field with blue sky and don't fence me in title

location tracking technologies and the future of privacy

By: Cheryl Meyers Buth, Esq. and Joel L. Daniels, Esq.

 

Introduction

 

Back in the 1970’s (yes, one of us was around then) you were considered a “tech savvy lawyer” as long as you used an IBM Selectric typewriter and always carried a quarter for a payphone call. But to quote the Greek philosopher Heraclitus, 500 BC: “Nothing is permanent except change”.

Today legislatures and courts cannot keep up with the rate of technological development. Our personal lives are reduced to bits of electronic data. As law enforcement agencies increasingly rely on technology, tech companies see this sector as a growing market. Police use new and undisclosed ways to gather evidence. Gone are the days when a defense lawyer could leave tech’s “bells and whistles” to younger colleagues. If we adopt Heraclitus’s metaphor of life as a constantly flowing river, protecting our clients’ rights today means we all have to step into the water. But when it comes to technology, even Heraclitus could not have predicted the speed of the current.

 

“GEOFENCE” – What Is It?

 

It has only been thirteen years since the first iPhone was released but look at how our lives have changed. Wireless communication occurs through cellular networks[1]. With those networks in the background, tracking the whereabouts of individuals within those networks is now at the forefront. Companies use location data transmitted by Wi-Fi, cell towers and Global Positioning Systems (GPS) to provide a wide range of services—routing cell phone calls, processing ATM and other point-of-sale transactions, running electrical grids, directing advertisements, targeting drone strikes, turning on lights, operating home security systems, giving virtual tours, awarding points for store visits and regulating online voting.

 

Cellular networks are the maps on which we can pinpoint the location of individual users. In some ways they are similar to an air traffic controller’s radar screen with its “blips” indicating airplane traffic [2]. To define the area on the map we are interested in, we essentially draw a circle around it or construct a “geofence”. A Geofence is a virtual fence or perimeter around a physical location within the digital network. The term “Geofencing” is used in a broad range of contexts but commonly means establishing a perimeter within which the presence of a phone causes something to happen. For example, customers download an app and give permission for positioning information to be utilized by the app owner/user. Then they walk past a store and a coupon is sent to their phone. From the company’s perspective, it’s like casting a net over an area and hauling in whatever happens to be there at the time. See generallyWhat is a geofence- A complete guide to geofencing”, Kalle, Jan 31, 2018, https://proximi.io/geofence-complete-guide-geofencing/[3]

 

Early Law Enforcement Uses of Geofence Technology – United States v. Jones

 

Prior to requesting geofence warrants, police used this technology in other ways, primarily with GPS trackers to monitor individuals or vehicles they had already identified. GPS mobile tracking devices are used with tracking software (eg. “covert track”). The device uploads location data and the software permits users to download a spreadsheet with the date, time, location, direction and speed. It allows users to track the GPS device in near real-time (NRT). Law enforcement can place a geofence around a location and the officer is notified by text or email if the GPS tracking device enters or leaves the defined area. This technology has been used frequently for the past decade. See eg United States v. Mitchell, 2014 U.S.District LEXIS 30739 (Dist. Kansas, Jan 15, 2014) (GPS was not monitored continuously; rather it was monitored via a geofence perimeter that would alert police when the tracker crossed into a geographic area); United States v. Lynn, 2014 U.S.Dist. LEXIS 47669 (Dist. Oregon, Apr. 7, 2014) (operating officer notified by text or email if GPS tracking device leaves the geofence area); United States v. Asghedom, 992 F.Supp. 2d 1167 (NDAl Dec. 31. 2013) (tracking device software allowed agents to set up a geofence around certain locations); United States v. Hermiz, 42 F.Supp.3d 856 (EDMi Aug.29, 2014) (officers placed geofence around residence so whenever the target vehicle got to a certain point heading towards the residence the officer would receive an electronic notification); United States v. Lopez, 895 F.Supp.2d 592 (Dist. Delaware Sept 10, 2012); United States v. Cabrera, 2014 U.S.Dist. LEXIS 96288 (Dist. Delaware, July 16, 2014); United States v. Berry, 664 Fed.Appx. 413 (5th Cir. 2016).

 

In United States v. Jones, 565 U.S. 400 (2012), the Supreme Court found that installation of a GPS tracker to monitor a vehicle’s movements constituted a “search” under the Fourth Amendment thus requiring a warrant. Justice Scalia, writing for a unanimous court, rejected the Government’s argument that there is no reasonable expectation of privacy in a person’s movement on public roads. The Court found little difference between collecting information from a person’s vehicle using a GPS device and committing a physical trespass onto private property.

 

In her prescient concurring opinion, Justice Sonia Sotomayor agreed that the Government had invaded the defendant’s property. She reasoned that the Fourth Amendment was not just about actual physical trespasses; rather, a prohibited search occurs whenever the Government violates a subjective expectation of privacy that society recognizes as reasonable, even when there is no actual (as opposed to virtual) physical intrusion.

 

Justice Alito concurred but believed the pertinent question is whether the defendant had an expectation of privacy in the information rather than whether the law enforcement action constituted a “search”. The suggestion that the Court focus on privacy rights, predictably found Justices Ginsburg, Breyer and Kagan joining Justice Alito’s concurring opinion.

 

 

When Police Have Identified a Suspect and Want to Track His Movements:

Carpenter v. United States

 

In Carpenter v. United States 585 U.S.__, 138 S. Ct. 2206 (2018), decided six years after Jones, a majority of the Supreme Court held the Government’s warrantless collection of weeks-worth of cell site location information (CSLI) was a Fourth Amendment “search”. There, a suspect was arrested in a string of armed robberies of Radio Shack stores and provided names and phone numbers for fifteen accomplices to the FBI. Carpenter was one of the alleged accomplices.

 

Federal prosecutors sought cell phone information from cell carriers through the Stored Communications Act (SCA)[4] rather than obtaining a warrant. Prior to Carpenter, the SCA did not require prosecutors to demonstrate probable cause. They only had to show “specific and articulable facts constituting reasonable grounds to believe” that the data was relevant to an ongoing criminal investigation. MetroPCS and Sprint, Carpenter’s cell carriers, provided location points for a 127-day period. This information was then used to charge Carpenter with the armed robberies.

 

Carpenter moved to suppress the CSLI as an illegal search. The district court denied the motion and the Sixth Circuit affirmed. Relying on the “Third Party Doctrine” the Circuit Court held that people do not have a reasonable expectation of privacy in records they voluntarily provide to third parties like banks and utility companies. See United States v. Miller, 425 U.S. 435 (1976) and Smith v. Maryland, 422 U.S. 735 (1979)

 

The Supreme Court, in a 5-4 decision written by Chief Justice Roberts (joined by Justices Ginsburg, Breyer, Kagan and Sotomayor), sided with Carpenter. Looking to the seminal case of Katz v. United States 389 U.S. 347 (1967),[5], the majority narrowly held that Carpenter had a reasonable expectation of privacy in his physical movements. Therefore, law enforcement officers needed a warrant to obtain months-worth of CSLI information. While the Court declined to extend the warrant requirement to all CSLI, it said more than a week’s worth of information was too intrusive, focusing on the unique nature of cell phone and cell site records.  Noting the Third Party Doctrine originated years before the internet was invented, the Court still deemed it viable but distinguished traditional business records from a phone carrier’s affirmative collection and aggregated storage of CSLI. (For a good discussion on this point see “Surveillance Tech Still a Concern After Carpenter”, Matthew Feeney, Cato At Liberty, June 25, 2018 www.cato.org/blog/surveillance-tech-still-concern-despite-carpenter  (Carpenter recognized that cell phone records were different from records in existence when the Third Party Doctrine was developed:”‘[W]hen the Government tracks the location of a cell phone it achieves near perfect surveillance as if it had attached an ankle monitor to the phone’s user’, allowing the Government to travel back in time to trace the user’s behavior”).

 

The Jones Court viewed GPS devices as a threat to personal privacy that necessitated a higher “probable cause” showing and required a warrant before law enforcement could use them to collect evidence. In his dissent in Carpenter, Justice Kennedy argued that GPS tracking, like that in Jones, with its ability to pinpoint a subject’s location much more accurately than CSLI’s reliance on triangulating information from cell towers, was more intrusive[6]. Justice Roberts responded that modern cell phones may rely on GPS for tracking in addition to CSLI. Justice Roberts noted that the amount of data in a smartphone may exceed even the contents of our homes which traditionally have been the most protected constitutional spaces.

 

The majority opinion referenced the Court’s unanimous decision in Riley v. California 573 U.S. 373 (2014) (also authored by Justice Roberts) which held that the warrantless search of a cell phone was unconstitutional. Riley had his cell phone in his pocket when he was arrested. A gang unit detective analyzed videos and photographs that were stored on the phone of Riley making gang signs. The Court held that the warrantless search of Riley’s cell phone violated his Fourth Amendment rights.  The volume of personal information stored on, and able to be retrieved from, a cell phone which then allowed retrospective searching concerned the majority. Carpenter, 138 S. Ct. at 2218. That same concern about information stored on a cell phone in Riley extended to information stored by cell towers in Carpenter.

 

The four dissenting opinions in Carpenter frame the present-day arguments about whether there is an individual privacy right in cell phone location information, whether CSLI constitutes “property” (as distinguished from physical property) for purposes of the Fourth Amendment and, if so, who owns it:

 

  • Justice Anthony Kennedy, in his dissenting opinion, was joined by Justices Clarence Thomas and Samuel Alito. In finding cell-site records are no different from the many other kinds of business records the Government has a lawful right to obtain, Justice Kennedy believed the majority was improperly restricting law enforcement’s access to such records.

 

  • Justice Thomas filed a separate opinion, in which he not only agreed that the Fourth Amendment should be limited to actual trespasses onto physical property but asserted that the determining factor should be who owned the searched property. Concluding that the CSLI did not belong to Carpenter, he could not object to the search of someone else’s property.

 

  • Filing a dissenting opinion, Justice Alito (in which Justice Thomas joined) distinguished between an actual search and an order “merely requiring a party to look through its own records and produce specified documents”—with the former being far more intrusive than the latter. Like Justice Thomas, Justice Alito criticized the majority for what he characterized as “allow[ing] a defendant to object to the search of a third party’s property,” a departure from long-standing Fourth Amendment doctrine.

 

  • Justice Gorsuch in his dissenting opinion emphasized the “original understanding” of the Fourth Amendment. Concluding that Katz had been incorrectly decided, Justice Gorsuch found no “reasonable expectation of privacy” had been granted by the Fourth Amendment which was limited to unreasonable searches of physical property.

 

The tension between individual privacy rights versus police surveillance and invasive Government practices was evident in Jones, Riley and Carpenter. The dilemma the Court will soon face is how to balance the cell phone user’s intention to stay “private” and not be tracked in light of the capabilities of cell carriers and technology companies to collect location data. (see pp. 10-12 infra); see generally testimony of David A. Clarke (law professor at University of District of Columbia) before the House of Representatives Committee on Oversight and Reform Hearing on Facial Recognition Technology: Its Impact on our Civil Rights and Liberties, May 22, 2019.

 

How “Location History” [LH] Works on a Cell Phone

 

In the context of location services and tracking, there are two important things to understand about cellphones:  1) many of the most popular cellphones, including iPhone, Android, Samsung and LG, use a Google search engine (chrome), Google location services (e.g. Google Maps) and apps (e.g. Google Weather) that collect location data; and 2) modern cell phones have two “processors”: the Baseband Processor (the “phone”) and Application Processor (“the computer”).  “COMSEC: Off-the-Grid Communications Strategies for Privacy Enthusiasts, Journalists, Politicians, Crooks and the Average Joe”, Justin Carroll & Drew M. 2018

 

The Baseband Processor is a cellular modem that connects to a phone network using a radio signal timed to the network’s clock. Baseband processors have not changed much over the years. The Federal Communications Commission requires that all devices that interact directly with a cellular network be certified. Cell phone companies figured out that separating the baseband processor from the application processor relieves them from having to get the entire device certified. That way the application processor (“computer”) operating system (APOS) can be updated frequently without going through a lengthy certification process each time. Id.

 

Baseband processors are not physically accessible or accessible through software settings to the user. So as long as the device has power (i.e. has a battery installed) the baseband processor may be on. Initiating the “powering down” sequence only impacts your device’s Application Processor (AP). Therefore, your device cannot be fully turned off unless the battery is removed. The problem is that most manufacturers have moved to sealed housings which make it impossible for users to remove and replace the battery. There are good design reasons for eliminating replaceable batteries. The consequence is that we not only cannot see what our phone is doing, we cannot stop it. Turning off location services on the application processor through software settings has no effect on the baseband processor which is constantly engaged. Whether your phone is visibly powered on or off does not necessarily determine whether your location can be tracked[7]. Id.

 

The Application Processor (“the computer”) uses Wi-Fi (accesses the internet wirelessly- think of it like a radio that can send and receive information), Bluetooth and NFC (near-field communications) interfaces. Wi-Fi and Bluetooth can be used to track your movements through the router and/or network your phone is connected to. Apps can see the networks within the range of the device. Therefore, even those networks your phone is not connected to, play a role in location monitoring.

 

Geofence Warrant

 

A geofence warrant allows the search of a database to identify mobile devices in a particular physical location or within specified geographical limits.

 

            Sensorvault, originated in 2009, is the internal Google database of users’ historical cell and GPS location data[8]. The database is accessed by Google to respond to geofence (reverse location) warrants. Using over 10 years of its collected historical data, Google can identify all devices within the vicinity of a specific crime or other geographic area[9]. A “cell tower dump” may be able to place a user within a quarter mile or greater radius of a particular cell tower(s); whereas Google’s location data using cell network plus GPS coordinates can place a user inside a building or even identify the exact point where he/she was standing on the street.

 

Law enforcement advocates argue that privacy rights are not compromised by geofence warrants because they are done in two stages: the first stage asks for anonymous identifiers and locations for all phones in a particular area at a particular time. Then only after movement patterns are correlated with potential suspects, witnesses or other evidence do they request those users’ names and specific information.

 

Google is not the only entity that has a program like Sensorvault. In 2013, Edward Snowden disclosed that the National Security Agency (NSA) collects and stores location data worldwide without court authorization using a program called “Co-Traveler” (its database is called “FASCIA”) NSA claims it ended that program in 2014. SeeMeet Co-Traveler: The NSA’s Cell Phone Location Tracking Program”, Electronic Frontier Foundation (EFF), December 5, 2013 (eff.org).

 

Apple does not track the geolocation of devices and therefore does not have the ability to identify all Apple devices near a given location at a particular time. However, many Apple devices use Google software or other apps. In January, Fast Company reported that prosecutors had issued warrants for account information for users of Apple, Facebook, Uber, Lyft and Snapchat. “This unsettling practice turns your phone into a tracking device for the Government”, Albert Fox Kahn, Jan. 17, 2020 (“These requests included ‘user information for accounts that were active at those specific longitudes and latitudes at those specific times’. We don’t know how much data was handed over, just that the request was made”).

 

 

The “Reverse Location Warrant”: Working Backward from the Carpenter problem– when police want to track movements of unknown people in a particular area

 

 

Ninety-six percent of Americans own cell phones. Google Maps is the most-used navigation app and appears on 67% of phones. The next most-used is Waze which is also a Google -owned app. Android operating systems developed by Google control 90% of the smartphone market share worldwide. “Google location data helped police find an alleged bank robber, possibly illegally”, Washington Post (infra) Nov. 21, 2019.

 

According to Google employees, and first publicly reported last year in North Carolina, federal agents first used geofence warrants in 2016. It is unclear how often those search requests have led to arrests or convictions because many of the cases are still open and judges frequently seal warrant applications.  This practice has spread to local police departments across the country. One Google employee said in 2019 the company received as many as 180 requests in a single week. Id.

 

Writing for the blog Lawfare, Nathaniel Sobel explained:

 

“Last year, a New York Times feature detailed law enforcement’s use of a new investigative technique called a geofence warrant. Unlike traditional warrants that identify a particular suspect in advance of a search, geofence warrants essentially allow the Government to work backwards. These warrants compel a technology company (so far, only Google) to disclose anonymized location records for any devices in a certain area during a specified time period After that, for certain accounts, the Government may obtain additional location data and subscriber information. Particularly in light of the Supreme Court’s watershed decision in Carpenter, geofence warrants present a host of new Fourth Amendment issues.”

Do Geofence Warrants Violate the Fourth Amendment?”, Nathaniel Sobel, Lawfare, Feb 24, 2020

 

Recent incidents in Milwaukee, Wisconsin highlight the vast amount of information which can be quickly made available to law enforcement. In 2018 and 2019 there were a series of arsons in Milwaukee. In response to geofence warrants, Google provided 1,494 identifiers from its Sensorvault for phones in the vicinities of the fires to the ATF. See “Police get “unprecedented” data haul from Google with geofence warrants”, Lisa Vaas, Dec. 16, 2019 (https://nakedsecurity.sophos.com/2019/12/16/police-get-unprecedented-data-haul-from-google-with-geofence-warrants/ [10] In that case, investigators asked for identifiers for phones located within about a 7 acre-square radius over a 9 hour period during covering 4 separate incidents. See also “To catch a thief, go to Google with a geofence warrant and it will give you all the details”, The Register, Thomas Claburn Jan 18, 2020 (www.theregister.co.uk).

 

Another case in Milwaukee shows how geofence warrants are being used in conjunction with traditional law enforcement techniques. On April 20, 2019, four people attempted to rob a Brinks truck. The Brinks driver narrowly escaped according to an affidavit from a member of the Milwaukee Crime Task Force signed on May 8, 2019. The robbers fled in a green Honda Accord without license plates. The next morning police discovered a burning vehicle later determined to be the same Honda Accord. The police collected video from home security cameras nearby which depicted the suspects entering a white Honda CRV. Police concluded the Honda CRV was the remote getaway vehicle for the robbery. They speculated the suspects may have used cell phones when doing reconnaissance to pick their rendezvous point or the getaway driver may have been on his phone passing time during the robbery. The Milwaukee District Attorney’s Office requested location data from Google surrounding the area where the Honda CRV was spotted. They asked for an anonymized list of every phone between that location and the site of the robbery. Id. The supporting affidavit for the geofence warrant filed in the United States District Court for the Eastern District of Wisconsin is available on Pacer at 2:19-mj-00857 [doc. 1 filed on January 16, 2020]. (A copy of the affidavit is attached).

 

A Case Study – United States v. Chatrie

 

Currently, the most important geofence case is United States v. Chatrie, pending in the United States District Court for the Eastern District of Virginia (Richmond Division, 19-cr-00130). There, a bank in Richmond, Virginia was robbed on May 20, 2019. Blurry surveillance footage showed the suspect holding a cell phone to his ear before he entered the bank. A month later, state law enforcement officials obtained a geofence warrant from a state judge. The warrant authorized a 3-step process allowing law enforcement, without seeking further judicial approval, to compel Google to produce increasingly detailed data on certain suspects. A detective submitted the warrant to Google through an established online law enforcement portal. Eventually the suspect was identified, arrested and charged in federal court. SeeAlleged bank robber accuses police of illegally using Google location data to catch him”, Deanna Paul, Washington Post, Nov. 21, 2019.

 

The first step authorized under the warrant was the examination of anonymized location records for any “Google account that is associated with a device” within 150 meters of the bank in the one-hour window of the robbery. There was a large church next door to the bank with no connection to the crime and which implicated First Amendment issues. The first step generated 19 anonymized account records. One account’s location data placed it in the bank at the time of the robbery and allegedly corroborated a witness’s observation of a suspect’s whereabouts before the crime and surveillance footage of the robber leaving the bank.

 

In the second step the Government requested another round of anonymized location data for nine of the nineteen accounts. The Court had no oversight over the people chosen for further search and the warrant also permitted investigators to track devices “anywhere outside the [initial 150 meter] geofence”. In this round the Government sought data during the 30 minutes before and after the original hour-long period in the first step. The Government alleged that the suspicious account travelled from the bank to a residence after the robbery. Using that address, the Government was able to obtain records that linked a person’s name to that residence and then used it to search other databases for more information about the suspect.

 

In the third step, law enforcement requested Google tell them the subscriber information for the suspect account and two other accounts. The name linked to the residence matched the email address and username on the Google account. The account holder was ultimately indicted by a federal grand jury on Sept. 17, 2019.

 

Relying on Carpenter, the Defense[11] argues that geofence warrants are just a different form of general warrants. They do not identify a suspect and allow the search of persons’ accounts who may have absolutely no connection to the crime. Second, like the cell phone records in Carpenter “google location records are qualitatively different from the business records to which the third-party doctrine traditionally applies.” Third, the defendant did not “voluntarily” share his location data with Google because carrying a cell phone is “indispensable to participation in modern society” and it was unreasonable “to expect ordinary phone users to avoid Google software”.

 

The Government’s position is that “the defendant had no reasonable expectation of privacy in any of the information disclosed by Google pursuant to the geofence warrant” because: 1) the Google data dealt with a much shorter period than the cell site location information in Carpenter, 2) it did not provide information about a known phone user’s location like the Court was concerned about in Carpenter (the information here was anonymized) and 3) Google required users to opt-in to allow the company from obtaining location information.

 

The Government relied on two recent cases. One court rejected a particularity challenge to a cell tower dump warrant that allowed the Government to identify cell phone users within geographic and time limitations. The Government analogized the cell tower dump warrant to a geofence warrant. The Government also relied on a decision in the PlayPen child pornography investigation  (Network Investigative Technique – NIT) which authorized the FBI to search computers of everyone who logged onto a child porn site for 30 days and allowed agents themselves to narrow the information they initially received under the warrant without first going back to seek court approval. The Government also asserted that if the court found a particularity problem it could sever the offensive part of the warrant from the first step.

 

An amicus brief was submitted by Google, not in support of either party but rather to provide “context” for the location data and to assist the Court [dkt 73, filed 12/23/19] (copy of brief attached). It argues users had a reasonable expectation of privacy in their user information which Google simply stored (as opposed to Google having an ownership interest in records it did the work to collect and thus having an expectation of privacy in its own records). Google took the position that a warrant was necessary under both the Stored Communications Act (SCA) and the Fourth Amendment.

 

Google distinguished the geofence data from traditional business records, characterizing the former as a detailed journal of a person’s travels. It maintained geofence information is not comparable to cell site information or so-called cell tower dumps because the data is much more precise in its use of GPS.

 

Google stressed that users had to “opt-in” to voluntarily share their location[12]. While agreeing that a warrant was necessary for police to obtain LH information, Google found fault with the Defense position that a geofence warrant was overly broad:

 

“Mobile device users cannot opt out of the collection of CSLI or similar records, nor can they retrieve, edit, or delete CSLI data. Google LH information, by contrast, is stored with Google primarily for the user’s own use and benefit—just as a user may choose to store her emails on Googles’ mail service and her documents on Google Drive. Google LH information is controlled by the user, and Google stores that information in accordance with the user’s decisions (e.g., to opt in or out, or to save, edit or delete the information), including to enhance the user’s experience when using other Google products and services. Supra pp.6-8.

Defendant thus errs in asserting that “[i]ndividuals do not voluntarily share their location information with Google”, Mot. 10, and that the acquisition of user location records by Google is “automatic and inescapable”, Reply 6. As discussed, Google does not save LH information unless the user opts into the LH service in her account settings (and logs into her Google account while using a properly configured mobile device), and the user can choose at any time to delete some or all of her save LH information or to disable the LH service completely. And LH information was the only location information produced to the Government in response to this geofence warrant”

(Amicus Brief at p.9)

 

These assertions are at odds with claims that have been made since 2017 that Goggle continues to collect location information even when the user “opts-out”. As reported in the New York Times on October 29, 2019, Google is currently being sued over its data collection practices. In a lawsuit believed to be the first of its kind by a national Government against a tech company, the plaintiff cites Google’s use of personal data:

 

“The Australian Competition and Consumer Commission alleged in a lawsuit that Google falsely led users to believe that disabling the “Location History” setting on Android phones would stop the company from collecting their location data. But users were actually required to also turn off a second setting, “Web and App Activity,” that was enabled by default. Google did not properly disclose the need to disable both settings from January 2017 until late 2018, the suit alleges. The company changed its user guidance after The Associated Press revealed in August 2018 that it was continuing to collect the data even after the Location History setting was switched off”.

 Google Misled Consumers Over Location Tracking, Australia Says”, Isabella Kwai, New York Times, Oct. 29, 2019; See also See “Google collects Android users’ locations even when location services are disabled”, Keith Collins, Quartz, Nov. 21, 2017; “Android devices seen covertly sending location data to Google, TechCrunch, Natasha Lomas, November 21, 2017.

 

Other apps and Google services which run on your phone collect location information even when you opt-out of LH:

“Google says that will prevent the company from remembering where you’ve been. Google’s support page on the subject states: “You can turn off Location History at any time. With Location History off, the places you go are no longer stored.” That isn’t true. Even with “location history” paused, some Google apps automatically store time-stamped location data without asking”. “Google records your location even when you tell it not to: Some services on Android and iPhone automatically stores your movements even after you pause the ‘location history’ setting”, Associated Press, The Guardian, Aug. 13, 2018.

The term “location services” oftentimes refers to exact GPS data for app usage, such as Google Maps finding your best commute route, or Uber figuring out exactly where you’re waiting so drivers can pick you up. However, even when users opted-out, Google was able to track user locations. While not as exact as GPS, by triangulating cell towers which were servicing a specific device, Google could narrow the user’s location to within a quarter mile or less:

“A source familiar with the matter stated that Google added the cell tower data-collecting feature to improve its Firebase Cloud Messaging, where devices have to ping the server at regular intervals in order to receive messages promptly.

The findings are surprising, given that cell tower data is usually held by carrier networks and only shared with outside companies under extreme circumstances. Through Google’s practices this year, an individual’s particular location within a quarter-mile radius or less could be determined with the addresses of multiple cell towers. This has particular security implications for individuals who wish to not be tracked, meaning that the safest way to avoid being tracked at all is probably to stick to burner phones. It could also create a bigger target for hackers looking to obtain personal information.

An update that removes this cell tower data-collecting feature will roll out by the end of this month, according to Google. Google’s terms of service, at the time of [publication], still vaguely state, “When you use Google services, we may collect and process information about your actual location” using “various technologies… including IP address, GPS, and other sensors that may, for example, provide Google with information on nearby devices, Wi-Fi access points and cell tower.” Google does offer details on how to control Google’s location access points. But as shown by its [terms of service], the company could admittedly do a better job of making this clearer and simpler for its general consumers.”

Google admits it tracked user location data even when the setting was turned off: It did so via cell tower data”, Shannon Liao, The Verge, Nov 21, 2017 (https://www.theverge.com/2017/11/21/16684818/google-location-tracking-cell-tower-data-android-os-firebase-privacy)

 

The Chatrie Court scheduled a hearing on Defendant’s “Motion to Suppress Evidence Obtained from a “Geofence” General Warrant” for July 2, 2020 at 09:30 AM before District Judge M. Hannah Lauck[13]. The Defendant’s motion for discovery regarding the Government’s use of Google’s Sensorvault Data is a roadmap for anyone handling a case which involves this technology [Dkt. 28 filed 10/29/19] and is attached at the end of this article.

 

 

Mistakes Lead to the Arrest of Innocent People

 

The use of geofence warrants have earned criticism where they have led to the wrongful arrest of innocent people. For example, Jorge Molina, a warehouse worker in Arizona was arrested in December 2018 for a drive-by murder after police obtained information using a geofence warrant. After spending a week in jail and providing alibi information that he was somewhere else when the shooting occurred, he was released. Three months later police then arrested his mother’s ex-boyfriend who occasionally used Molina’s car. “Tracking Phones: Google as a Dragnet for the Police”, Bill Barton, Criminal Legal News Sept. 16, 2019 (www.criminallegalnews.org); “Tracking Phones, Google Is a Dragnet for the Police”, Jennifer Valentino-DeVries, New York Times, Apr.13, 2019.

(“The tech giant records people’s locations worldwide. Now, investigators are using it to find suspects and witnesses near crimes, running the risk of snaring the innocent”).

 

Another widely reported case involved the arrest of Zachary McCoy in Florida, who used a fitness app[14] to track his bike rides and often rode his bike to work. Police used a geofence warrant to investigate the burglary of an elderly woman’s home on Zachary’s regular bike route. He had biked past the house three times on the day of the crime and was deemed a suspect. Google’s legal team sent him a letter in January advising that police had requested information about his account that would be released in a week. His parents loaned him money for a lawyer who learned the request for information resulted from a geofence warrant. According to The Verge, law enforcement requests for geofence warrants rose 1500 percent from 2017-2018 and another 500 percent from 2018-2019. “Google location data turned a random biker into a burlary suspect”, Kim Lyons, The Verge, March 7, 2020.

 

 

First Amendment

 

Geofence warrants also raise First Amendment concerns about a person’s freedom of association (eg. targeting political rallies, meetings, etc.). Last summer the Manhattan District Attorney’s office used a geofence warrant to investigate a politically-motivated assault. The Defendants, pro-Trump supporters called the “Proud Boys”, allegedly attacked several leftist protesters. Prosecutors sent Google a warrant requesting records of cell phones in the area the fight calling it a “reverse location” search warrant. Google forwarded an “anonymized list”[15] of Google device ID’s for several specific locations. Authorities then used spreadsheets to cross-reference the numbers to see which ones showed up at more than one location. When the assault and riot charges against four “Proud Boys” went to trial, prosecutors revealed that they had used a reverse search warrant but that they hadn’t done so to find the Proud Boys suspects—they did it to find protesting members of a rival group that were believed to be victims of the assaults. By process of elimination, however, they eventually discarded all of the device numbers as belonging to any of the victims. “Manhattan DA got Innocent People’s Google Phone Data Through a “Reverse Location” Search Warrant”, George Joseph, WNYC, Aug.12, 2019

 

Other Technologies that Raise Privacy Issues

 

            Google Nest and Amazon Ring are home security camera systems with cloud-based storage.  Amazon-owned Ring with its ubiquitous doorbell cameras has entered into agreements with over 600 police agencies. Homeowners opt-in or out of a program which allows police to request and download video recorded by the motion-detection, internet-connected cameras inside and outside their homes. Police can keep the video and share it with whomever they’d like without any initial showing of probable cause. They can request up to 12-hours of video from anyone within half a mile of a suspected crime over a 45-day periods as long as they include the case number for the crime they are investigating without reference to evidence or other details of the crime. Ring is now even developing near real-time (NRT) facial recognition capabilities to add to its cameras.

