Accidentally Unsealed Document Shows Feds Are Using Reverse Warrants To Demand Info On Google Searches
from the searching-the-searchers dept
Not only is the government using “reverse warrants” to rummage around in your Google stuff, it’s also using “keyword warrants” to cast about blindly for potential suspects.
Reverse warrants (a.k.a. geofence warrants) allow the government (when allowed by courts) to work its way backwards from a bulk collection of data to potential suspects by gathering info on all phone users in the area of a suspected crime. The only probable cause supporting these searches is the pretty damn good probability Google (and others but mostly Google) have gathered location data that can be tied to phones. Once a plausible needle is pulled from the haystack, the cops go back to Google, demanding identifying data linked to the phone.
This search method mirrors another method that’s probably used far more often than it’s been exposed. As Thomas Brewster reports for Forbes, an accidentally unsealed warrant shows investigators are seeking bulk info on Google users using nothing more than search terms they think might be related to criminal acts.
In 2019, federal investigators in Wisconsin were hunting men they believed had participated in the trafficking and sexual abuse of a minor. She had gone missing that year but had emerged claiming to have been kidnapped and sexually assaulted, according to a search warrant reviewed by Forbes. In an attempt to chase down the perpetrators, investigators turned to Google, asking the tech giant to provide information on anyone who had searched for the victim’s name, two spellings of her mother’s name and her address over 16 days across the year. After being asked to provide all relevant Google accounts and IP addresses of those who made the searches, Google responded with data in mid-2020, though the court documents do not reveal how many users had their data sent to the government.
This isn’t the first time this form of warrant has been used to acquire data that might lead police to suspects. In 2017, public records enthusiast Tony Webster reported that police in Minnesota had used the same technique to attempt to work their way backwards to a fraud suspect. In that case, investigators served Google with a subpoena for data on everyone who had searched for the identity fraud victim’s name. When Google refused to grant this request, the police approached a judge for permission to ask Yahoo and Bing the same question. This request was granted.
The same method was reported on again in 2020, when investigators used a keyword warrant to look for people who had searched the address of an arson victim. In this case, Google complied, returning only a single result relevant to the time, place, and search terms — one that led police to a suspect with some pretty suspicious location data.
But these are not the only examples. And the broad search attempted here isn’t even the broadest keyword search seen in court documents. Shortly after publication, the EFF arrived with an update:
After publication, Jennifer Lynch, surveillance litigation director at the Electronic Frontier Foundation (EFF), highlighted three other Google keyword warrants that were used in the investigation into serial Austin bombings in 2018, which resulted in the deaths of two people.
Not widely discussed at the time, the orders appear even broader than the one above, asking for IP addresses and Google account information of individuals who searched for various addresses and some terms associated with bomb making, such as “low explosives” and “pipe bomb.” Similar orders were served on Microsoft and Yahoo for their respective search engines.
As is the case in any warrant that has the word “reverse” appended to it (even colloquially), there are Fourth Amendment concerns. Casting a wide net to catch all possibilities before working backwards to a suspect may sound like canvassing a neighborhood after a crime, but the comparison is pretty weak. The wider the net, the higher the chance of arresting the wrong person. Unlike talking to people near a crime scene, reverse warrants dispense with alibis, investigators’ intuition, and other efforts that reduce the chance of bagging the wrong suspect. And the demand for data makes everyone a suspect — something analogous to hauling everyone in the area back to the police station for questioning. The data heads to the police who then try to make sense of the bulk collection.
Probable cause doesn’t work that way. Just because it’s a safe assumption Google has gathered data relevant to the investigation does not justify demanding all relevant information, regardless of its actual link to the crime being investigated. The sealing of warrants like these isn’t just to protect the integrity of the investigation or to prevent suspects from being alerted. It’s safe to say law enforcement is aware the public (and their often-unaware oversight) will take a dim view of these fishing expeditions. And the more often they’re exposed, the more often suspects tracked down using these searches will challenge them.