Police Are Using Google's Location Data From 'Hundreds of Millions' of Phones

"When law enforcement investigations get cold, there's a source authorities can turn to for location data that could produce new leads: Google."

An anonymous reader quotes CNET: Police have used information from the search giant's Sensorvault database to aid in criminal cases across the country, according to a report Saturday by The New York Times. The database has detailed location records from hundreds of millions of phones around the world, the report said. It's meant to collect information on the users of Google's products so the company can better target them with ads, and see how effective those ads are. But police have been tapping into the database to help find missing pieces in investigations.

Law enforcement can get "geofence" warrants seeking location data. Those kinds of requests have spiked in the last six months, and the company has received as many as 180 requests in one week, according to the report.... For geofence warrants, police carve out a specific area and time period, and Google can gather information from Sensorvault about the devices that were present during that window, according to the report. The information is anonymous, but police can analyze it and narrow it down to a few devices they think might be relevant to the investigation. Then Google reveals those users' names and other data, according to the Times...

[T]he AP reported last year that Google tracked people's location even after they'd turned off location-sharing on their phones.
Google's data dates back "nearly a decade," the Times reports -- though in a statement, Google's director of law enforcement and information security insisted "We vigorously protect the privacy of our users while supporting the important work of law enforcement." (The Times also interviewed a man who was arrested and jailed for a week last year based partly on Google's data -- before eventually being released after the police found a more likely suspect.)

"According to the Times, Google is the primary company that appears to be fulfilling the warrants," reports Gizmodo, adding that Apple "says it can't provide this information to authorities..."

"A thriving black market in location data has persisted despite promises from carriers to stop selling it to middlemen, who divert it from intended uses in marketing and other services."

Re: Good

Yes, citizen, it is.

Now, papers, please.

So they never delete anything?

[gweihir]

Will make it a lot easier for the next fascist government to identify all those that were at the "wrong" events or ever physically close to the "wrong" people, even decades later.

This data should be deleted after at most a year.

Re:So they never delete anything?

[Required+Snark]

Isn't the current fascist government good enough?

Re:So they never delete anything?

My friend, we live in the age of cheap storage. Nothing will ever be deleted, ever again. Instead, might I suggest never collecting the data in the first place?

Re:Wtf

It's wrong. Our devices should not work that way. It is too easy to be accused of wrongdoing, and have our privacy further violated. You will be added to a watchlist for the unsolved crime. You employer will likely be contacted by the police and they will not tell you. Your career could end simply because you were in the vicinity of a crime.

Never, never give a company or the police more information than absolutely necessary.

Don't worry!

This time around Anne Frank's diary will be on a remote wipeable smartphone, and it won't take them years to find them hiding in a attic or cellar, it will just take a check of facebook posts and friends webs to track down and purge the undesirable cultural, relgious, sexual, or ethnic groups we need demonized for the temporary stability of our regime. Of course the addition this time, is that we can take DNA samples from everyone and sequence them so even the most tenuous member of a group can be ethnically purged, and only our purest brethren saved and allowed into leadership positions in the party.

You think I am kidding? Just watch.

Re: Good

Did you miss the part where the wrong guy was arrested?

Re: Good

You, uh, think I read the article? Fuck that.

targeted ads

[religionofpeas]

It's meant to collect information on the users of Google's products so the company can better target them with ads

After all those billions spent, I am still waiting for my first relevant ad. I either see ads for products I have no interest in at all, or ads for products I have already looked at.

Re:targeted ads

[JaredOfEuropa]

Targeted ads are not about sending specific ads to interested individuals (even though they try and sell them to us as such, with words like "improved experience" and "more relevant"). Data like this is merely used to place a bunch of demographic tags on us: age, interests, income, job, political leaning, sexual orientation etc. Advertisers then target specific demographic groups that might be interested in their products. If your product appeals to republican lesbians who haven't had a haircut in the last 4 weeks, then you can target them, pay for 1,000 impressions rather than 10,000,000, and still be likely to hit the 2 prospects who are actually interested in your stuff. The odds that you are one of those 2 are decidedly poor in both cases, that's why the ads don't seem any more relevant to you even though they are "targeted"

Re:targeted ads

[tlhIngan]

After all those billions spent, I am still waiting for my first relevant ad. I either see ads for products I have no interest in at all, or ads for products I have already looked at.

