Federal investigators trying to solve arson cases in Wisconsin have scooped up location history data for about 1,500 phones that happened to be in the area, enhancing concerns about privacy in the mobile Internet era.
Four Milwaukee-area arsons since 2018, as yet unsolved, have resulted in more than $50,000 of property damage as well as the deaths of two dogs, Forbes explains. In an attempt to find the person or persons responsible, officers from the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) obtained search warrants to gather data about all the devices in the area at the time.
The two warrants Forbes obtained together covered about nine hours' worth of activity within 29,400 square meters—an area a smidge larger than an average Milwaukee city block. Google found records for 1,494 devices matching the ATF's parameters and sent the data along.
While this is far from the first search to demand a wide swath of data in a given geographic location, Forbes notes, this is the highest number of results such a geofenced search has so far produced. Not only is that a whole lot of potentially unrelated data for investigators to sort through, but it's also possible that the search will prove entirely fruitless, as whoever committed the crimes may not have a phone, may not have brought it with them, or may have brought it with them in airplane mode or powered off.
The big net
The concept behind such a request is straightforward: you can't track the phone of a suspect you don't have, but you can start with the time and place the crimes were committed and look to see who was there. With that information in hand, they can drill down, as Forbes explains:
[T]he police give Google a timeframe and an area on Google Maps within which to find every Google user within. Google then looks through its SensorVault database of user locations, taken from devices running the tech giants services like Google Maps or anything that requires the “location history” feature be turned on. The police then look through the list, decide which devices are of interest to the investigation and ask for subscriber information that includes more detailed data such as name, email address, when they signed up to Google services and which ones they used.
While the ability to go through data that way might be handy for law enforcement, some privacy experts are not on board. Such a request "shows the unconstitutional nature of reverse location search warrants because they inherently invade the privacy of numerous people, who everyone agrees are unconnected to the crime being investigated, for the mere possibility that it may help identify a suspect," Jerome Greco, a pubRead More – Source