J6 Suspect Challenges FBI’s Geofence Warrant, Exposing The Massive Scale Of The Fed’s Data Haul

from the bring-me-everyone,-said-the-g-men dept

Geofence warrants are popular. They’re also controversial. Cops have discovered Google houses plenty of location data. Going to cell phone providers is a bit tricky, thanks to the Supreme Court’s Carpenter decision, which erected a warrant requirement for acquiring weeks or months of location data.

But geofence warrants don’t have a particular target. The only probability (as in “cause”) that exists is that it’s highly likely Google has collected some location data — data completely divorced from the cell towers owned and operated by cell service providers. These warrants dodge the scrutiny of Carpenter. And, since they’re warrants, it’s also possible to dodge judicial conversations about where the Third Party Doctrine begins and ends.

Geofence warrants have no specific target. Instead, law enforcement hopes grabbing massive amounts of data will help them work backwards from the haystack to the needle. But that’s not how things are supposed to work under the Fourth Amendment. Facts need to be particular at the outset, not several steps removed from the original dragnet. Some courts have rejected these fishing expeditions. Others have found there’s no privacy interest in data willingly (but actually unknowingly) shared with third parties like Google.

When Trump supporters converged on the Capitol Building in hopes of (apparently violently) keeping their preferred president in office, the FBI — pursuing cases involving a ton of federal crimes — started searching for suspects. This search began at Google with the deployment of geofence warrants issued in hopes of giving the feds a list of investigation targets.

The warrants used by the FBI remain under seal. But a challenge of this so-called evidence by a January 6th defendant has exposed just how much data was sought, along with the efforts made by the FBI to narrow down a voluminous data dump into something it could use to locate investigation targets.

Mark Harris of Wired has written a pretty thorough examination of the government’s geofence-related efforts. That report is largely based on a suppression motion [PDF] obtained by Marcy Wheeler, who broke the news at her blog, Emptywheel. Wheeler says she’s been waiting for a competent challenge of a geofence warrant. This suspect may have delivered.

The motion to suppress from David Rhine may be that challenge. Rhine was charged only with trespassing (though he was reportedly stopped, searched, and found to be carrying two knives and pepper spray, but ultimately released).

As described in his arrest affidavit, Rhine was first identified via two relatively weak tips and a Verizon warrant. But somewhere along the way, the FBI used the general GeoFence warrant they obtained on everyone in the Capitol that day. Probably using that (which shows where people went inside the Capitol), the FBI found him on a bunch of surveillance video, with his face partly obscured with a hat and hoodie.

The motion to suppress, written by Tacoma Federal Public Defender Rebecca Fish, attempts to build off a ruling in the case of Okello Chatrie (and integrates materials from his case) to get the GeoFence used to identify Rhine and everything that stemmed from it thrown out.

The geofence warrants served by the FBI utilized a three-step process. The first request was for everything. Then efforts were made to separate insurrectionists from non-insurrectionists. As is summarized here by Harris at Wired, the first dragnet warrant simply gathered data on everyone.

A filing in the case of one of the January 6 suspects, David Rhine, shows that Google initially identified 5,723 devices as being in or near the US Capitol during the riot. Only around 900 people have so far been charged with offenses relating to the siege.

Apparently, the first step of “rounding up the usual suspects” is the rounding up of “the everybody.” There’s a 4,800 person gap between what was originally obtained and who was originally charged. The court told the FBI to go back to Google with another request that would eliminate people suspected of nothing but being victims of this attack. So, it went back to Google to obtain info on people the FBI definitely knew weren’t possible suspects. This quote of the suppression motion comes from Emptywheel:

In this case, the second step of the geofence warrant was also done in bulk, given the lack of specificity as to the people sought. In the initial warrant, the Court ordered Google to make additional lists to eliminate some people who were presumptively within the geofence and committed no crimes. First, the warrant ordered Google to make a list of devices within the geofence from 12:00 p.m. to 12:15 p.m. on January 6. And second, the warrant ordered Google to make a list of devices within the geofence from 9:00 p.m. to 9:15 p.m. Ex. A at 6.

An important step, but one that seems divorced from the demands of the Fourth Amendment, which strongly suggests the government only serve warrants targeting suspected criminals or evidence, rather than to help it find actual criminal suspects to go after. But even if this is an important step, it should have been part of the original warrant. It should not have taken a court order to force the FBI to do the obvious thing: obtain a list of people who could not have possibly been involved in the criminal act under investigation. It’s not like geofence warrants are new. The FBI has been using them for years and apparently still has yet to develop best practices that reduce constitutional violations.

Google does push back on broad demands. It did that here, but it still resulted in the FBI obtaining a ton of location data and identifying info, some of which undoubtedly belongs to people who committed no crimes.

For the final step, the government sought subscriber information, including phone numbers, Google accounts, and email addresses, for two groups of users. The first was for devices that appeared to have been entirely within the geofence, to about a 70 percent probability. The second was any devices for which the Location History was deleted between January 6 and January 13

From this, in early May 2021, the FBI received identifying details for 1,535 users, as well as detailed maps showing how their phones moved through the Capitol and its grounds.

