Court Documents Show The FBI Used A Whole Lot Of Geofence Warrants To Track Down January 6th Insurrectionists
from the easier-to-do-when-most-people-are-in-an-area-illegally dept
The new hotness for law enforcement isn’t all that new. But it is still very hot, a better way to amass a list of suspects when you don’t have any particular suspect in mind. Aiding and abetting in the new bulk collection is Google, which has a collection of location info plenty of law enforcement agencies find useful.
There’s very little governing this collection or its access by government agencies. Most seem to be relying on the Third Party Doctrine to save their searches, which may use warrants but do not use probable cause beyond the probability that Google houses the location data they’re seeking.
Law enforcement agencies at both the local and federal levels have availed themselves of this data, using “geofences” to contain the location data sought by so-called “reverse warrants.” Once they have the data points, investigators try to determine who the most likely suspect(s) is. That becomes a bigger problem when the area contained in the geofence contains hundreds or thousands of people who did not commit the crime being investigated.
These warrants have been used to seek suspects in incidents ranging from arson to… um… protesting police violence. They’ve also been used to track down suspects alleged to have raided the US Capitol building on January 6, 2021 — the day some Trump supporters decided (with the support of several prominent Republicans, including the recently de-elected president) that they could change the outcome of a national election if they committed a bunch of federal crimes.
Court documents suggest the FBI has been using controversial geofence search warrants at a scale not publicly seen before, collecting account information and location data on hundreds of devices inside the US Capitol during a deadly invasion by a right-wing mob on January 6.
While Google receives over 10,000 geofence warrants for location data in the US a year, those covering the Capitol breach appear to have been particularly productive, apparently enabling the FBI to build a large, searchable database in its hunt for the rioters.
Well, the documents do more than “suggest.” The underlying warrants are likely still sealed, so some conjecture is involved. But other stuff has leaked out around the redactions and the sealing, showing the FBI was issuing warrants even while the attempted insurrection was still underway. The feds can move fast when needed, apparently. This is from a criminal complaint related to Mitchell Vukich — one Capitol raider who not only tweeted he was inside the Capitol while still apparently in the Capitol (“I was one of the first 15 people in the #Capitol. Wild stuff. Be safe out there.“), but was caught on several security cameras as he made his way through the building and seemingly ran off with some government documents.
According to records obtained through a search warrant which was served on Google, on January 6, 2021, in and around the time of the incident, a mobile device associated with email@example.com was present at and in the interior of the U.S. Capitol on January 6, 2021.
However you may feel about the Asshat Revolution of January 6th, this isn’t an ideal — or even an acceptable — way to conduct an investigation. Reverse warrants make everyone in the area a criminal suspect. Probable cause doesn’t exist. It does in terms of Google: there’s a highly probable chance the company has location data captured in areas under investigation. But law enforcement asks for all of it and works backwards to find suspects. Once it does that, it has probable cause to seek identifying information. But this method inverts the accepted (under the Fourth Amendment) formula for performing searches.
And, since the search warrant (as well as the results of the search) are still secret, we can only assume the FBI acted in good faith. It may not have.
“What might have happened is that the FBI got the anonymized data and just got straight back in touch with Google and said we suspect 90 percent of these people, so give us their IDs,” says Matthew Tokson, a law professor and Fourth Amendment expert at the University of Utah. “Or it may have been an atypical warrant where they said to Google: Give us not only the numbers but the account names, because we think we have probable cause on the bulk of them.”
And that’s the concern law enforcement can keep from being addressed by asking for (and receiving) permission to seal warrant affidavits and discussions of this investigative technique, even though the technique is known and understood and already widely discussed in the public arena.
Suspects who think they can beat these warrants actually can’t. A lot of that can be traced back to Google, which has never been completely honest about its location data harvesting. Some of that can be pinned on the suspects, who fail to understand that a factory reset only affects data stored on that device.
[C]ourt documents say that Jeffrey Register deleted photographs of his time in the Capitol and even claimed to have factory-reset his phone in the days after the breach to obscure his tracks. It was already too late; the FBI appears to have identified him from the Google geofence data in January…
That’s the kind of thing that happens when you’re cosplaying insurrection, OPSEC is an afterthought. For the people hunting you down, however, finding and acquiring reams of culpatory data is the thing they get paid to do. Getting high on your own supply of confirmation bias can have consequences, especially when it involves the impromptu violation of federal laws.
But at the end of all this is the skyrocketing use of reverse warrants to identify criminal suspects. That it has only resulted in a few false arrests is a miracle, not an endorsement of the investigative technique. While there has been occasional pushback against inverting the constitutional status quo, the large number of geofence warrants served to Google every year suggest law enforcement isn’t too worried about losing access to a powerful tool that takes full advantage of private companies’ apparently unslakable thirst for personal data.