Geofence Warrants and Google: A Turning Point in Digital Privacy
In 2020, 23-year-old Jorge Molina was arrested in Avondale, Arizona, and charged with murder. Molina knew he was innocent, but during what he would later characterize as a “nightmare” scenario, police insisted they had their suspect during his interrogation. According to the police, Molina’s phone was “without a doubt” at the crime scene. Unbeknownst to Molina at the time, detectives arrested him based on Google location data obtained through a geofence warrant and because surveillance footage showed a white Honda registered to Jorge near the crime. Molina was eventually released after six days when his alibi was confirmed, but his arrest had lasting repercussions. Molina lost his retail job and had to drop out of school. Without an income, his car, which was impounded due to the investigation, was repossessed. Jorge’s estranged stepfather, who seemingly took Jorge’s car without permission, was eventually arrested in connection with the murder.
With stories like Molina’s, geofence warrants have become a controversial feature of modern law enforcement. Amid this backdrop, Google has announced pivotal changes to its handling of users’ “location history” data. These changes are poised to significantly impact the practice of geofence warrants, which have long been a source of concern for Fourth Amendment advocates.
Critics argue that geofence warrants infringe upon individuals’ rights against unreasonable searches. This controversial practice requires service providers like Google to sift through user location data, employing a “dragnet” approach to identify all electronic devices within a specified geographic area during a specific timeframe, such as a city block where a crime occurred. However, this lack of specificity inherent in traditional warrants carries the risk of ensnaring innocent individuals in law enforcement investigations.
Generally, warrants have a particular suspect or thing in mind, and police must have an articulable reason to believe the search pertaining to the warrant will produce evidence. In Berger v. New York (1967), the Supreme Court emphasized that “The Fourth Amendment commands that a warrant issue not only upon probable cause supported by oath or affirmation, but also ‘particularly describing the place to be searched, and the persons or things to be seized.’”
Unlike traditional warrants, geofence warrants are relatively new. According to a Slate article, Google first received such a warrant in 2016, though it has received thousands of requests since. While the technology continues to develop, there are also issues with the accuracy of the location data, which may trigger false positives. According to a research paper on its efficacy, “Google locations and their accuracies should not be used in a definite way to determine the location of a mobile device.” However, the researchers also conclude that “even if the phone is not in the circle that Google provides in its [t]imeline, normally the error is not that big to deny that at least it has been in the whereabouts.”
Regardless, when it comes to criminal matters, being accurate is essential. In Demark, 32 inmates were released, and 40 additional cases were postponed when flaws in phone geolocation evidence were discovered. In 2016, a family in Kansas received regular visits from police because of a glitch in the map where a geolocation service provider allegedly pointed police to their farm. The problem linked them to investigations as varied as identity fraud, cyber crimes, and stolen vehicles.
Moreover, simply being in the vicinity of where a crime occurred does not mean that the individuals with nearby electronic devices have a nexus to the crime. In 2020, a man in Gainesville, Florida, became a suspect because his bike route to work had him pass a house that was once burglarized, despite protests that “he’d never even been to the victim’s house—and didn’t know anyone who might have.”
Given these problems, one might be surprised that geofence warrants are even allowed. Tim Cushing of Techdirt characterized the legal landscape well, writing, “Legal rulings on these warrants are all over the place.” For example, in People v. Meza (2023), the California Court of Appeals Second Appellate District said that the defense in the case should have been allowed to quash and suppress the evidence resulting from a geofence warrant at the defendant’s original trial because the warrant was not particular enough. The opinion reads, “… law enforcement officials were able to enlarge the geographic parameters of the search and request additional information on any of the potentially thousands of users identified without any objective criteria limiting their discretion.” Whereas, in Price v. Superior Court of Riverside County (2023), the California Court of Appeals Fourth District said the practice was constitutional because the scope of the warrant, in this case, the immediate vicinity of a single house, was narrowly tailored, and was therefore allowed.
Leadership at Google does not appear to be eager to be party to these types of warrants. In the wake of the Gainsville, Florida incident, a spokesperson at Google said the company is committed to protecting digital privacy, “including by pushing back on overly broad requests, while supporting the important work of law enforcement.” Can Google simply ignore the warrants? Not really, and failure to comply with a warrant could land the company in hot water.
There is a credible legal argument that the third-party doctrine pulls Google and similar companies into these geofence warrants. The third-party exception to the Fourth Amendment holds that individuals relinquish a reasonable expectation of privacy in information voluntarily shared with third parties. Information to entities like banks, telephone companies, or internet service providers would be included. Consequently, law enforcement agencies can obtain such information from these third-party entities without a warrant identifying the suspect, as individuals have already exposed it to others willingly. Thus, the Fourth Amendment protection against unreasonable searches and seizures does not extend to such voluntarily disclosed information.
This exception, especially regarding telecom companies, has generally held up since the U.S. Supreme Court’s decision in Smith v. Maryland (1979). However, the application and scope of the third-party exception have been subjects of legal debate and scrutiny, as the digital age has raised questions about the breadth of information shared with various online platforms (See Carpenter v. United States [2017]). Importantly, it is crucial to note that while the individual suspect may not be subject to Fourth Amendment protection under the third-party doctrine, in the case of geofence warrants, the service provider (e.g., Google) is subject to the warrant’s requirements and obligations.
So what is Google’s response? They are making the issue somewhat moot by adopting policies that are similar to what is called “zero-knowledge service,” which can be thought of as a system or platform where user data is stored, processed, and transmitted in a way that the service provider has no knowledge or access to the actual content or information being handled. Put more simply, Google cannot give police location history that it does not have.
Google’s recent announcement introduces three key changes to its handling of location history data, signaling a promising shift towards enhanced user privacy.
- Client-Side Storage: In the future, users’ location history data will be stored on their devices by default instead of in Google’s cloud.
- Default Deletion After Three Months: In a move towards data minimization, Google has reduced the default retention period for location history data to three months.
- Automatic Encryption for Cloud Backups: Users who choose to back up their data to the cloud will benefit from automatic encryption. This added layer of security ensures that even if data is stored remotely, it remains unreadable by any party, including Google.
The changes mean that if police were to approach Google, Google would not have any data to turn over. This essentially absolves Google from any warrant compliance issues. There is a precedent that this strategy can be successful. In 2016, the FBI subpoenaed the zero-knowledge encrypted messaging app Signal for user information. Because Signal is designed around user privacy, it could not disclose the relevant user information because it doesn’t store records. Despite the lackluster progress on Section 702 reform, this development appears to be a move forward with digital privacy.
It is worth pointing out that while Google has taken these steps, other companies have not, meaning geofence warrants can still be requested from other geolocation keepers. However, these changes represent a positive development for user privacy, particularly in the context of geofence warrants. By letting users retain control over their location history data, Google has effectively raised the bar for law enforcement agencies seeking mass location information. The shift towards client-side storage and automatic encryption contributes to a more robust privacy framework, making geofence warrant requests to Google largely moot.