congress to act, and it requires everybody that is a witness in this hearing to be willing to work too, because it is the single most important issue.” said in the hearing Pichai responded by saying Google thinks “it’s an important area for Congress to have oversight” and that the company recently began automatically deleting location activity after “a certain period of time.” “I don’t blame the tech companies solely for this,” Armstrong told The Markup. “Congress’s failure to act on this is going to become more and more of an issue.” . Originally published as " What Are Geofence Warrants" with the Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) license

Amazon

Apple

Facebook

Google

Instagram

Microsoft

Twitter

How We Pay For Free Websites With Our Privacy

What Analyzing Google Search Results Revealed About Google

Every dollar you donate helps support The Markup’s work.

Read My Stories

Too Long; Didn't Read

How Geofence Warrants Are Affecting The Legal System

How Geofence Warrants Are Affecting The Legal System

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

A Conversation with Kashmir Hill: Envisioning a Chaotic Future

How Big Tech Is Encouraging Pandemic Preparedness

10 Reasons Wordpress Sites Get Hacked and How to Avoid Them

10 Features of a Secure Website

10 Cybersecurity Books Every Business Owner Should Read

10 Cybersecurity Tips Everyone Should Follow

A Conversation with Kashmir Hill: Envisioning a Chaotic Future

How Big Tech Is Encouraging Pandemic Preparedness

10 Reasons Wordpress Sites Get Hacked and How to Avoid Them

10 Features of a Secure Website

10 Cybersecurity Books Every Business Owner Should Read

10 Cybersecurity Tips Everyone Should Follow

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps