Geofence Warrants: The Mass Location Surveillance and Privacy Threat Created by Google May Be Eliminated by Its Creator
by Anthony W. Accurso
The Fourth Amendment to the U.S. Constitution guarantees “[t]he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures” and requires that warrants be issued only “upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the person or things to be seized.”
This language was adopted in response to general warrants issued in pre-revolutionary American colonies that allowed officials to conduct a “general, exploratory rummaging” through the homes and businesses of any person remotely suspected of criminal activity. Coolidge v. New Hampshire, 403 U.S. 443 (1971). While such warrants were not strictly legal under English law, the structures of judicial oversight were often rigged against the colonists.
Sometimes known as “writs of assistance,” these warrants were “widely used by British officials to search colonists’ imported goods to ensure compliance with the tax code.” In an 1817 letter, Founding Father and subsequent President John Adams referred to a speech (which condemned such abuses) given by James Otis, a young lawyer from Boston, as “the birth of America’s struggle for independence.”
The wording of the Fourth Amendment with respect to search warrants has been interpreted since the founding to have two primary requirements: a showing of probable cause and sufficient particularity in relation to that showing.
Probable cause requires some quantum of proof that a crime has been committed. This requirement prevents officials from seizing and searching people at will, without any indication of their engaging in criminal behavior to determine whether a crime has even been committed. That is, it prevents so-called “fishing expeditions” and baseless harassment by the government.
Particularity imposes limitations as to the places or persons to be searched, and it serves to prevent executing officials from having sole discretion over which persons should be arrested and which places should be searched. This requirement always accompanies the showing of probable cause, requiring that the places searched or things seized must have sufficient relation to the crime being investigated.
Search warrants allege that there is a “fair probability” that evidence of a crime will be located in a particular location. This is often direct evidence but can also include witnesses. Such warrant authorizes law enforcement to search an area otherwise deemed private and protected by the Fourth Amendment. However, there are recognized exceptions to the warrant requirement that permit police to conduct a warrantless search when evidence of a crime is readily apparent or some other recognized situation that excuses warrantless searches. Accordingly, a large portion of case law is devoted to determining when a search for Fourth Amendment purposes actually occurs.
Prior to the widespread use of computers, “the greatest protections of privacy were neither constitutional nor statutory, but practical,” because technological limitations made certain types of intrusion and surveillance either impossible, difficult, or prohibitively expensive. United States v. Jones, 565 U.S. 400 (2012). Yet, an 1890 law review article published by Samuel Warren and Lewis Brandeis warned that “recent inventions … call attention to the next step which must be taken for the protection of the person” and that “numerous mechanical devices threaten to make good the prediction that ‘what is whispered in the closet shall be proclaimed from the house-tops.’”
As predicted, those inventions did come. First came the telephone and followed shortly thereafter by the wiretap and pen registers. The speed and ease with which computers handle and store enormous amounts of digital records at very low costs have led to mind-boggling amounts of even the most minute and personal data about customers kept for long periods—which are extremely enticing sources of evidence for law enforcement. Eventually, global positioning systems and smartphones would raise a whole host of constitutional questions.
These technologies are used by citizens in the ordinary course of daily life, but they are also used by police to investigate crimes. Many of these technologies used as investigatory tools by law enforcement have been brought before the Supreme Court of the United States (“SCOTUS”) for adjudication on the issue of when a search occurs and thus necessitating a warrant.
In 1928, SCOTUS considered a case brought by one of several convicted bootleggers whose criminal case was, at least in part, based on evidence obtained from wiretaps. SCOTUS upheld a lower court’s denial of the defendant’s suppression motion with Chief Justice Taft writing, “There was no searching. There was no seizure. The evidence was secured by the use of the sense of hearing and that only. There was no entry of the houses or offices of the defendants.” Olmsted v. United States, 277 U.S. 438 (1928).
This ruling was so broadly unpopular that Congress passed Section 605 of the Communications Act of 1934 at least partly in response. This law was eventually deemed ineffective because it did not prevent wiretaps per se, allowing law enforcement to “wiretap freely so long as it did not seek to use the product as evidence at trial.”
Olmstead’s literal interpretation of the Fourth Amendment was overturned in 1967 in another case involving wiretaps, Katz v. United States, 389 U.S. 347 (1967). SCOTUS suppressed evidence obtained when police used a wiretap on a public phone booth used by Katz. Justice Stewart famously described the high Court’s shift in reasoning by writing, “the Fourth Amendment protects people, not places.”
It was Justice Harlan’s concurrence in Katz that announced the now-famous two-part test for determining whether a search occurred for purposes of the Fourth Amendment. He wrote: “first that a person have exhibited an actual (subjective) expectation of privacy and, second, that the expectation be one that society is prepared to recognize as ‘reasonable.’”
The negative corollary to the Court’s reasoning in Katz produced the third-party doctrine, “which asserts that disclosure of private facts to a third party constitutes forfeiture of reasonable expectation of privacy.” This rule has seen frequent use since its inception in United States v. Miller, 425 U.S. 435 (1976), in which SCOTUS held no warrant was required to obtain a defendant’s financial records from his bank because he had no expectation of privacy in them after voluntarily providing them to the bank—a third party. Subsequently, law enforcement need only issue a subpoena or request to a company to obtain business records, even those regarding a customer.
A further distinction was drawn between “content” and “metadata” in Smith v. Maryland, 442 U.S. 735 (1979), when SCOTUS authorized use of a pen register, “for pen registers do not acquire the contents of communications,” they merely make a record of the numbers dialed from a defendant’s phone.