 

Homeowners themselves can share the footage on the Ring social network “Neighbors”. The “Neighbors” app includes a law enforcement portal. Police can post alerts and request video from people who live near a crime scene. The portal tells police whether any of the cameras in the area recorded a video around the time of the crime.  Police get access to the portal by entering an agreement with Ring. Ring provides cameras to the police and in return the police give Ring access to the police department’s call logs or incident reports which it then uses to post alerts on Neighbors.

 

Police can keep Ring camera video forever and share with whomever they’d like, Amazon tells Senator”, Drew Harwell, The Washington Post, Nov.19, 2019; “Amazon is developing high-tech surveillance tools for an eager customer: America’s Police”, Jon Schuppe, NBC News Aug.8, 2019 (www.nbcnews.com); See also “Smart Home Surveillance: Governments Tell Google’s Nest To Hand Over Data 300 Times”, Thomas Brewster, Forbes, Oct 13, 2018 (A smart home is a surveilled home. “On Friday Forbes revealed the first known case in the U.S. in which Nest handed over surveillance feeds and customer data from its cameras. Indeed, it appears to be the first documented case of Nest assisting law enforcement in such a manner anywhere in the world. The information was provided to investigators looking into a $1.2 million fraud perpetrated by a rap crew that had taken control of surveillance technology tracking 95% of Americans.”).

 

            There are a number of gadgets that police will soon be able to carry with them to help in pursuit situations. Pocket drones (UAS-unmanned aerial systems) are small, inexpensive drones that attach to a cell phone case and stream video back to a phone. So if the police are chasing a suspect and need an aerial view they just deploy the drone. GPS-equipped darts that stick to a fleeing vehicle and let authorities track the vehicle’s movements without a high-speed pursuit.

 

The FBI has developed a database called “Next Generation Identification” (NGI) which is the world’s largest and most efficient electronic database of biometrics (DNA/fingerprints) and criminal history information. Some agencies are using INK (Identity Not Known), a device to scan a suspect’s fingerprint and match it to identity information in a database in under a minute.

 

Shotspotter” uses sensors to detect gunshots, track the location and relay it to police. Handheld thermal imaging devices can be used to track the motion of suspects in a darkened environment. Automatic License Plate Recognition (ALPR) that is used to scan your license plate to collect highway tolls is also used by the police to speed up the process of checking a plate against a database. ALPR cameras can be mounted in tollbooths, intersections or in police cars. Multiple cameras can capture images of the license plate to track a vehicle’s movement over time. See “10 Innovative Police Technologies”, Erik Fritsvold, PhD, University of San Diego Law Enforcement and Public Safety Leadership 2020

 

Amazon’s Web Services provides secure cloud storage to various law enforcement agencies. In addition it provides other tools such as speech-to-transcription service that allows analysts to flag jail calls with keywords such as “gun”. Amazon is developing “voice biometrics” which could identify participants on a jail call or other call by the sound of their voice.

 

Senators Lindsey Graham (E-SC) and Richard Blumenthal (D-CT) in March introduced anti-encryption legislation that would require every message sent to be scanned by Government-approved software and would prohibit companies from encrypting messages [Eliminating Abusive and Rampant Neglect of Interactive Technologies (EARN IT Act). See also “CISA: the dirty deal between Google and the NSA that no one is talking about” Evan Greer & Donny Shaw, Juy 29, 2015 (The Hill, www.thehill.org) (cybersecurity information sharing act – companies given expanded authority to monitor their own users and given immunity from virtually all existing surveillance laws, are encouraged to share information regarding “cyber threat indicators” with the Government).

 

 

The Impact of Location Tracking for Fighting Coronavirus (COVID-19)

 

U.S. Chief Technology Officer Michael Kratsios recently met with a task force comprised of federal agency officials, representatives from Harvard and executives from Google, Facebook, Twitter, Microsoft, Amazon and 55 other tech companies to discuss ways to use smartphone location data to battle the coronavirus. (3/20/20 TheVerge.com “Tech Companies could face more pressure to share location data with Governments to fight

coronavirus”, Casey Newton; “Facebook, Google discuss sharing smartphone data with Government to fight coronavirus, but there are risks”, Sheng, 3/19/20, cnbc.com,; thenextweb.com, “The US wants to track your phone’s location data to help limit the spread of coronavirus”, Mehta, 3/19/20). The information could include “tracking whether people are keeping one another at safe distances to stem the outbreak” (“U.S. Government, tech industry discussing ways to use smartphone location data to combat coronavirus”, TheWashingtonPost.com, Romm/Dwoskin/Timberg, 3/17/20). As it turns out this is not a new concept. Facebook has previously provided aggregated, anonymized location data since 2017 to track and map population movements during natural disasters and disease outbreaks and the database is accessed by 125 nonprofits and research institutions.

 

The same tools used to track movement can also track whether people are staying in place. Israel and England already use such cellphone surveillance. Israel is sending customized texts to people telling them they had been in proximity to another person who has tested positive for the virus. The Israeli Government had not disclosed its capability to tap into citizens’ location data until this crisis (see New York Times, “To Track Coronavirus, Israel Moves to Tap Secret Trove of Cellphone Data”, 3/16/20, Halbfinger/Kershner/Bergman)(data secretly gathered to combat terrorism since 2002 being used for public health effort). The text also contained a quarantine order. In England, the Government is working with a telecom company, as opposed to a tech company, to see how citizens in London are reacting to social distancing and transport restrictions. See also The Wall Street Journal, 3/22/20, Grind/ McMillan/Mathews, “To Track Virus, Governments Weigh Surveillance Tools that Push Privacy Limits”) (Geolocation services track locations of people in vectors of infection and facial-recognition systems can identify photos who came into contact with infected individuals);  Business Insider, 3/17/20, “Google, Facebook, and other tech companies are reportedly in talks with the US Government to use your location data to stop the coronavirus—and to see if social distancing is really working”, Holmes).

