Government's 'Reverse' Warrant Rejected By Two Consecutive Federal Judges
from the kind-of-hard-to-show-particularity-when-you're-asking-for-everyone's-dat dept
The government doesn’t always get what it wants. A novel twist on mass surveillance — the so-called “reverse” warrant — is becoming more popular now that law enforcement has realized Google maintains a stockpile of cell location data.
Reverse warrants are just that: completely backwards. Cops don’t have a suspect to target. All they have is a crime scene. Using location data allows them to work backwards to a list of suspects. Officers geofence an area around the crime scene and head to Google to ask for all information on cellphones in that area during the time the crime was committed. This treats everyone in the area as a suspect until investigators have had a chance to dig through their data to narrow down the list.
Warrants are supposed to have a certain amount of particularity. These warrants have none. All they have are some coordinates and a clock. Fortunately, as the EFF reports, some judges are pushing back.
Two federal magistrate judges in three separate opinions have ruled that a geofence warrant violates the Fourth Amendment’s probable cause and particularity requirements. Two of these rulings, from the federal district court in Chicago, were recently unsealed and provide a detailed constitutional analysis that closely aligns with arguments EFF and others have been making against geofence warrants for the last couple years.
The unsealed order [PDF] — written by Magistrate Judge M. David Weisman — deals with a stolen pharmaceuticals investigation. Judge Weisman has a big problem with the vast amount of data this would give investigators and the lack of limits they’re willing to apply to themselves.
The warrant presented in this matter suffers from two obvious constitutional infirmities. First, the scope of the search is overbroad, and second, the items to be seized are not particularly described. As to the scope of the warrant, the government is seeking all of the data of the cellular telephones that accessed Google applications or use Google’s operating system in the three requested geofrances. In this affidavit, the government asserts that approximately 97% of smartphones in the world use Google applications or Google’s operating system. Moreover, the area covered by each of the geofences is large, and a majority of the area sought encompasses structures and businesses that would necessarily have cell phone users who are not involved in these offenses. Each geofence encompasses 7.7630627 acres of land. Despite the geographic and practical reach of the geofences, the government’s evidence of probable cause is solely focused on one user of a cellular telephone. As to the particularity of the items for which the government can search, the warrant application is completely devoid of meaningful limitation. The application indicates the agents will be searching for “evidence or instrumentalities of” the listed offenses, but nothing more.
The judge points out the area covered by each of the three geofences is roughly the same as Wrigley Field. These geofences are being laid down in a “densely populated city” near restaurants, a large residential complex, “various commercial establishments,” and medical offices.
There’s no case on point the government can cite in support of this overly-broad demand for information on potentially thousands of non-suspects. What it does cite is efforts it isn’t actually making, choosing instead to deploy a dragnet and work backwards to establish something resembling probable cause. The judge says the government is better off doing those things, rather than asking the court to bless a Google-aided fishing expedition.
If the government believes that the information it seeks from Google can be obtained by a grand jury subpoena (or some other process), then it should proceed in that manner. But the government seeks a search warrant and offers no justification for jettisoning the tradition standards of Fourth Amendment jurisprudence…
The government claimed that because it does not receive identifying info with the bulk batch of location records in the geofence, the warrant is still valid. Investigators use this “anonymized” data to compile a list of “suspect” devices and only then asks Google for identifying info. Therefore, according to the government, the thousands of innocent people swept up in the broad request will most likely be discarded before the hunt for suspects resumes. (This doesn’t always happen.) The court doesn’t agree with this assertion at all.
This argument fails on multiple levels. First, it is factually untrue. There is no objective measure that limits the agents’ discretion in obtaining information as to each cellular telephone in the geofence. For example, the warrant does not limit agents to only seeking identifying information as to the “five phones closest to the center point of the geofence,” or some similar objective measure of particularity.
In support of this baseless argument, the government cited the Playpen investigation, where malware was distributed by the FBI and returned identifying info from every computer that visited a dark web child porn site. The judge says targeting people who visited a site that was clearly serving up child porn is vastly different than demanding info on people who were simply working, visiting, or existing in an area where a crime was committed. The government has no right to collect data on everyone and using that as a starting point to search for suspects.
Judge Weisman rejected this application on July 8th. The government decided to edit a few things on its warrant application and run it by another magistrate. Judge Gabriel Fuentes is no more impressed than Judge Weisman. [PDF]
While the government said the Supreme Court’s Carpenter decision does not apply (since it’s not interested in tracking one person’s movements via cell site location data), the court disagrees. Carpenter does apply because the underlying message from that decision is that the “reasonable expectation of privacy” applies to cell site location info.
[T]here is much to suggest that Carpenter’s holding, on the question of whether the privacy interests in CSLI over at least seven days, should be extended to the use of geofences involving intrusions of much shorter duration. As far as the third-party doctrine is concerned, the record before the Court suggests that device users connect to Google’s location services, or to Google applications that cause them to reveal their location information to Google, with great regularity. The Court finds it difficult to imagine that users of electronic devices would affirmatively realize, at the time they begin using the device, that they are providing their location information to Google in a way that will result in the government’s ability to obtain – easily, quickly and cheaply – their precise geographical location at virtually any point in the history of their use of the device.
This is also far more intrusive than the data at stake in Carpenter.
The proposed geofences in the Amended Application would establish the person’s physical location with far greater precision. The government did not provide a square-footage estimate, but at one location, the geofence is to be drawn around a specific business establishment and extends to the sidewalk and street outside it and to at least three residential floors above it; at the second, the geofence encompasses a business establishment and the parking lot next to it, along with at least one set of lanes of a very busy thoroughfare. The government would therefore learn precisely where the devices were used, not just within a city block or a two-mile-long stretch of that block, but within and outside of a single business establishment or set of residences on that block. The information to be generated by the proposed geofence warrant would not be an “all-encompassing record” of a person’s movements, but it is a record of almost exactly where that person was at a particular time.
The government’s amended warrant — which shrunk the geofences a bit and limited what investigators could do with the data received from Google — still fails. It fails because it turns a bunch of innocent people into suspects, which isn’t what warrants are supposed to do.
Because the proposed warrant here seeks information on persons based on nothing other than their close proximity to the Unknown Subject at the time of the three suspect shipments, the Court cannot conclude that there is probable cause to believe that the location and identifying information of any of these other persons contains evidence of the offense.
[T]he proposed warrant would grant the government far greater discretion, namely, to sort through the location information and derivative identifying information of multiple people to identify the suspect by process of elimination. This amount of discretion is too great to comply with the particularity requirement, and the proposed warrant thus suffers from the same fatal particularity flaw as did the proposed warrants in the first two applications.
This kills one geofence warrant. There are plenty more out there. Given the lack of published pushback, it appears magistrates feel these “reverse” warrants are fine because they’re warrants. But those who have approved “reverse” warrants should pay more attention to Supreme Court precedent. A warrant is not a permission slip to search everyone who happens to be in a location targeted by a search warrant. Here’s the EFF’s summation of the Supreme Court ruling cited by Judge Fuentes:
Notably, the court looked back to the Supreme Court’s decision in Ybarra v. Illinois (1979), a case that famously established that a warrant to search a bar and a bartender didn’t give police the power to search every person who happened to be in the bar.
In essence, the geofence warrants allow the government to grab everyone in the area, seize their devices, and take a look at their location history. That the government is doing this via Google doesn’t make it any less of Constitutional violation.