The Electronic Communications Privacy Act of 1986 statutorily codified these rules but also included electronic communications data “in transit, and when they are stored on computers.”
The most significant and recent shift away from the third-party doctrine came from the Supreme Court’s ruling in Carpenter v. United States, 138 S. Ct. 2206 (2018). Law enforcement sought “tower dumps”—metadata stored by cellular companies which include location data—for the purpose of tracking the movements of Timothy Carpenter over a 127-day period. The lower courts denied Carpenter’s suppression motion, ruling the data constituted “business records” maintained by the carrier that do not require a warrant under the third-party doctrine. SCOTUS reversed, citing the “novel circumstance” of being able to retroactively track a person’s movements over such a long period of time, deeming this a significant invasion of privacy.
And though Carpenter seemed to contradict or limit the third-party doctrine, it was in keeping with the Court’s ruling in United States v. Jones, 565 U.S. 400 (2012). The Jones Court held that “the government’s installation of a GPS device on a target’s vehicle, and its use of that device to monitor the vehicle’s movements [over a four-week period], constitutes a ‘search.’”
Justice Scalia wrote in Jones, “GPS monitoring generates a precise, comprehensive record of a person’s public movements that reflects a wealth of detail about her familial, political, professional, religious, and sexual associations,” and that the “government can store such records and efficiently mine them for information years into the future.”
However, the Court expressly stated that Carpenter was a narrow ruling, which has been interpreted in two very different ways: privacy advocates see it as requiring a warrant to obtain business records if those records contain location data, whereas law enforcement has taken it to mean that a warrant is required for tower dumps only.
For instance, Criminal Legal News has reported that, despite harsh criticism, the Department of Homeland Security and other federal agencies have purchased location data from app data brokers with the intent of investigating crimes such as tax evasion, drug smuggling, and illegal border crossings.
Google’s Location History
Google stands out as one of the most visibly successful tech companies of the modern era. It began as an internet search provider but has greatly expanded its product offerings. Its Android operating system “controls around eighty-five percent of the global smartphone market,” though only “46.8% of … U.S. smartphones.” Even on Apple smartphones, which comprise most of the remaining smartphone market in the U.S., people use Google products such as Search, Mail, and Maps. “[F]or the over 220 million estimated U.S. mobile search users, 96% of searches were conducted via Google as of the first quarter of 2020.”
Despite many of its products ostensibly being offered for free to people all over the world, Google is extremely profitable, and the largest share of its earnings comes from advertising. The company has become somewhat infamous for the amount of data that it obtains from even casual users of its products, all in the name of providing “tailored ads” to customers.
This customer data is perceived as a vast library of records that can be obtained by police to investigate crimes. “From January to June 2020, for example, Google received—from domestic law enforcement alone—15,588 preservation requests, 19,783 search warrants, and 15,537 subpoenas, eighty-three percent of which resulted in disclosure of user information.”
“Google is increasingly the cornerstone of American policing,” said Albert Fox Cahn, a lawyer and executive director of the Surveillance Technology Oversight Project.
Among Google’s portfolio of products is its Maps application. It was launched in 2009 to help customers locate businesses and get directions. As of 2018, “sixty-seven percent of smartphone users who use navigation apps prefer Google maps.” The next most popular navigation app is Waze, which was purchased by Google in 2013.
In time, Google perceived value in not only providing directions but also in tracking the physical locations of its users. This allows for precision location-based advertising. For example, while using a navigation product in a particular area, a user will receive targeted ads from businesses physically near their reported location. Google can also correlate user location and business information to assess “conversion rates.” If Google shows an ad for a nearby business to a customer, and then observes the customer going to and entering the business, it can use such data to impress other businesses with the efficiency and success of its advertising model.
Because of its usefulness, Google attempts to locate a user in physical space anytime the person accesses one of its products, even simple internet searches. When GPS is enabled on the device and made accessible to the app, the accuracy can pinpoint a user within a few feet. “In some instances, Google’s estimation of a device’s location may include an estimate of where a device is in terms of elevation. For example [Google] has the capability to determine if a user is on the second floor of a mall.”
According to court testimony by Marlo McGriff, a Google employee, “if a user opens Google Maps and looks at the blue dot indicating Google’s estimate of his or her location, Google’s goal is that there will be an estimated 68% chance that the user is actually within the shaded circle surrounding the blue dot.”
The “blue dot” is also referred to as the “Maps Display Radius.” This confidence rating is very widely based on the sensor Google is using to estimate a user’s location. While GPS is an obvious source of data, even when GPS isn’t available, Google can attempt to locate a device from its nearness to cell phone towers (cell-site location information or “CSLI”). Android phones also, by default, constantly scan for Wi-Fi and Bluetooth signals. These can also be used to determine the location when compared to known data. For instance, a user might disable GPS, but when they drive past a Wi-Fi hotspot at a McDonald’s, Google can infer their location.
Further Google attempts to track users in near real time. According to court testimony by Spencer McInvaille, a forensic expert, “geolocation data is routinely collected from those sensors at certain intervals, about every two minutes, but the intervals can fluctuate.” Google stores these signals in a database known as Sensorvault, tracking access to its products from billions of devices from all over the globe.
According to Google, a person who registers for an account can control whether this location data is retained for a specific period of time. This is through a lesser-known product called “Location History.” Google ostensibly provides this service so users can “keep track of locations they have visited while in possession of their mobile device. For example, a user can observe their visit to a ski resort and their travel to that ski resort from their hotel.”
