Tracking Phones, Google Is a Dragnet for the Police

https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html

When detectives in a Phoenix suburb arrested a warehouse worker in a murder investigation last December, they credited a new technique with breaking open the case after other leads went cold.

The police told the suspect, Jorge Molina, they had data tracking his phone to the site where a man was shot nine months earlier. They had made the discovery after obtaining a search warrant that required Google to provide information on all devices it recorded near the killing, potentially capturing the whereabouts of anyone in the area.

Investigators also had other circumstantial evidence, including security video of someone firing a gun from a white Honda Civic, the same model that Mr. Molina owned, though they could not see the license plate or attacker.

But after he spent nearly a week in jail, the case against Mr. Molina fell apart as investigators learned new information and released him. Last month, the police arrested another man: his mother’s ex-boyfriend, who had sometimes used Mr. Molina’s car.

The warrants, which draw on an enormous Google database employees call Sensorvault, turn the business of tracking cellphone users’ locations into a digital dragnet for law enforcement. In an era of ubiquitous data gathering by tech companies, it is just the latest example of how personal information — where you go, who your friends are, what you read, eat and watch, and when you do it — is being used for purposes many people never expected. As privacy concerns have mounted among consumers, policymakers and regulators, tech companies have come under intensifying scrutiny over their data collection practices.

The Arizona case demonstrates the promise and perils of the new investigative technique, whose use has risen sharply in the past six months, according to Google employees familiar with the requests. It can help solve crimes. But it can also snare innocent people.

Technology companies have for years responded to court orders for specific users’ information. The new warrants go further, suggesting possible suspects and witnesses in the absence of other clues. Often, Google employees said, the company responds to a single warrant with location information on dozens or hundreds of devices.

Law enforcement officials described the method as exciting, but cautioned that it was just one tool.

Opinion

The Privacy Project

The New York Times is launching an ongoing examination of privacy. We’ll dig into the ideas, history and future of how our information navigates the digital ecosystem and what’s at stake.


“It doesn’t pop out the answer like a ticker tape, saying this guy’s guilty,” said Gary Ernsdorff, a senior prosecutor in Washington State who has worked on several cases involving these warrants. Potential suspects must still be fully investigated, he added. “We’re not going to charge anybody just because Google said they were there.”

It is unclear how often these search requests have led to arrests or convictions, because many of the investigations are still open and judges frequently seal the warrants. The practice was first used by federal agents in 2016, according to Google employees, and first publicly reported last year in North Carolina. It has since spread to local departments across the country, including in California, Florida, Minnesota and Washington. This year, one Google employee said, the company received as many as 180 requests in one week. Google declined to confirm precise numbers.

The technique illustrates a phenomenon privacy advocates have long referred to as the “if you build it, they will come” principle — anytime a technology company creates a system that could be used in surveillance, law enforcement inevitably comes knocking. Sensorvault, according to Google employees, includes detailed location records involving at least hundreds of millions of devices worldwide and dating back nearly a decade.

The new orders, sometimes called “geofence” warrants, specify an area and a time period, and Google gathers information from Sensorvault about the devices that were there. It labels them with anonymous ID numbers, and detectives look at locations and movement patterns to see if any appear relevant to the crime. Once they narrow the field to a few devices they think belong to suspects or witnesses, Google reveals the users’ names and other information.

‘‘There are privacy concerns that we all have with our phones being tracked — and when those kinds of issues are relevant in a criminal case, that should give everybody serious pause,” said Catherine Turner, a Minnesota defense lawyer who is handling a case involving the technique.

Investigators who spoke with The New York Times said they had not sent geofence warrants to companies other than Google, and Apple said it did not have the ability to perform those searches. Google would not provide details on Sensorvault, but Aaron Edens, an intelligence analyst with the sheriff’s office in San Mateo County, Calif., who has examined data from hundreds of phones, said most Android devices and some iPhones he had seen had this data available from Google.

In a statement, Richard Salgado, Google’s director of law enforcement and information security, said that the company tried to “vigorously protect the privacy of our users while supporting the important work of law enforcement.” He added that it handed over identifying information only “where legally required.”

Mr. Molina, 24, said he was shocked when the police told him they suspected him of murder, and he was surprised at their ability to arrest him based largely on data.