Perhaps you should check your settings. Google has ad options, one of which is "non personalized ads" where they will show you only generic ads. You can set it to show the ads Google thinks are most relevant to you instead.

I set mine to be generic to keep down the creepy factor of having my searches show up in the ads.

It's worse

All the companies that collect this data have vulnerable storage of the raw data. If the NSA is willing to spend the money to analyze, they can harvest the raw, ananonymized data by tapping the exposed load balancers or copying the logs from the hosts in AWS or elsewhere. And so can every other nation's security experts and moles, by getting employees inside those companies to steal encryption keys or access keys. It's just not that well secured.

Re:Hard boiled frogs

Shut up, The Kardashians are on!

Re:Wtf

[JaredOfEuropa]

I think we need a law that says companies like Google are not allowed to retain this sort of intimate data for such a long time. Though I fully agree with the idea that if such data is allowed to be used, there needs to be sufficient cause, with access requiring a warrant.

Re:LineageOS

[Antique+Geekmeister]

I think not. Much of the stored data is on the server side, for applications like "google Maps" and "Uber" and "Lyft" and "Weather" that have legitimate reasons to know where you are. Your cell phone's identifying information, such as its connection in the cell phone data networks, its GPS, and the detected nearby wifi access points is part of how it determines the current location, and all of that can be stored on the server side, associated with any unique characteristics of your phone. Even if the attributes are not unique, such as MAC address from cheap NIC cheapsets, the data can be correlated with other data from nearby or from the same time period to help identify a target.

I am curious how the data is stored, and what it is optimized to provide answers for. Individual device tracking, and a record of all other MAC addresses seen during their use, is certainly a desirable goal for intelligence agencies.

Is the data reliable?

[AxeTheMax]

I look at my location history sometimes, especially after long trips. Two years ago on reviewing a trip to India it said I had been in Patna, a city I've never been within several hundred miles of. So I knew it was not dependable. I've just looked up the location history for that period in detail. It is still there. It says that I was in Domino's Pizza in Ashok Rajpath Rd, Chowk, Patna, it also says that I then travelled a distance of 1100 miles to a place in southern India where I had actually been, in 13 minutes, by car. It was probably caused by someone identifying a business address wrongly, but it is absolutely not reliable. Lawyers should question its accuracy.

Re:Good

Even better it's a great way for a criminal to get away with a crime and leave other people harassed or even convicted based on circumstantial data. Leave your cell phone at home and you have an air tight alibi. Have none at all and you're invisible to the system. With a police state, invisible is the best sort of state to be in.

Re: Good

[Creepy]

Oh? By posting here without identifying credentials or using an alias violates the Computer Fraud and Abuse Act of 1984. I have you on a class I felony. Speaking of, I need to report myself to termination bay 2 for posting using an alias.

Kidding aside, the law literally says that. It was designed mostly to protect ATMs but due to loose wording is often used to prosecute almost any computer "crime." You literally can't visit a website legally without giving them identifying credentials first under that law. Even a subscribe to a website page is illegal under that law (you need to provide that information before visiting). The law was partially written for modems, but the writers didn't understand how modems worked - they just saw the 1984 movie War Games and panicked.

Re:Already here

[rmdingler]

Discounting outright ballot fraud, influencing the outcome of political elections has always been a past time available to a very small fraction of the richest and most powerful humans on the planet. For the longest time, consolidation of the distribution of news to the public was a popular way to shape opinion by political Kingmakers. These activities have rarely been constrained within the sovereign border the Kingmaker resides.

Totalitarian regimes lock down control of the press and constantly monitor for dissent. In nations with the freedom to use the ballot box, wealthy individuals seeking power bought up newspaper, radio, and television properties to control the flow of information to the voting citizens.

Making life difficult for the rich and powerful, we have this damn internet thingie that virtually anyone can use to attempt to shape public opinion, even on a shoestring budget. I suppose at the very least, we have democratized the influencing business.