Though Location History must be intentionally enabled by a user, it is one of the default options presented to a person who is configuring a new Android smartphone. According to court testimony by Emily Mosley, another Google employee, “[r]oughly one-third of all active Google users had Location History enabled on their Google accounts,” such that in “October 2018, there were approximately 592 million daily active users of Location History worldwide.”
Google and Geofence Warrants
The information stored in Sensorvault is exactly the kind of surveillance data that the government desires when it seeks to identify a suspect or place a known suspect at a specific location at a specific time. “The government wants haystacks. It firmly believes it can find needles,” wrote Tim Cushing for TechDirt.
Beginning in 2016, some creative and enterprising police officers began asking Google for this information. Because this data was perceived as “business records” stored by a third party, these initial requests were unofficial requests or subpoenas for all the user data associated with any device that was present within some arbitrary number of meters of the location a crime was committed, further narrowing this by an arbitrary time during which police suspected the crime took place.
This is how geofence warrants got their name, from the invisible lines of demarcation or “fence” erected around a geographical space inside which users may be identified. They are also referred to as “reverse location search warrants” in that, instead of identifying a known suspect and seeking to search that suspect’s property, reverse location warrants first seek to identify the suspect from an alleged location.
During that first year, Google received fewer than 100 requests. The process has evolved significantly in the intervening years due to its popularity as a law enforcement tool, and it isn’t difficult to understand why.
Imagine someone is shot in a nightclub. Also imagine that, before the shooter or any potential witnesses are allowed to flee the scene, police are able to cordon off the area and interview people about their movements when the shooting occurred and even throughout the proceeding 24 hours. Officers would have a reasonable expectation that they would be able to identify the shooter, not necessarily by finding a firearm on a particular person, but by gathering enough information to make a reasonable determination. Imagine also that when doing this, they had other indexed information available such as prior criminal histories, gang association data, and whether someone present was on probation or supervision.
Having a magical device that could transport officers to the scene to accomplish this detective work would be invaluable. Even more so if they could be transported to the scene of the crime even if several days or months had passed.
The Location History data in Sensorvault, in many ways, allows police to do just this. They can determine who was nearby when a crime was committed, even after a significant amount of time has passed. They can track the movements of those persons of interest back to their homes or jobs and interview them. Importantly, this location data can be correlated against other databases in the possession of law enforcement in an investigative strategy known as “fusion.”
With enough historical data, police can in theory solve almost any crime, from murders on down to petty theft. And previously, where officers would have to do a significant amount of legwork to identify and then investigate a suspect, police can now instead use location history information to get a wealth of data on anyone near where a crime was committed.
This new tool by police to identify suspects and witnesses has proven itself so useful that police from all over the country are flooding Google with data requests. What began as a trickle of requests in 2016 has become a veritable Niagara Falls of requests. And while Google has worked with police to fulfill lawful requests, it has adopted several legal positions and policies since 2016 to manage this process.
Google has decided that only Location History data “is responsive to a geofence search warrant, as it is the only location data that is associated with a Google account with sufficient precision.” Thus, the company has so far refused to fork over location data it collects on casual users of its products.
Google has also decided that Location History information is the private property of its users. Since the company consulted with the Department of Justice’s Computer Crime and Intellectual Property Section (“CCIPS”), it now requires that all requests for location history data must be in the form of a court issued warrant.
Google also began charging $245 per request in 2020 pursuant to federal law, which allows private entities to offset the costs of complying with warrants and subpoenas by charging the agencies making the requests.
This fee was also seen as an effort to stem the tide of requests. “Tallies have continued to grow, however, and Google received an average of more than 30 geofence warrants per day in 2020,” according to an article in the Stanford Law Review. The most recent count was that Google received 11,554 geofence warrants in 2020, up from 8,396 in 2019 and 982 in 2018.
Finally, also in coordination with CCIPS, Google has required all warrants it receives to comply with its guidelines, which define three steps for each request. Under threat of non-compliance and a costly court battle, police have largely adhered to these guidelines.
According to the National Association of Criminal Defense Lawyers (“NACDL”), the “geofence process involves up to three steps, which may be completed through a single or multiple warrants or through a combination of warrants and other forms of process.” This means that each step may comprise a single warrant, be separated into three warrants, or some hybrid including a subpoena only for unmasking.
Step One (“the dump”) is where “the government first seeks anonymized numerical identifiers [device IDs] and time stamped location coordinates for every device that passed through an area and a specified window of time,” according to the NACDL. The result is a spreadsheet with the following details for each “hit”: device ID, date, time, latitude, longitude, source (i.e., GPS, Wi-Fi, or CSLI), and Maps Display Radius (in meters.)
Step Two (“selective expansion”) requires the police to choose some subset of the devices identified in Step One for which they can obtain location information from outside the initial time window. This is accomplished by correlating other known evidence with the data from Step One. For instance, if robbery suspects were seen fleeing in a vehicle, investigators would focus on device IDs that left the area at the speed of a vehicle in the reported direction. Google would then provide information about where a suspect’s vehicle traveled before and after the crime was committed—a suspect’s home perhaps.
Step Three (“unmasking”) involves police requesting user account details on device IDs of interest remaining after expansion from Step Two. This includes all identifying information on the user such as full name, birthdate, phone number, and even recovery email addresses.
Geofence Warrants and the Courts
Criminal Legal News readers may, at this point, wonder if other tech companies collect location data about their users and whether police have attempted to obtain this data. According to an article in the Harvard Law Review, “[t]hough Apple, Lyft, Snapchat, and Uber have all received these warrants, Google is the most common recipient and the only one known to respond.”