The problems inherent to these warrants are present here. The government asks for information on everyone in an area when a crime is committed, despite knowing that almost everything it requests will result in Google handing over location data and identifying info on dozens, hundreds, or — in this case — thousands of innocent people. That it may help guide investigators towards legitimate investigative targets isn’t enough to excuse the initial intrusion. And this info can be obtained for nearly any law enforcement reason, whether it’s to identify people who performed a violent raid of a federal building or women just seeking contraceptive advice.

This challenge could prove uncomfortable to the federal government. What’s shown in this suppression motion isn’t pretty. Better still, it makes the sealing of these warrants moot, which means the court should unseal them in the near future because whatever the government wanted to keep hidden is no longer a secret. The federal court system needs to subject these warrants to a whole lot of scrutiny. That they’re warrants shouldn’t excuse the fact that they’re untargeted dragnets the government hopes will eventually result in a list of criminal suspects. The entire process inverts the Fourth Amendment. And, to date, the only excuse the government can offer for this intrusion is that it isn’t really an intrusion. That’s the weakest of sauces, and it only works because courts have often decided the ends are what’s important, rather than the means.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “J6 Suspect Challenges FBI’s Geofence Warrant, Exposing The Massive Scale Of The Fed’s Data Haul”

Subscribe: RSS Leave a comment
mick says:

Re: Re:

If the Constitution says “no general search warrents”

It doesn’t, and not only because “warrents” aren’t a thing. I see no legal issue at all with a geofence warrant that ONLY looks at people inside the Capitol building, and this article doesn’t offer such a legal argument.

This is not a case of “someone robbed a bank so we should look at every person in the vicinity of the bank at the time.” Every person who entered the Capitol was a criminal.

Anonymous Coward says:

General warrants do not meet things like, oh,the particularity requirement of 4A. So the Constitution says that thing that you don’t think it does. Even Merrie Olde England said “Nope, no more,” to general warrants 10 years before certain colonies in the Americas declared independence.

This is exactly like “someone robbed a bank”, only with a lot of someones.

“Every person who entered the Capitol was a criminal.”


Anonymous Coward says:

Bad defendants will make bad law

I tend to agree with Marcy’s argument that Rhine’s motion is wellpleaded but among the weaker possible cases. From filings, it’s more probable that the geofence data was used to track Rhine through the capitol after he’d been identified by flimsyish tips and the subsequent Verizon warrant. Those, such as Arredondo, who were identified through the Geofence would seem to have a stronger case.

Overall, this one of the only times I’ve aligned with feds on the reasonable expectation of privacy and I do see an easy path towards distinguishing between breaking and entering into a federal building that is specifically and somewhat atypically closed to the public and, say, being on the same block as a planned parenthood. If you find yourself, like me, on the less absolutist side in this instance – focus your frustration on the sloppiness of the investigation and government’s actions. There is a version of this geofence that was not as ripe for suppression and narrows, rather than expands, the situations where it can be used. These Feds did not go for that version.

Here, Hanlon’s razor and “Feature, not a bug” conflict as explanations for the government’s actions. I’m not sure which side I come down on.

Chozen (profile) says:


Yep and expect those precedence to be used again. That’s the whole point of Alex Jones and the Mike Lindell cases. Dominion which handles elections, which is specifically what the SCOTUS has declared state action, is claiming libel. I don’t fucking care if Lindell libeled Dominion. In carrying out a state action Dominion cannot sue anymore then BlackRock militia was allowed to sue for defamation in the 00s. It cannot be a legal libel if you are carrying out a state action.

BJL says:

Re: Reply

One of the “flimsyish” tips was a Face Book post his wife made CONGRATULATING him for taking part in the insurrection. Another tip was from a person who knew Rhine had been in Washington DC at the insurrection. I don’t call those tips weak.
People like Rhine, who despise our government, hate people who don’t agree with them, glom onto conspiracy theories about stolen elections THEN use public defenders paid for with OUR tax dollars to weasel out of the consequences of their own stupid actions really piss me off.
He committed a crime. This guy is a creep,.

This comment has been flagged by the community. Click here to show it.

Anonymous Coward says:

Tim, could you please not use every article you write to push your pro-murder agenda? There was no need to include that link, you could’ve made your point just as easily without it. Perhaps Techdirt should add “WE SUPPORT KILLING FOR CONVENIENCE” to its banner, hmm?

I doubt you have any real experience with abortion and support it simply from an idealistic point of view, unaware that doctors and nurses are leaving the field all the time, that basic embryology proves the practice wrong, and that a simple ultrasound is almost always enough to deter a woman from underdoing the procedure. And that many times they’re forced into it by their families and loved ones rather than it being the other way around.

Until you watch an abortion yourself and see the severed parts, you can’t say you really understand it. So, do you have the courage to watch? To see the cold reality of what you’re supporting? Any answer other than agreeing to do so says you don’t.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...