Hacker News new | past | comments | ask | show | jobs | submit login
“Reverse location” search warrants identify all cellphones near a crime scene (mprnews.org)
314 points by Jerry2 on Feb 19, 2019 | hide | past | favorite | 247 comments



>He noted that even if it did target the wrong person, "it doesn't mean they're going to get convicted or arrested, it just gives the detective a look at who could be involved."

...because no case has ever been so righteously pursued, with such a vigorous degree of righteous indignation, that an innocent person was ever thrown in prison[0], yeah?

This blasé attitude about sweeping-up data of innocent people is precisely how you arrive at it eventually being abused.

The eroding of rights isn't a flagrantly giant leap but tiny concessions that occur until it's too late to reverse what has essentially become the modus operandi.

[0] - https://news.ycombinator.com/item?id=19186759


All criminal investigations start with group of innocent people. That's the only way to investigate.

Police collects data from security cameras, road cameras, credit card purchases, witnesses, and now from mobile service providers.

I agree that privacy erosion is real, but you argument was not convincing.


> All criminal investigations start with group of innocent people. That's the only way to investigate.

Agreed. Also, all methods of gathering evidence from a group of innocent people are not legal. So let's take your examples one at a time:

> Police collects data from security cameras,

If a proprietor wishes to give the police footage. If not, they need a warrant in the U.S. to search them. If the police asked for a general warrant to go collect footage from everyone's security cameras in the same area it would probably have been denied, no?

> road cameras,

Agreed.

> credit card purchases,

Citation needed for local law enforcement getting a general warrant to run a credit card purchase history search "so expansive in time and geography that it had the potential to gather data on tens of thousands of Minnesotans."

> witnesses,

Again, citation needed where police can force tens of thousands of witnesses to answer questions and/or submit relevant data to the police.

> and now from mobile service providers.

Agreed.

> I agree that privacy erosion is real, but you argument was not convincing.

I agree it's not very persuasive, but neither is your counterargument. I'd like to have a deeper discussion about what triggers a violation of constitutional rights, and how to design technology that doesn't threaten to erode those protections.


If your train of logic basically reaches the conclusion "police cannot legally investigate crimes," I'm afraid I have some bad news about the facts underpinning your train of logic, because society will not conclude crimes can no longer be investigated.


That sentence was poorly worded.

But then if this least generous interpretation you chose represented my train of thought, one would have expected me to clearly argue that both "road cameras" and "mobile service providers" are illegal. Instead I replied with, "Agreed." Did you read down to those parts? If so I'm curious what you thought that could mean in a worldview where police cannot legally investigate crimes.


No, the error was mine. I zoned out on details because I misinterpreted your earlier sentence and assumed the remainder of the post was poor justification of my misunderstanding of your thesis.


This is surprisingly civil for an internet discussion forum. Kudos on having good manners.


Ah, I see.

That makes a lot of sense now that I think about it. If the initial thesis sounds fatuous, inconsistencies that come later wouldn't necessarily stand out.


Good news! The train of logic doesn't do that!

Traditional methods are just fine. Some technological methods are fine, others are not.


Ah, my mistake---you wrote "all methods of gathering evidence from a group of innocent people are not legal" and I think you meant it as "not all methods of gathering evidence from a group of innocent people are legal". English needs parenthetical binding. ;)


That's what I meant.

> English needs parenthetical binding.

No I think it is. (Enough to take) care when communicating and rely on our falcuties to rveceor qikucly form flaiures wehn tehy hppean().


Also it wasn't me.


> If the police asked for a general warrant to go collect footage from everyone's security cameras in the same area it would probably have been denied, no?

No, probably not.

The last aerial photo, with a gas station, the police would certainly be able to get warrants for security cameras for the whole area. Warrants require only reasonable belief that they would lead to evidence of a crime. All cameras pointed at the location that a crime was committed would be reasonably likely to contain footage of the robber.

The earlier photos, with 2-5 blocks of coverage, it's less clear, but still likely that the police would be able to get a warrant. The perps driving the get-away car is evidence and cops only need to show that there is a reason to believe that the camera footage shows a glimpse of the get-away car to get the footage.


Some criminal investigations start with the evidence that a crime has occurred, and links additional evidence to the web that grows out from there, until at least one suspect is linked to a public identity.

If you start by making random accusations against innocent persons in an attempt to generate additional leads, you're not investigating, you're just playing "Clue".

Police resort to unlawful tactics when they have no leads to investigate and political/administrative pressure to close cases. Or when they are rewarded for making large seizures and well-publicized arrests, and are never punished for the sloppy work that led up to them.

The US system is supposed to encourage following the evidence to the suspect, rather than picking a likely suspect and then trying to connect that person to the evidence. "Parallel construction" is a direct attack on the presumption of innocence and personal privacy. It is part of a policing culture that encourages individual police to be lazy and slipshod in their investigations--and that's how you get 2 corpses and injured police at 7815 Harding Street, with some heroin dealers doing an orderly cleanup and evacuation at 7815 Hardy Street, even as the PR flack from the police union and the police chief are busy blaming the victims and doubling down on the botched raid. That's how flashbangs land in a baby's crib. That's how the family dog gets shot, no matter what.

When we do not make police work difficult enough that some investigations fail, one does not need to be diligent, attentive, and dedicated to pursue a career with the police. A person who is violent and sloppy can still get their promotions and pensions. Computer says arrest this guy, so cop goes out to pick him up. The person who is not smarter than the computer cannot recognize the limitations of the system. It becomes a magic box that spits out the right answers--most of the time--without having to do any of the homework.


We don't always actually know that a crime happened to the minute nor do we know the position of a cell phone to the meter indoors or near buildings.