Large tech companies have vastly more resources than most law enforcement agencies or their parent jurisdictions, with the exception of the federal government. That the companies have been unwilling to release user location data and have been allowed to maintain this position without significant litigation speaks to a variety of factors. Of course, it may simply be that Google has more users, more data, and more precision than any other company and is willing to release it to police. This may be why, in large part, Google has been able to dictate the terms under which it releases the data, for better or worse.
Requiring police to obtain a warrant has had the effect of normalizing the idea that obtaining this data is in fact a “search” under the Fourth Amendment. The warrant requirement, until recently, has not proven to be an effective safeguard to obtaining data. Despite the fact that Google has processed approximately 25,000 geofence warrants since it began doing so in 2016, very few appear to have been denied by magistrate judges or even subjected to any kind of serious scrutiny.
“Geofence warrants are usually sealed by judges,” according to the Harvard Law Review, though there seems to be no requirement for doing so. “In fact, geofence warrants, like most warrants, are almost certainly judicial records, which are the quintessential business of the public’s institutions and should, by default, be available to ensure the transparency of the court’s decision-making process.”
Ideally, judges who issue warrants are “neutral and detached” whose decisions regarding issuance are “informed and deliberate.” United States v. Lefkowitz, 285 U.S. 452 (1932). But judges do not always understand the technology involved or its implications when considering criminal investigations. As a prime example, during oral argument in City of Ontario v. Quon, 560 U.S. 746 (2010), Justice Kennedy asked “whether, if you are trying to text somebody who is simultaneously texting someone else, you will get a voicemail saying that your call is very important to us; we’ll get back to you.”
Reporting by Tim Cushing of TechDirt in February 2019 revealed that Minnesota police submitted warrants that “contain GPS coordinates but no map of the area covered” so that the “warrants likely don’t give judges any idea how many people will be swept up in these data requests.” Cushing also wrote that, of “the 22 reverse location search warrants issued in Hennepin County, only three times did the warrant application include [a] map demonstrating the geographic area being targeted by the warrant. And yet, the time difference between an officer signing a warrant request, and a judge approving it, was sometimes just a few minutes.”
One of the first and most widely publicized rebukes of geofence warrants occurred in a case from the U.S. District Court for the Northern District of Illinois, in which police sought a geofence warrant to investigate “the theft and resale of certain pharmaceuticals.” In re Search of Info. Stored at Premises Controlled by Google, 2020 U.S. Dist. LEXIS 165185 (2020). Of the three geofences requested, one “covered a 100-meter radius (over 7.7 acres of land) during the afternoon in a densely populated area containing restaurants, various commercial establishments, and at least one large residential complex.” The other two covered an area including “medical offices and other single and multi-floor commercial establishments that are likely to have multiple patrons.”
The reviewing magistrate judge, M. David Weisman, acknowledged that the suspect’s phone data would likely be included in the requested data but nevertheless ruled that the search was overbroad. Weisman wrote that it “strains credibility” to believe that individuals within the entire geofence either participated in, or bore witness to, the exchange of a mail package inside a business. To do so, potential witnesses would need to “possess extremely keen eyesight and perhaps x-ray vision to see through … many walls,” Weisman stated.
Weisman explained that the government’s request was insufficiently narrowed with regards to the crime scene. The “geographic scope of this request [is] a congested urban area encompassing individuals’ residences, businesses, and healthcare providers,” such that the “vast majority of cellular telephones likely to be identified in this geofence will have nothing whatsoever to do with the offenses under investigation.” He concluded by noting, “the warrant does not limit agents to only seeking identifying information as to the five phones located closest to the center point of the geofence, or some similar objective measure of particularity.”
As more courts wrote unsealed opinions about geofence warrants, Weisman’s assessment and rejection would signal a theme. Courts have agreed with Google’s assessment that geofence warrants are a “search” covered by the Fourth Amendment and that the geofenced area must be sufficiently limited in place and time so that most of the devices identified would belong to either suspects or likely witnesses. Or, in the words of the courts, the search occasioned by such a warrant must be sufficiently particularized. The officers investigating the pharmaceutical theft and sale would go on to try two more warrants in the Northern District of Illinois, only to be rejected both times.
In rejecting the second warrant application, Magistrate Judge Gabriel Fuentes noted that, though the government requested somewhat smaller geofenced areas, “the Court still has no idea how many devices and their users will be identified under the warrant’s authority.”
The third warrant requested was also reviewed by Magistrate Fuentes. This request did not include an unmasking step, and the government “limit[ed] the anonymized information [sought] to that which identifies individuals who committed or witnessed the offense.” Fuentes found these alterations also failed constitutional muster. He correctly assessed that the unmasking step performed by Google is unnecessary for police that already have a wealth of other surveillance data on citizens so that they would likely attempt to “accomplish indirectly what it may not do directly.”
His criticism of the instruction for Google to return device IDs belonging to only suspects or witnesses noted that police provided “[n]o further methodology or protocol” explaining “how Google would know which of these sought after anonymized information identifies suspects or witnesses.” In re the Search of Info Stored at Premises Controlled by Google, 481 F. Supp. 3d 730 (N.D. Ill. 2020).
In June 2021, District of Kansas Magistrate Judge Angel Mitchell denied a geofence warrant regarding an unspecified crime. The geofence there “encompass[ed] two public streets, that the subject building contains another business, and that the area just outside of the perimeter … includes residences and other businesses.” Mitchell wrote that the results of the search “would undoubtedly show” where certain devices were during the time requested, including the suspects, but the government statements were “too vague and generic to establish a fair probability—or any probability—that the identity of the perpetrator or witnesses would be encompassed within the search.”
