Reverse location search warrants: How police departments force Google to hand over data on anyone near a crime scene.

Photo illustration by Slate.

On the night of March 16, 2017, the city of Raleigh, North Carolina suffered its biggest fire in a century. The flames scorched 10 buildings, including churches and businesses. A seven-story apartment complex, then under construction, was reduced to ashes. The fire ultimately caused $50 million in damages.

Over the next year, authorities investigated the fire but seemed to struggle to determine its cause. According to a report by local NBC affiliate WRAL , the Raleigh police went to extreme lengths to find out if an arsonist may have set the blaze. Investigators served a search warrant to Google, asking that the company to provide the coordinates of any phones that were in the area between 7:30 p.m. and 10:30 p.m. on the night of the fire. It was likely for naught—police ended up classifying the cause of the fire as “ undetermined .”

Police departments across the country have been knocking at Google’s door for at least the last two years with warrants to tap into the company’s extensive stores of cellphone location data. Known as “reverse location search warrants,” these legal mandates allow law enforcement to sweep up the coordinates and movements of every cellphone in a broad area. The police can then check to see if any of the phones came close to the crime scene. In doing so, however, the police can end up not only fishing for a suspect, but also gathering the location data of potentially hundreds (or thousands) of innocent people. There have only been anecdotal reports of reverse location searches, so it’s unclear how widespread the practice is, but privacy advocates worry that Google’s data will eventually allow more and more departments to conduct indiscriminate searches.

Google didn’t respond to Slate’s request for comment on how the company handles requests. The company told Forbes last year: “We always push back on overly broad requests for our users’ data.” [Update: Google sent Slate a statement after this article was published, which read, “We have an established process for managing requests for data about our users, and in these particular instances, require a search warrant. We always push back on overly broad requests to protect our users’ privacy.”]

WRAL was able to uncover four instances in which the Raleigh Police Department sought reverse-location data in 2017 for investigations into murder, sexual battery, and the suspected arson. Police were able obtain data for crimes that occurred as far back as 2015. Only one of the cases has resulted in arrest. In their warrants, police have instructed Google to keep the data requests secret for up to three months. The department reportedly got the idea to use reverse location searches after learning that the State Bureau of Investigation in Orange County, California, had also employed the technique.

In Minnesota, police departments have obtained at least 22 reverse-location search warrants since August, according to reporting by Minnesota Public Radio . The warrants have, at times, sought location data in 33-hour windows, potentially giving officers information on tens of thousands of people. The warrants have sought to gather identifying data in crimes ranging from home invasions to a theft of $650 worth of tires. In one case, the reverse-location data was requested to help solve a fatal shooting from 2013.

It’s not just local police departments that have requested location data dumps from Google: Forbes discovered that the FBI also used the technique in Virginia to investigate a string of robberies at a Dollar Tree between last March and September. The bureau requested the identifying information of all Google account holders in two areas with a 375-meter radius, and another with a 300-meter radius, during the times that the robberies took place.

The government has long applied a broad dragnet approach to cellphone location data. Law enforcement at the local, state, and federal levels have made thousands of requests for “ cell tower dumps ” since 2010, which involves collecting information on every phone connected to a cell tower at a certain time. Police have also been known to use StingRays , which are devices that send out broadcast signals stronger than those coming from actual cell towers, thus tricking cellphones into connecting to the device. The StingRay operator can then locate all connected phones.

However, Google’s location-tracking capabilities are more powerful than either of these methods. When authorities request cell tower data, they can see the approximate locations of any phone connected to a nearby tower. But they can retrieve much more reliable data from users of Android phones or certain Google apps. Google’s location-tracking functions are often more precise than those of cell towers for tools like Maps and even Gmail. Plus, the company collects tracking data from phones that aren’t connected to cell towers, such as those using GPS satellites or Wi-Fi. When police request location data from Google-connected devices, they’ve also been known to ask for more personal information, like browsing history and past purchases.

Many privacy advocates argue that these sort of indiscriminate data sweeps are prohibited under the Fourth Amendment, which generally dictates that searches by law enforcement need to be specific and limited only to what’s necessary. “[Law enforcement] needs to suspect a particular person or criminal activity, not just go, for example, search every home in a given area,” says Jennifer Lynch, who serves as the surveillance-litigation director for the Electronic Frontier Foundation. Minnesota also has a statute dictating that police must name a person of interest in tracking warrants, so it would seem that reverse location searches should be technically illegal in the state.

One of the main concerns with these generalized searches is that the data of unsuspecting innocent people inevitably falls into the hands of police. Even though these people might not be breaking any laws, the information that such methods dredge up could still be revealing and sensitive. “What if this type of location-based collection is occurring in our red light district and you’re finding out everyone who was there, or some sort of shady establishment? Or what if you’re targeting at a medical facility or religious house of worship?” says Jake Laperruque, who serves as senior counsel at the Constitution Project. “It gets really bad really fast.”

Some police departments have tried to implement limits on the amount of data accessible at one time in order to preserve privacy. Maine police officers asked Google in August to retrieve information only on users who were in at least two of the locations of interest during certain periods of time. Minnesota police officers have defended reverse location searches by pointing out that investigators follow a process whereby Google first assigns anonymized ID numbers to each phone when it hands the data over. Once investigators pinpoint a device that seems suspicious, they then request another warrant from the court to retrieve its identifying information.

However, Jerome Greco, a staff attorney for the Legal Aid Society, says these safeguards are inadequate. “Just because one police department does it this way doesn’t mean that the jurisdiction next to it is going to the same,” Greco said. “For us to have to rely upon an internal policy of a particular police department that could change at any time is not sufficient.” Greco also points out that there do not seem to be any publicly known policies about deleting the data after a certain amount of time. It’s plausible, then, that police departments might retain data even on bystanders, which could then be cross-referenced in future investigations.

Privacy advocates are encouraging judges to be more discerning in approving warrant applications. Because this is a relatively new technique, some worry that the courts do not understand the true invasiveness of what police departments are requesting, or much how much precise location data Google has stored. These warrant application also often only list GPS coordinates , potentially making it difficult for judges to discern the breadth of the area from which police are requesting location data—whether they’re approving a search of the area around a store, or around a whole shopping center. There have been further reports that judges have reviewed such warrants for as little as four minutes before signing them. “Thus far ,the courts have not been really great at narrowing to the ability of police to get these large swaths of information,” says Teresa Nelson, legal director for the American Civil Liberties Union of Minnesota. “We need the court to weigh in and put limits, to say, ‘Actually, no, this warrant was too broad and we’re not going to allow it.’ ”

There’s hope, though, that judges will soon catch on to what exactly is being asked in these warrants. As activists brought more awareness to cell tower dumps and StingRays, judges began to become more discerning and demand more limits when reviewing such requests from law enforcement. While it’s not a perfect fix—legislation would be much more effective—raising general awareness may be the best course of action in the short term.

Future Tense is a partnership of Slate , New America , and Arizona State University that examines emerging technologies, public policy, and society.

Similar Articles:

California Law Could be a Big Step Forward for Police Transparency

California Law Could be a Big Step Forward for Police Transparency

EFF Sues San Bernardino County Sheriff’s Department to Obtain Records About Use of Privacy Invasive Cell-Site Simulators

EFF Sues San Bernardino County Sheriff’s Department to Obtain Records About Use of Privacy Invasive Cell-Site Simulators

Queensland police computer hacking: no action taken in nearly 90% of cases

Queensland police computer hacking: no action taken in nearly 90% of cases

Google CEO: 'We can do better' on explaining privacy controls to users

Google CEO: 'We can do better' on explaining privacy controls to users