“I just kept thinking, You’re innocent, so you’re going to get out,” he said, but he added that he worried that it could take months or years to be exonerated. “I was scared,” he said.

Detectives have used the warrants for help with robberies, sexual assaults, arsons and murders. Last year, federal agents requested the data to investigate a string of bombings around Austin, Tex.

The unknown suspect had left package bombs at three homes, killing two people, when investigators obtained a warrant.


They were looking for phones Google had recorded around the bombing locations.


The specific data resulting from the warrants in the Austin case remains sealed. This illustration is based on the warrant’s description of the process, but the dots do not represent actual phone locations.

After receiving a warrant, Google gathers location information from its database, Sensorvault, and sends it to investigators, with each device identified by an anonymous ID code.

Investigators review the data and look for patterns in the locations of devices that could suggest possible suspects. They also look for devices that appear in multiple areas targeted by the warrant.

They can then get further location data on devices that appear relevant, allowing them to see device movement beyond the original area defined in the warrant.

After detectives narrow the field to a few devices they think may belong to suspects or witnesses, Google reveals the name, email address and other data associated with the device.

Rich Harris / The New York Times

Austin investigators obtained another warrant after a fourth bomb exploded. But the suspect killed himself three days after that bomb, as they were closing in. Officials at the time said surveillance video and receipts for suspicious purchases helped identify him.

An F.B.I. spokeswoman declined to comment on whether the response from Google was helpful or timely, saying that any question about the technique “touches on areas we don’t discuss.”

Officers who have used the warrants said they showed promise in finding suspects as well as witnesses who may have been near the crime without realizing it. The searches may also be valuable in cold cases. A warrant last year in Florida, for example, sought information on a murder from 2016. A Florida Department of Law Enforcement spokeswoman declined to comment on whether the data was helpful.

The approach has yielded useful information even if it wasn’t what broke the case open, investigators said. In a home invasion in Minnesota, for example, Google data showed a phone taking the path of the likely intruder, according to a news report and police documents. But detectives also cited other leads, including a confidential informant, in developing suspects. Four people were charged in federal court.

According to several current and former Google employees, the Sensorvault database was not designed for the needs of law enforcement, raising questions about its accuracy in some situations.

Though Google’s data cache is enormous, it doesn’t sweep up every phone, said Mr. Edens, the California intelligence analyst. And even if a location is recorded every few minutes, that may not coincide with a shooting or an assault.

Google often doesn’t provide information right away, investigators said. The Google unit handling the requests has struggled to keep up, so it can take weeks or months for a response. In the Arizona investigation, police received data six months after sending the warrant. In a different Minnesota case this fall, it came in four weeks.

But despite the drawbacks, detectives noted how precise the data was and how it was collected even when people weren’t making calls or using apps — both improvements over tracking that relies on cell towers.

“It shows the whole pattern of life,” said Mark Bruley, the deputy police chief in Brooklyn Park, Minn., where investigators have been using the technique since this fall. “That’s the game changer for law enforcement.”

Location data is a lucrative business — and Google is by far the biggest player, propelled largely by its Android phones. It uses the data to power advertising tailored to a person’s location, part of a more than $20 billion market for location-based ads last year.

In 2009, the company introduced Location History, a feature for users who wanted to see where they had been. Sensorvault stores information on anyone who has opted in, allowing regular collection of data from GPS signals, cellphone towers, nearby Wi-Fi devices and Bluetooth beacons.

People who turn on the feature can see a timeline of their activity and get recommendations based on it. Google apps prompt users to enable Location History for things like traffic alerts. Information in the database is held indefinitely, unless the user deletes it.

“We citizens are giving this stuff away,” said Mr. Ernsdorff, the Washington State prosecutor, adding that if companies were collecting data, law enforcement should be able to obtain a court order to use it.

Current and former Google employees said they were surprised by the warrants. Brian McClendon, who led the development of Google Maps and related products until 2015, said he and other engineers had assumed the police would seek data only on specific people. The new technique, he said, “seems like a fishing expedition.”

The practice raises novel legal issues, according to Orin Kerr, a law professor at the University of Southern California and an expert on criminal law in the digital age.