She was also concerned with how the Maps Display Radius functioned, writing that the government failed to “explain the extent to which the geofence, combined with the margin of error, is likely to capture uninvolved individuals from … surrounding properties.” In re the Search of Info. That Is Stored at the Premises Controlled by Google, 542 F. Supp. 3d 1153 (D. Kan. 2021).
While these four warrants were denied for lack of probable cause and particularity due to the geofences potentially sweeping up too many uninvolved persons, at least one notable approval occurred in a federal district court. Magistrate Judge Sunil Harjani—also from the Northern District of Illinois—approved a geofence warrant in 2020 in relation to a series of approximately 10 arsons in the Chicago area. However, the geofence was very carefully crafted to obtain information on devices belonging to suspects or witnesses.
A summary in the Stanford Law Review noted: “The government requested six geofences, four located in commercial lots where the vehicle fires had occurred and two along areas of roadway where the unknown arsonists were alleged to have traveled. Each spanned between fifteen and thirty-seven minutes in length during early morning hours. All but one covered less than a city block, with the fourth proposed geofence covering an elongated roadway area approximately the length of 1.25 city blocks.”
Harjani noted that the warrant request was appropriately narrow because the buildings and streets contained in the geofences were unlikely to be occupied during the early morning hours requested and thus the warrant was “narrowly crafted to ensure that location data, with a fair probability, will capture evidence of the crime only.” In re the Search Warrant Application for Geofence Location Data Stored at Google Concerning an Arson Investigation, 497 F. Supp. 3d 345 (N.D. Ill. 2020).
Despite these published opinions, it appears that they are outliers because the vast majority of geofence warrants are approved with very little comment or oversight. The gatekeeping function of the courts is not limited to magistrate judges however. Where individuals have been charged with a crime that was investigated in part using a geofence warrant, only a few so far have been challenged in the form of a suppression motion.
The most notable approval of a geofence warrant in the suppression context came from the case of David Rhine, one of the many people charged with activities relating to disorderly conduct at the U.S. Capitol building on January 6, 2020.
Judge Rudolph Contreras of the U.S. District Court for the District of Columbia noted that the geofence area “closely, although not perfectly, contours the Capitol building itself” in an area that “is unusual for its lack of nearby commercial businesses or residences.”
“January 6 was a unique event in a geographically unusual place such that the scope of probable cause was uncommonly large,” wrote Contreras. “Because the Capitol building was not open to the public on January 6 due to the counting of the votes of the Electoral College, the fact of having entered the building during the geofence time frame itself constitutes evidence of a crime.” United States v. Rhine, 652 F. Supp. 3d 38 (D.D.C. 2023).
Another notable ruling in a suppression motion came from the case of alleged bank robber Okello Chatrie, who was charged in September 2019 with robbing $195,000 from a bank in Midlothian, Virginia. However, in this case, the geofence was very large.
“The area covered by the geofence was 78,000 square meters, or about 17 acres, but with the approximate margin of error added, the effective range was 470,000 square meters, or about 116 acres,” summarized a Stanford Law Review article. The geofence warrant covered a mixed residential commercial area alongside a busy regional highway. “In addition to the bank that was robbed, the geofence encompassed the entirety of a megachurch housed inside of a converted Costco superstore. Just outside of the geofenced region is a hotel with 68 guest rooms, the occupants of which would have been included in the Google returns if their maps display radii extended beyond a few yards.”
Law enforcement was particularly aggressive during the three-step process as well, repeatedly seeking data “for one hour on either side of the robbery … without geographic restriction” for every device that was contained in the initial dump. However, “Google did not comply until investigators identified a subset of nine users for further scrutiny.”
Remarking on the scope of the warrant, Judge M. Hannah Lauck wrote that the warrant “plainly violates the rights enshrined” in the Fourth Amendment because it “swept in unrestricted location data for private citizens who had no reason to incur Government scrutiny.” Though the warrant itself was deemed unconstitutional, the evidence obtained from it was still available to prosecute Chatrie thanks to the Leon good-faith exception.
“Lauck ruled that the evidence could stand in this case, saying the detective who sought the warrant was not at fault because he had no one telling him it was unconstitutional; he had successfully sought geofence warrants in past cases and had consulted with prosecutors,” reported nbcnews.com. United States v. Chatrie, 590 F. Supp. 3d 901 (E.D. Va. 2022).
A similar outcome would have occurred in a California state case were it not for the foresight of that state’s legislators. Laquan Dawes was charged with the burglary of a residence in San Francisco, and he filed a suppression motion for the geofence warrant used to identify him.
Judge Linda Colfax of the Superior Court of California, County of San Francisco made three significant points in her 59-page ruling, which granted Dawes’ suppression motion.
First, though all the federal courts had been relying on Fourth Amendment precedent to determine that obtaining location data from Google is a search, Colfax noted that Cal. Penal Code § 1546.1(a)(1), a provision of California’s Electronic Communications Privacy Act, defines “electronic communication service,” and under that definition, the location data stored by Google constitutes such a service. Further, § 15461.1(a)(2) states that this data is “protected,” meaning that a search warrant is required by law to obtain it.
Colfax then found the warrant overbroad in two respects. The design of the geofenced area “not only included the burglarized residence [in addition to the entire street area in which the suspect vehicle traveled], but also five other private homes on the same block.” Colfax wrote, the “geofence search warrant application affirmatively targeted the location information of the innocent habitants and visitors of the neighboring residences along with the suspects.”
Additionally, Colfax took issue with Step Two in Google’s process, in which it is left to police to determine which devices will be subjected to additional scrutiny. “The discretion to select which devices for which Google must provide additional Step Two data should fall on the judiciary, not the executive,” wrote Colfax, “to ensure that the selection process comports to the Fourth Amendment’s reasonableness requirement.”