 

Such information could be used to enforce prohibitions of groups of 10 or more, shelter-in-place orders to help map and determine likelihood of transmission of the virus. Vox, “The Government might want your phone location data to fight coronavirus. Here’s why that could be okay”, 3/18/20, Morrison: “Cellphone location data is seen as particularly sensitive because of the immense amount of personal information that can be gleaned from it. The Federal Communications Commission (FCC) recently moved to issue massive fines to cellular phone carriers that were accused of selling individual location data. Here the Government is seeking not an individual’s data but aggregated information impossible to trace back to individuals. (Different from the “health code”, a QR code assigned to users in China restricting their movements, reporting their location to law enforcement, or allowing people to check if they have been in close contact with someone infected with the virus).

 

Austria has launched coronavirus tracking technology. Its “Stop Corona” app, released by the Austrian Red Cross, uses the Bluetooth transmitter on users’ phones to monitor other phones in their vicinity.  That information is stored on the phone so if the person later suspects he or she has come down with COVID-19 that information can be uploaded from the app to alert others anonymously that they may have been exposed. According to the Government, no central database exists and users can delete the app if they was to stop being tracked.  See “Use of Tracking Technology Meets Resistance in Europe”, Michael Birnbaum & Christina Spolar, Washington Post, April 19, 2020; see also “COVID-19 Phone Location Tracking: Yes, It’s Happening Now—Here’s What You Should Know”, Zack Doffman, Forbes Mar 27, 2020.

 

While not all countries doing contact-tracing are concerned to the same degree with an individual’s right to privacy, the ramifications of using even the most anonymous and depersonalized location tracking programs are nevertheless significant. The technology structure that is being built in the wake of the virus may have unforeseen uses in the future in countries interested in monitoring its citizens for other purposes.

 

 

Is the Use of Technology Being Disclosed to the Defense?

 

Technology advances have given the term “investigation” an entirely new meaning. Law enforcement agencies have initiated criminal investigations based on what they have observed on cameras installed around city locations. Police view what may be criminal activity from a remote location via video streamed to a viewing center and then send officers to intercede. See “New Orleans Police appear to use surveillance to initiate investigations” Mike Hayes, June 3, 2019, The Appeal (www.theappeal.org) .

 

Sometimes defendants are unaware of the origins of the investigation and evidence against them:

“In the United States today, a growing body of evidence suggests that the federal Government is deliberately concealing methods used by intelligence or law enforcement agencies to identify or investigate suspects—including methods that may be illegal. It does so by creating a different story about how agents discovered the information, and as a result, people may be imprisoned without ever knowing enough to challenge the potentially rights-violating origins of the cases against them.

Through a practice known as “parallel construction,” an official who wishes to keep an investigative activity hidden from courts and defendants—and ultimately from the public—can simply go through the motions of re-discovering evidence in some other way. For example, if the Government learned of a suspected immigration-related offense by a person in Dallas, Texas, through a surveillance program it wished to keep secret, it could ask a Dallas police officer to follow the person’s car until she committed a traffic violation, then pull her over and start questioning her—and later pretend this traffic stop was how the investigation in her case started.”

******

Judge: [I]f, you know, there was an illegal search … followed by a legal search, but that was only obtained because now that you had the illegal search, you knew something about [the case], that would be a concern to the Court.… And that is the fruit of the poisonous tree, potentially.

Prosecutor: I respectfully dispute that point.… [I]n fact, I don’t have any concern about that.

—Hearing transcript, United States v. Lara (Northern District of California), December 2013

“Secret Origins of Evidence in US Criminal Cases”, Human Rights Watch (2018), www.hrw.org/report/2018/01/09/dark-side/secret-origins-evidence-us-criminal-cases

Conclusion

 

While consumers enjoy the functionality, connectivity and convenience of cell phones and other mobile devices, many others see these developments as nothing less than a technological assault on privacy rights. Telecommunications companies, corporations and government institutions are armed with indiscriminate, dragnet-type data collection capabilities. Those entities claim that by using our phones we voluntarily agree to hand over information about ourselves that we do not even know is being collected. That very personal information is then sold and commodified on a mass scale. Law enforcement and tech companies have realized accessing that bulk data is a mutually beneficial proposition. The most important question of our time is how technology will affect our concept of individual privacy. The answer will be the subject of continuing constitutional debate. And criminal lawyers will be the first line of defense.

 

 

About the Authors

 

 

Cheryl Meyers Buth is the founding partner of Meyers Buth Law Group pllc and was admitted to the New York Bar in 1994; Joel L. Daniels is a criminal lawyer who has been practicing in Buffalo, New York since 1964. Mr. Daniels and Ms. Meyers Buth have frequently worked together for more than 25 years. Both are past recipients of the Charles F. Crimi Award from the New York State Bar Association honoring defense lawyers in private practice who embody the highest ideals of the Criminal Justice Section of the Bar.

 

[1] “Cellular” technology is the use of wireless communication most commonly using personal mobile devices. The term “cellular” comes from the design of the system, which carries information (eg. data can include voice, text, pictures, video, etc.) from geographical service areas that are divided into smaller pockets called cells with a tower in the middle. Traditional cellular technology uses analog service which modulates radio frequencies to carry information like the human voice (FM-frequency modulation). “Digital” does the same thing using a binary code to represent any signal as a sequence of ones and zeros. Since the information is broken down into smaller units, it can be sent faster and more securely than analog over radio bands (subsections of the spectrum of radio frequencies; common terminology includes “broadband” or “broadband spectrum”.)“Wi-Fi” is basically just another band (channel) of radio, intended to cover much shorter distances, used to wirelessly connect devices through an access point. For example, your laptop or iPad connects to the router installed in your home or office for internet access. That kind of access does not normally use the cellular network, relying instead on telephone lines, televisions cables, or dedicated internet cables to reach internet routers. This kind of access is usually cheaper than cellular data access on your phone (usually your phone plan charges more for data as anyone who has used their phone as a hotspot for internet access knows). “Bluetooth” is a name brand of wi-fi technology that allows a personal mobile device to communicate with a fixed device over short distances (less than 30 feet) using radio bands. For example, using a phone to open a smart lock or communicate with a speaker. www.scienceclarified.com

 

[2] Radar uses radio waves sent from a transmitter which reflect off an object and return to the receiver, giving information about the object’s location and speed. Cell networks produce smaller, weaker signals that are sent primarily along two radio bands. Their strength fluctuates based on traffic to the particular tower. Radar is more sensitive and operates on different bands than cell networks.