One concern: the privacy of innocent people scooped up in these searches. Several law enforcement officials said the information remained sealed in their jurisdictions but not in every state.

In Minnesota, for example, the name of an innocent man was released to a local journalist after it became part of the police record. Investigators had his information because he was within 170 feet of a burglary. Reached by a reporter, the man said he was surprised about the release of his data and thought he might have appeared because he was a cabdriver. “I drive everywhere,” he said.

These searches also raise constitutional questions. The Fourth Amendment says a warrant must request a limited search and establish probable cause that evidence related to a crime will be found.

Warrants reviewed by The Times frequently established probable cause by explaining that most Americans owned cellphones and that Google held location data on many of these phones. The areas they targeted ranged from single buildings to multiple blocks, and most sought data over a few hours. In the Austin case, warrants covered several dozen houses around each bombing location, for times ranging from 12 hours to a week. It wasn’t clear whether Google responded to all the requests, and multiple officials said they had seen the company push back on broad searches.

Last year, the Supreme Court ruled that a warrant was required for historical data about a person’s cellphone location over weeks, but the court has not ruled on anything like geofence searches, including a technique that pulls information on all phones registered to a cell tower.

Google’s legal staff decided even before the 2018 ruling that the company would require warrants for location inquiries, and it crafted the procedure that first reveals only anonymous data.

“Normally we think of the judiciary as being the overseer, but as the technology has gotten more complex, courts have had a harder and harder time playing that role,” said Jennifer Granick, surveillance and cybersecurity counsel at the American Civil Liberties Union. “We’re depending on companies to be the intermediary between people and the government.”

In several cases reviewed by The Times, a judge approved the entire procedure in a single warrant, relying on investigators’ assurances that they would seek data for only the most relevant devices. Google responds to those orders, but Mr. Kerr said it was unclear whether multistep warrants should pass legal muster.

Some jurisdictions require investigators to return to a judge and obtain a second warrant before getting identifying information. With another warrant, investigators can obtain more extensive data, including months of location patterns and even emails.

Investigators in Arizona have never publicly disclosed a likely motive in the killing of Joseph Knight, the crime for which Mr. Molina was arrested. In a court document, they described Mr. Knight, a 29-year-old aircraft repair company employee, as having no known history of drug use or gang activity.

Detectives sent the geofence warrant to Google soon after the murder and received data from four devices months later. One device, a phone Google said was linked to Mr. Molina’s account, appeared to follow the path of the gunman’s car as seen on video. His carrier also said the phone was associated with a tower in roughly the same area, and his Google history showed a search about local shootings the day after the attack.

After his arrest, Mr. Molina told officers that Marcos Gaeta, his mother’s ex-boyfriend, had sometimes taken his car. The Times found a traffic ticket showing that Mr. Gaeta, 38, had driven that car without a license. Mr. Gaeta also had a lengthy criminal record.

While Mr. Molina was in jail, a friend told his public defender, Jack Litwak, that she was with him at his home about the time of the shooting, and she and others provided texts and Uber receipts to bolster his case. His home, where he lives with his mother and three siblings, is about two miles from the murder scene.

Mr. Litwak said his investigation found that Mr. Molina had sometimes signed in to other people’s phones to check his Google account. That could lead someone to appear in two places at once, though it was not clear whether that happened in this case.

Mr. Gaeta was arrested in California on an Arizona warrant. He was then charged in a separate California homicide from 2016. Officials said that case would probably delay his extradition to Arizona.

A police spokesman said “new information came to light” after Mr. Molina’s arrest, but the department would not comment further.

Months after his release, Mr. Molina was having trouble getting back on his feet. After being arrested at work, a Macy’s warehouse, he lost his job. His car was impounded for investigation and then repossessed.

The investigators “had good intentions” in using the technique, Mr. Litwak said. But, he added, “they’re hyping it up to be this new DNA type of forensic evidence, and it’s just not.”

Leave a Reply

Your email address will not be published. Required fields are marked *

Next Post

Your Smartphone Apps Are Filled With Trackers You Know Nothing About

Sat Apr 13 , 2019
https://onezero.medium.com/the-app-privacy-crisis-apple-and-google-need-to-fix-now-4e3590f2fc52?sk=12d73f8b09e058d3ab8f5a4b02cf8619

You May Like