Colfax’ final significant point related to the exclusion of the evidence obtained from the geofence warrant. She too found that the officer relied in good faith on the advice provided to him regarding such warrants, but this was insufficient under CalECPA, unlike under the Fourth Amendment. Colfax explained that “the Legislature deliberately chose not to incorporate a good faith exception into the statutory exclusion rule.” In making this decision, Colfax referenced §§ 1546.4(a) and 1546.1(d)(1). People v. Dawes, No. 19002022 SW# 42739 (Sept. 30, 2022).
Legal Criticisms
One of the main arguments made in criticism of geofence warrants is that they search an unknown number of persons who likely have nothing to do with the crime under investigation and, as such, constitutes a general warrant similar to the writs of assistance that were used to harass early American colonists.
An analysis from the Harvard Law Review notes that “a general warrant is one that ‘specifies only an offense,’ leaving ‘to the discretion of executing officials the decision as to which persons should be arrested and which places should be searched.’” As with many divisive topics in America, whether geofence warrants involve the unfettered discretion of government agents to conduct a general rummaging depends on the details.
One such detail is when the actual search occurs. Thus far, every court that has reviewed a geofence warrant has determined that the search occurs when Google provides location data to the requesting law enforcement agency at the end of Step One.
But the Harvard Law Review article argues that the search occurs earlier than this. Google has told courts that, in order to produce data in Step One, it must compare every record and Sensorvault to the searched criteria. And, arguably, Google is acting as “a government agent” when it does so because it is searching Sensorvault in response to legal compulsion and “with the participation or knowledge of a government official.” United States v. Jacobsen, 466 U.S. 109 (1984). The logical extension of this argument is that every person who uses Google’s location history is searched every time Google responds to any geofence warrant. This search is even broader than a CSLI tower dump.
“The difference between a tower dump and step one of Google’s framework is obvious: the tower dump involves only data tied to the cell tower’s location, while Google searches all of its location data even though none of it may be within the parameters of a geofence warrant,” wrote the Harvard Law Review.
If geofence warrants were to be assessed from this position, it is likely that none would pass constitutional muster, and such an argument could be used to support a legislative ban on this misuse of Google’s data.
However, even the Harvard Law Review notes that SCOTUS may choose to allow geofence warrants, even if the search is said to occur at the beginning of Step One, because it involves an extremely limited intrusion into a person’s private space. SCOTUS’ rulings in Jones and Carpenter both involved a significant period of time during which the suspect was under a form of electronic surveillance.
Knowing where an individual is at one point in time is much less intrusive than following them around for days or weeks, largely because the latter allows police to ascertain historically private details such as religious associations or sexual habits. Piecing together a picture of a person’s life using continuous surveillance or multiple types of surveillance in concert has been dubbed the “mosaic theory.” According to Tim O’Brien, an ethical tech advocate at Microsoft, this is a means of identifying Fourth Amendment searches by “analyzing police actions over time as a collective ‘mosaic’ of surveillance” such that a “mosaic can count as a collective Fourth Amendment search even though the individual steps taken in isolation do not.”
Also to be considered in this context is how such data, once obtained by police, contributes to the surveillance milieu of other data collected by police. Larger organizations such as the Chicago and Los Angeles police departments have been known to collect mountains of data from various sources such as gunshot detectors, automated license plate readers, public and private security cameras, and social media posts. The inclusion of historical location data must be viewed in this context.
Even where the data released by Google is indexed by device ID and is never unmasked—some geofence warrants, especially when the three steps are separated into individual warrants for each step, do not involve an unmasking—this is no guarantee of anonymity.
O’Brien notes that in “2013 researchers studied fifteen months of human mobility data for one and a half million individuals and found that even coarse-grained data that specifies a person’s location hourly was ‘enough to uniquely identify ninety-five percent of the individuals.’”
SCOTUS’ ruling in Ybarra v. Illinois, 444 U.S. 85 (1979), is considered instructive on the constitutionality of geofence warrants. Ventura Ybarra was a patron of the Aurora Tap Tavern who was searched when police were executing a warrant that authorized the search of the tavern and the bartender for evidence of heroin distribution. In searching the “tavern,” police conducted physical searches of all the bar’s patrons, at which point they found Ybarra in possession of heroin.
The Court noted that “the agents knew nothing in particular about Ybarra, except that he was present, along with several other customers, in a public tavern at a time when the police had reason to believe that the bartender would have heroin for sale.” In suppressing evidence obtained in the search, the Court ruled that “a person’s mere propinquity to others independently suspected of criminal activity does not, without more, give rise to probable cause to search that person.” Critics liken the situation in Ybarra to geofence warrants.
Another criticism of geofence warrants is whether there is a fair probability that Google has information on a suspect or witnesses to a crime. Judge Colfax concluded there was a fair probability “that the suspects were: (I) located inside the geofence during the specified period; (II) using their cell phones; (III) communicating location history to Google through the cell phones; and (IV) traceable through the information stored in Google’s Sensorvault.”
This was based on the fact that “84% of Americans own[ed] smartphones in 2018” and that there were “592 million daily active users of Location History worldwide.” About a third of active Google users have Location History on their accounts.
But this is a misunderstanding of the statistics, which is at odds with Google’s claims. Although the number of active Location History users is 592 million, that number is the worldwide figure. A more important number would be the number of active Location History users in the U.S. as compared to the general population. If Android users are just under half the adult population in the U.S. and only one-third of Google users have Location History enabled, there’s only an approximately one-in-six chance that the data sought will be in Google’s database. Is that a fair probability?