 

[3] Proximi is a marketing company that develops positioning platforms

 

[4] Pursuant to 18 U.S.C. §2703(d), the Government may require the disclosure of telecommunications records when “specific and articulable facts show that there are reasonable grounds to believe the contents of a wire or electronic communication, or the records or other information sought, are relevant and material to an ongoing criminal investigation”. The records subject to disclosure include the date and time of calls, and the approximate location where calls began and ended based on their connections to cell towers–“cell site” location information (CSLI).

 

 

 

[5] Suspecting Katz was using public phones to gamble on sports, federal agents installed an eavesdropping device on the outside of a payphone booth Katz used. Deciding that the absence of a physical intrusion into the phone booth itself was not dispositive, the Supreme Court held a Fourth Amendment “search” had occurred (only Justice Marshall dissented). The idea that the Fourth Amendment provided a “reasonable” expectation of privacy came from Justice Harlan’s concurrence. Justice Potter Stewart famously wrote for the majority “The Fourth Amendment protects people, not places”.

[6] Rather than relying on cellular networks, GPS tracking uses satellites to triangulate a user’s exact location. WiFi location technology uses network signal strength to estimate distance.

[7] The cell carrier can access the baseband processor at will through the device’s microphone and camera. Law enforcement can do real-time GPS tracking with a cell phone by asking the phone company to “ping” the target phone to discover its real time location. The Government can also use its own technology rather than relying on the phone company. For example, “stingrays” or cell-site simulators are devices that police can use to directly track cellphones so they can cut the phone company out of the middle. (tricking nearby phones into revealing their location information believing the simulator is an actual cell site) They can also obtain a record of outgoing/incoming calls, texts and listen-in on a call. Id.

 

[8] Most mobile phones are now equipped with GPS. Google’s location services also gather information from nearby Wi-Fi and cell networks.

[9] Last April the United States House Committee on Energy and Commerce sent a letter of inquiry to get more information about the database, including how data is stored, other entities that have access to data or derived analytics, and whether Google sells, licenses or discloses data to other third parties in addition to law enforcement.

 

 

[10] Sophos is a cybersecurity company

[11] Mr Chatrie is represented by the Laura Jill Koenig and Paul Geoffrey Gill of the Office of the Federal Public Defender and Michael William Price of the National Association of Criminal Defense Lawyers (pro hac vice).The Government is represented by Kenneth R. Simon, Jr. and Peter S. Duffey of the United States Attorney’s Office in Richmond. Google appeared through Wilmer Cutler Pickering Hale & Dorr, LLP (Brittany Blueitt Amadi, Alex Campbell Hemmer and Catherine Mary Agnes Carroll, Of Counsel).

[12] Cf. “COMSEC: Off-the-Grid Communications Strategies for Privacy Enthusiasts, Journalists, Politicians, Crooks and the Average Joe”, Justin Carroll & Drew M. 2018 at p.10 (“Location Tracking: Because th[e baseband] processor may be constantly engaged in may be collecting your location at all times. We consider this to be one of the greatest threats to your privacy. All Smartphones now offer the ability to somewhat control location services on the application processor level through software settings. It is impossible to control the baseband processor, however. One noteworthy example of this is the Android phone debacle that made news in late 2017. The online magazine Quartz broke a story in late December detailing Android’s data collection. Even with location services fully disabled, it turns out that Android phones were still reporting their location to Google (the maker of the Android AP operating system). . . Even with location services completely disabled and no SIM card present, devices were able to record their locations in relation to cellular towers. Google admitted to this practice immediately and agreed to end it. This still does not protect you from the cellular carrier however.” (pp. 2-3); See “Google collects Android users’ locations even when location services are disabled”, Keith Collins, Quartz, Nov. 21, 2017

 

 

[13] “In 2014, M. Hannah Lauck was unanimously confirmed by the Senate to serve as United States District Judge in the Richmond Division of the Eastern District of Virginia. She is the first woman to serve in this position. Prior to becoming a district judge, Judge Lauck had served as a United States Magistrate Judge since May of 2005.  She is a member of the Virginia and District of Columbia bars, and the Fourth Circuit Judicial Conference.

Judge Lauck received her B.A. in Political Science from Wellesley College, magna cum laude and Phi Beta Kappa, in 1986. She received her J.D. in June 1991 from Yale Law School. After law school, she clerked for the Hon. James R. Spencer in the Richmond Division of the Eastern District of Virginia. Judge Lauck then worked in a Washington, D.C., law firm. In 1994, she began her ten-year tenure as an assistant U.S. attorney, prosecuting both civil and criminal cases. Before becoming a judge, Judge Lauck served as a supervising litigation attorney at the headquarters of Genworth Financial, Inc., a Fortune 500 company based in Richmond.”

Virginia State Bar (vsb.org)

 

 

[14] As of August 2018, members of the military on deployment were prohibited from using fitness trackers, personal phones or other devices with geolocation features in operational areas: “These Global Positioning System capabilities can expose personal information, locations, routines and numbers of DoD personnel.” “New Policy Prohibits GPS Tracking in Deployed Settings”, Aug. 6, 2018, Jim Garamone, DOD News. For a good summary of cases involving these technologies see “Electronic Evidence in Criminal Investigations and Actions: Representative Court Decisions and Supplementary Materials”, Ronald J. Hedges, Editor (Sept. 2019)

 

[15] Cf. Paul Ohm, Groken Promises of Privacy: Responding to the Surpising Failure of Anonymization, 57 UCLA L.Rev. 1701, (2010) (gathering research on the science of “reidentification” from alleged anonymized information to show true anonymization is an impossibility); see also Stuart A. Thompson & Charlie Warzel, “Twelve Million Phones, One Dataset, Zero Privacy”, N.Y.Times (Dec. 19, 2019)