Accidentally Unsealed Document Shows Feds Are Using Reverse Warrants To Demand Info On Google Searches

from the searching-the-searchers dept

Not only is the government using “reverse warrants” to rummage around in your Google stuff, it’s also using “keyword warrants” to cast about blindly for potential suspects.

Reverse warrants (a.k.a. geofence warrants) allow the government (when allowed by courts) to work its way backwards from a bulk collection of data to potential suspects by gathering info on all phone users in the area of a suspected crime. The only probable cause supporting these searches is the pretty damn good probability Google (and others but mostly Google) have gathered location data that can be tied to phones. Once a plausible needle is pulled from the haystack, the cops go back to Google, demanding identifying data linked to the phone.

This search method mirrors another method that’s probably used far more often than it’s been exposed. As Thomas Brewster reports for Forbes, an accidentally unsealed warrant shows investigators are seeking bulk info on Google users using nothing more than search terms they think might be related to criminal acts.

In 2019, federal investigators in Wisconsin were hunting men they believed had participated in the trafficking and sexual abuse of a minor. She had gone missing that year but had emerged claiming to have been kidnapped and sexually assaulted, according to a search warrant reviewed by Forbes. In an attempt to chase down the perpetrators, investigators turned to Google, asking the tech giant to provide information on anyone who had searched for the victim’s name, two spellings of her mother’s name and her address over 16 days across the year. After being asked to provide all relevant Google accounts and IP addresses of those who made the searches, Google responded with data in mid-2020, though the court documents do not reveal how many users had their data sent to the government.

This isn’t the first time this form of warrant has been used to acquire data that might lead police to suspects. In 2017, public records enthusiast Tony Webster reported that police in Minnesota had used the same technique to attempt to work their way backwards to a fraud suspect. In that case, investigators served Google with a subpoena for data on everyone who had searched for the identity fraud victim’s name. When Google refused to grant this request, the police approached a judge for permission to ask Yahoo and Bing the same question. This request was granted.

The same method was reported on again in 2020, when investigators used a keyword warrant to look for people who had searched the address of an arson victim. In this case, Google complied, returning only a single result relevant to the time, place, and search terms — one that led police to a suspect with some pretty suspicious location data.

But these are not the only examples. And the broad search attempted here isn’t even the broadest keyword search seen in court documents. Shortly after publication, the EFF arrived with an update:

After publication, Jennifer Lynch, surveillance litigation director at the Electronic Frontier Foundation (EFF), highlighted three other Google keyword warrants that were used in the investigation into serial Austin bombings in 2018, which resulted in the deaths of two people.

Not widely discussed at the time, the orders appear even broader than the one above, asking for IP addresses and Google account information of individuals who searched for various addresses and some terms associated with bomb making, such as “low explosives” and “pipe bomb.” Similar orders were served on Microsoft and Yahoo for their respective search engines.

As is the case in any warrant that has the word “reverse” appended to it (even colloquially), there are Fourth Amendment concerns. Casting a wide net to catch all possibilities before working backwards to a suspect may sound like canvassing a neighborhood after a crime, but the comparison is pretty weak. The wider the net, the higher the chance of arresting the wrong person. Unlike talking to people near a crime scene, reverse warrants dispense with alibis, investigators’ intuition, and other efforts that reduce the chance of bagging the wrong suspect. And the demand for data makes everyone a suspect — something analogous to hauling everyone in the area back to the police station for questioning. The data heads to the police who then try to make sense of the bulk collection.

Probable cause doesn’t work that way. Just because it’s a safe assumption Google has gathered data relevant to the investigation does not justify demanding all relevant information, regardless of its actual link to the crime being investigated. The sealing of warrants like these isn’t just to protect the integrity of the investigation or to prevent suspects from being alerted. It’s safe to say law enforcement is aware the public (and their often-unaware oversight) will take a dim view of these fishing expeditions. And the more often they’re exposed, the more often suspects tracked down using these searches will challenge them.

Filed Under: , , ,
Companies: google

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Accidentally Unsealed Document Shows Feds Are Using Reverse Warrants To Demand Info On Google Searches”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Revelation 13:16-18
16 And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads:

17 And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.

18 Here is wisdom. Let him that hath understanding count the number of the beast: for it is the number of a man; and his number is Six hundred threescore and six.

sumgai (profile) says:

Re: Re: Re:2 Another Tell-tale sign....

Also, you aren’t talking to a fool, you’re talking at them (and certainly not with them, either). Because they simply refuse to acknowledge your contributions to the discussion. They do indeed think that they already know it all, and there’s no need to absorb anything from anyone in front of them, they’ve already heard it. Insofar as they are concerned, you are the fool for trying to espouse what they consider to be disinformation.

Rocky says:

Re: Deep into the weeds...

For those who take the bible too seriously. It’s shock-full of stuff that’s related to gematria (simply put, Hebrew ascii codes). Revelation 13:18 and the number there is essentially just a warning about Nero.

666 is the gematria sum for the Greek name for Nero Caesar written with Hebrew characters. If the name was the Latin form the gematria sum would be 616. It’s all about who translated what source text, ie compare to translating the German Herr to Mister or not while writing the result using Cyrillic characters. So anyone putting any significance in the number 666 has just been bamboozled by an ancient translator copying a codex in candle light.

Using gematria numbers to obfuscate names was quite common back then.

Rich says:

Reverse warrants, etc...

I understand these sorts of things are very difficult to force into alignment with any letter or spirit of the 4th amendment, but I do kinda think that there should be some legal means by which this sort of thing can be done. As you (Techdirt, et al.) have pointed out on numerous occasions, "anonymized" data means nothing, and that if you can cross-connect more than a couple of anonymized data points, you can pinpoint an individual pretty quickly. So, if I were law enforcement, and I knew the general time and place of a serious crime, and I had reason to believe that the "perp" had planned and researched the targets/victims, what would be the alternative to these sorts of searches, that could potentially turn a fistful of misc. data points into a name "tout suite?"

Note, this is not a "well, what’s wrong with that?" question, this is a begrudging acceptance that this practice could catch violent and terrible criminals, and I am wondering if it could be remotely possible for there to be a legal mechanism, perhaps only for cases meeting some specific criteria, that would also prevent general trolling for "suspicious" behavior by "those people" for the purposes of justifying the sending of some "peace officers" to hassle, roust, and generally violate those who possess more melanin than others, to put some of this relentless corporate data collection to some sliver of meaningful use.

Anonymous Coward says:

Re: Reverse warrants, etc...

and I am wondering if it could be remotely possible for there to be a legal mechanism, perhaps only for cases meeting some specific criteria,

No, because having used some agreed upon criteria to get a law passed, the government then redefines terms to get what they want. Weapons of mass destruction used to mean nuclear, biological and chemical weapons, but that has been changed to anything that kills more than one person,such as an improvised explosive device, or hand grenade. Next week it will include kitchen knifes, as they can be used to stab multiple people.

That Anonymous Coward (profile) says:

" three other Google keyword warrants that were used in the investigation into serial Austin bombings in 2018, which resulted in the deaths of two people "

Because no one living in terror of being blown up next would EVER ask a search engine about pipe bombs, its not like they are super unique things in popular culture.
Humans never ever hear about something & then google search it to try to learn more.

What is shredding a few more imaginary rights to be ‘safe’?
They’ll only use it against "bad guys", we can trust them despite the repeated evidence they can & will misuse it.

Its really sort of sad investigations have now been replaced with just Googling it.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...