The last legal criticism of geofence warrants is more of a criticism of the justice system in general, and it is that the mechanisms of oversight are so clearly lacking where geofence warrants are concerned. Indeed, the vast majority of such warrants are judicially approved but Google rejects some portion as overbroad, the only effective check on police misuse appears to be corporate, not judicial.
As mentioned earlier, the majority of geofence warrants are judicially sealed so that the public cannot inspect them. Hence, warrants are processed and approved without the knowledge of the users who are affected.
“The thing about these abuses in these instances is they’re hidden,” remarked tech security expert Bruce Schneier. “If there’s an abuse, you’re not going to know because of parallel construction, which is the way data obtained illegally is washed and not used in court, but data obtained from that data is used.”
“I’m sure it happens a lot where the NSA passes the FBI data,” Schneier said. “The NSA tells the FBI, ‘This thing is happening on a street corner,’ and the FBI just happens to have an officer there, and the NSA involvement is never mentioned. And, of course, if the FBI has this kind of data, they’re likely to use it for whatever they [want].”
Police departments also seem reluctant to reveal that they are using geofence warrants. All law enforcement agencies in California are required by state law to disclose executed geofence warrants or requests for geofence information, accessible to the public through California’s OpenJustice dataset.
“Between 2018 and 2020, [Google] said in a recent transparency report, it had received 3,655 geofence warrant requests from agencies operating in the state.” Yet, a review by markup.org “of the state’s data between 2018 and 2020 found only 41 warrants that could clearly constitute a geofence warrant.”
“When the providers are telling you one thing, and the government is telling you another, then something’s broken, and it needs to be fixed,” said Albert Gidari, who previously served as consulting director of privacy at the Stanford Center for Internet and Society.
In addition to blatant abuses that may go unnoticed, there is a more subtle issue at play: asymmetric expertise. Geofence warrants are a comparatively new tool, one with a complicated technological and legal underpinning. A great many magistrate judges and criminal defense attorneys have not heard about them or, if they have, don’t have the training to understand the issues at stake.
Accordingly, judges deciding whether to approve geofence warrant applications are at a distinct advantage. Law enforcement officers applying for geofence warrants regularly attest to receiving specialized training in “digital forensics, cellular phone analysis and cellular technology” or “formal and on the job training in cybercrime investigation techniques, computer evidence identification, and computer evidence seizure and processing,” according to O’Brien.
Though judges are encouraged to obtain continuing education, most have no specific requirement to get training, especially in specialized areas of technology. Further, one of the largest providers of continuing education for judges, the National Judicial College, had no courses in its 2021 online catalog that mentioned the terms “geofence” or “reverse location.”
Public defenders, who litigate the bulk of criminal cases in the U.S., are similarly at a disadvantage. “Public defenders are often the most overworked and underpaid lawyers in the criminal justice system, with little time and few resources to research the new technology now being used against their clients,” wrote Johana Bhyiyan, a reporter for theguardian.com. “This, in turn, creates an uneven playing field that disadvantages the most vulnerable people: those who can’t afford private attorneys.”
“Often for the folks who are the most targeted by these tools and the criminal legal system, the only person standing between them and a jail cell is their public defender,” said Jumana Musa, the director for the Fourth Amendment center for the NACDL. Her group provides resources and, sometimes, litigation support to attorneys unfamiliar with new investigative tools. The litigation director for the Fourth Amendment Center, Mike Price, describes the situation as “playing Whac-A-Mole” because even as the group identifies and learns about a new surveillance technology, the rapidity of development outpaces them.
Our justice system is, in theory, supposed to safeguard the constitutional rights of all citizens, regardless of their ability to afford a lawyer. However, this stark knowledge asymmetry further disrupts the standard adversarial process to heavily favor the government at a time in history where government already has the upper hand for a multitude of other reasons.
Problems and Solutions
The justice system in this country is already suffering the strain of having to support decades of mass incarceration, and the introduction of new tools like geofence warrants present yet another strain on the system.Most people in the U.S. are unaware of the actual surveillance capabilities of local, state, and federal law enforcement, and this includes geofence warrants. Despite warnings about government and corporate collection of data, approximately a third of Google account holders enable the location history feature, regardless of the fact most never use the “benefits” advertised by Google for doing so.
When a crime is committed and police have no suspects, they will almost certainly go to Google with a geofence warrant. Whether or not the perpetrator had a smartphone that was reporting its location to Google, police are going to develop suspects from this pool of data exhibiting what is obviously an availability bias. This means that every person who uses the Location History feature has unknowingly entered themselves in a wrongful arrest lottery.
Take the case of Jorge Molina from Avondale, Arizona. Police arrested Molina in connection with a March 2018 murder after determining a device linked to his Google account was at the scene of the crime. He was told by a police interrogator that his phone “one hundred percent, without a doubt” placed him at the crime scene, and he spent six days in jail. Further, police told dozens of media outlets that he was the primary suspect, and he subsequently “dropped out of school, lost his job, car, and reputation and still has nightmares about sitting alone in his jail cell,” according to the Harvard Law Review.
Further investigation found that Molina had lent an old phone—which was still tied to his Google account—to “Marcos Cruz-Gaeta, the ex-boyfriend of Molina’s mom,” so the investigation pivoted away from Molina. However, the damage to Molina’s life was already done.
As outrageous as false arrests are, they are infrequent enough that they are unlikely to generate sufficient outrage for the public to demand change. A much more likely agent of change will be when Google begins receiving warrants for data intended to prosecute politically divisive laws.
Though abortion providers in states where it has effectively been criminalized will likely choose to simply close down or switch to providing other family healthcare services, consider the consequences if police in Texas start seeking geofence warrants for a facility in New Mexico at random intervals with the intention to link it back to a Texas resident. For the issue of abortion access, the issue of digital dragnets violating electronic privacy only begins with geofence warrants but also branches to other data stored with providers like Google.
It is not farfetched to see warrants seeking data from companies that operate period-tracking apps. Given a large enough database, police are sure to find more than a few women who go a month or two without a period and then start up again. Should we trust that the anti-abortion police aren’t going to harass these women and maliciously interpret possible miscarriages?
Along the lines of geofence warrants are keyword search warrants. These involve police requesting information from Google on anyone who searches for a particular term on Google’s main page. These have, most recently, been used to prosecute arsons because arson suspects are believed to be interested in viewing news coverage about the fires they cause. But these could easily be wielded against women researching abortions or related services.
“It is so chilling. It is so broad. It is contrary to our civil rights. And yet, because Google has so much of our data, it’s just a ticking time bomb for pregnant people,” said Albert Fox Cahn. “This is the equivalent of going to a library and then trying to search every person who checked out a specific book. We would never allow that in an analog world.”
In July 2022, Google announced it was “committed to deleting location data that shows when people go to abortion providers, fertility centers and other ‘particularly personal’ places,” and Google executive Jen Fitzpatrick wrote a blog post reminding users that they can manage Location History settings and remove history containing possibly sensitive information.
Google employees, some led by Ashok Chandwaney, a software engineer and part of the Alphabet Worker’s Union, has criticized Google’s commitments. “They’re really looking for these short, punchy press releases that get this breathless, ‘Wow, Google is doing such good things,’ or ‘Alphabet is doing such good things,’ coverage in the tech media, but then really aren’t actually substantial,” said Chandwaney.
His group is pushing to “make it so that the data that could get people charged, or fined, or thrown in jail, or whatever, for seeking out healthcare, is not a thing that the company has to give to law enforcement.” Such solutions are going to have to come from legislatures. The courts are going to allow geofence warrants and other limited intrusions into cloud storage data, and law enforcement have shown they cannot be trusted to not abuse their surveillance capabilities.
“The laws have to be changed,” said Bruce Schneier. “There’s no magic thing you can do on your phone to protect it. These are systemic problems that need systemic solutions. So, make this a political issue.”
The NACDL’s Mike Price said, “[y]ou have to imagine companies like Google know that if they collect the data, law enforcement will come.” Price’s description of the dance between new surveillance tech subsidized by corporate giants and constitutional privacy protections as “Whac-A-Mole” will continue to be the status quo until we, as a society, decide that nobody, corporations or governments or whoever, should be able to collect the amount of private information about people that Google and other tech companies have been able to amass.
An argument can be made that Google needs such data to effectively sell ads, but that efficiency is not significantly diminished when Google is unable to retain that data. The European Union’s General Data Protection Regulation has done an adequate job at preventing companies from collecting user data, and it has provided for economic incentives that have shifted some of the power toward user control of data. The U.S., home to many of these corporations, should be able to do better.
Conclusion
Without thoughtful, proactive legislation affecting the entirety of the U.S., geofence warrants will only be the tip of the coming iceberg of all encompassing, tech enabled intrusions into the private lives of people, with many more (and more shocking) intrusions to follow.
However, there appears to be some good news. In December 2023, Google announced several changes to how it handles Location History data. Google listed three changes: (1) Location History data will be stored on the user’s device, not with Google as the default, (2) by default, the data will be deleted after three months (it’s currently stored for at least 18 months), and (3) upon backing up user data to the cloud, Google will “automatically encrypt your backed-up data so no one can read it, including Google.”
Presumably, these changes will result in Google being unable to provide the massive amounts of location data that it currently is capable of doing, thereby making geofence warrants as an investigative tool less effective and thus less attractive to law enforcement. Only time will tell if that turns out to be the case, but it is reason for cautious optimism that this may signal the end, or at least the end of the rapid expansion, of this mass surveillance tool.
Sources: Harvard Law Review, “Geofence Warrants and the Fourth Amendment”(2021); Eff.org, “Geofence Warrants and Reverse Key Warrants are so Invasive Even Big Tech Wants to Ban Them”(2022); nacdl.com; Stanford Law Review, “Against Geofences”(2022); computerworld.com; transparencyreport.com; theguardian.com; libertas.org; Stanford Law Review, “Against Geofences”(2022); Vanderbilt Law Research Paper, “Suspectless Searches”; Tim O’Brien, “Suspicionless Search: Geofence Warrants and the Fourth Amendment”; themarkup.org; npr.org; capitolweekly.net; nbcnews.com; 12news.com; techdirt.com, “Utah Cops Used ‘Reverse Warrants’ to Track Down a Bunch of Petty Criminals”(2022); techdirt.com, “Feds Used Sought Data on Police Brutality Protesters in Kenosha”(2021); techdirt.com, “Feds Using Reverse Warrants to Track Down Arson Suspects”(2020); techdirt.com, “Minnesota Judges Spent Only Minutes Approving Sweeping Cellphone Warrants”(2019); techdirt.com, “Feds Also Using Reverse Warrants to Gather Location Info on Non-Suspects”(2018); blog.google/products/maps/updates-to-location-history-and-new-controls-coming-soon-to-maps msnbc.com; eff.org
As a digital subscriber to Criminal Legal News, you can access full text and downloads for this and other premium content.
Already a subscriber? Login