Your potential criminal pool is potentially anyone who passed within a few hundred meters within a period of hours. Potentially hundreds of people in some cases.

Absent real evidence of note the black man with a record who walked 200 feet away 4 hours before the crime looks like winner.

This makes me want to purchase a librem with a switch to turn off the baseband.


In big investigations hundreds of people are suspects. There is nothing wrong with that.

There is nothing wrong with a police being able to collect information of people who were in the scene.

The real issue is what happens to data and how you get it.

1. Police should need to use subpoena to get the data.

2. Police should not be allowed to use the data for any other thing than solving that particular crime.

These kinds of issues should be separated from mass surveillance. The ability to just go there and explore data of citizens or persons who they are interested in but don't suspect from crimes. That's what intelligence agencies do.


The "scene" could in fact be an arbitrarily large space and time due to uncertainties and complexities of the particular issue at hand.


> All criminal investigations start with group of innocent people. That's the only way to investigate.

Just the opposite. The investigation starts with the crime, not the suspect. Interview the victim and potential witnesses (none of which are required to talk to you), inspect the scene of the crime, collect physical evidence, etc.

You don't have any suspects until the evidence points to someone, and you only get to the point of credit card purchases and location data once you have a specific suspect. Then you should only get that person's credit card purchases or location data, not everybody else's.


Your response illuminates the exact boiling frog / slippery slope problem AP was referring to.

None of what you mentioned should have been granted to the police but because of similar apathetic non argument whataboutism tactics like yours it was.

The only one I see there that even holds water as an acceptable invasion of privacy is witnesses but that's only because people still have a right to tell the police to get lost provided they're not a damn fool [1].

The rest are just as bad if not worse invasions of privacy. None of which have valid arguments for existing themselves. Their current use doesn't really give much more of an argument for allowing this new encroachment. If anything they give a reason to push back even more.

1. https://youtube.com/watch?v=d-7o9xYp7eE


I upvoted the gp post just so it and your reply can be kept visible.

This dismissive attitude towards the slow but steady incremental erosion of privacy and authoritarian creep terrifies me. It's like people have completely forgotten about not-so-distant history, and are not just tolerating, but welcoming the mechanisms of oppression rolling out once again. In the name of catching a dozen or so criminals - just like every other time in the recorded history of oppressive regimes.

This has all happened before. For centuries. The same dismissive arguments have been used to defend the Gestapo and KGB. If there's a crime, why wouldn't you interrogate the family of everyone who was reported to be near the scene? Why wouldn't you force a confession and tick off the case if none of the leads are working out?

It takes only a few minutes of empirical thought to realize that not every crime must be solved, especially when that doctrine creates an incentive to 'solve' crimes with easy targets rather than the real perpetrator. You hit diminishing returns really hard really fast by investing extra resources into solving crimes with statistically negligible incidence rates. The only entity that stands to benefit is the proto authoritarian regime and its ability to target arbitrary population segments and continue expanding.

Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin knew better.


> None of what you mentioned should have been granted to the police

Not even questioning the witnesses, or stopping people in the area?

Please describe the alternative method for police investigation? Someone is killed in the street, now what?


I mentioned witness testimony as somewhat legitimate simply because it is opt in in nature.

The rest is assuredly not opt in.

This is the very basic argument: if I don't opt in, you do not have a right to my private affairs, details, papers, movements or discussions with others.

If you want to argue we live in an imperfect world full of grey areas and need to sometimes give up some general privacy for the greater good and safety of the people then do so, and I will likely agree with you on a lot of the justifications to concede that privacy.

Just don't for a second think that those individual concessions instantly justify all others. That like your original position is just far too many logical fallacies to even begin to unpack.


>He noted that even if it did target the wrong person, "it doesn't mean they're going to get convicted or arrested, it just gives the detective a look at who could be involved."

"Hmm, this black person was near..."



There are others, too numerous to mention, yet you used someone that was very likely guilty as your second example? Just wanted to bring this up in case anyone reads your comment and thoughtlessly nods in agreement.


Ironic choice of examples, because lacking these tools, you've just identified the tool the police tend to fall back on.

We can build algorithms to avoid racial bias, with awareness and effort. How confident are you we can train cops to do the same?


> We can build algorithms to avoid racial bias, with awareness and effort. How confident are you we can train cops to do the same?

How confident are you that we can build algorithms to do that? You can't just flatten the probability distribution based on race when many of the legitimate factors are correlated with it, any more than you could do so for gender or age or nationality. Unless you want an absurd false positive rate against octogenarian women from Japan.

But given that some racial (or gender or age) disparity is expected, how do you know if the amount of disparity in the algorithm's results is legitimate? It could be too high, or too low, and knowing which one would imply possession of an algorithm that gives the "true" amount, which was the original problem to begin with.

The answer is to require high standards of proof and conclusive evidence, so that it's impossible to choose a random innocent black man off the street and convict him of anything just because you're a racist or some algorithm decided he fit an aggregate profile.

But that's the opposite of the dragnet approach. You need evidence on a specific person, not statistical data from thousands that doesn't give you a better than 5% probability that it was any given one of them. And suppose the actual perpetrator wasn't carrying a phone at the time of the crime, so now you've got a list of "possible suspects" 100% of which are innocent.


I believe the article clarifies that this system (much like its sibling, DNA database mining) is used to narrow the search space so that traditional (and comparatively more expensive) sleuthing can find the evidence needed for a conviction. The dragnet is, in a sense, more ruling people out than ruling people in.


> I believe the article clarifies that this system (much like its sibling, DNA database mining) is used to narrow the search space so that traditional (and comparatively more expensive) sleuthing can find the evidence needed for a conviction.

Which is exactly the problem. The system spits out a list of 25 names, 20 of them have an alibi and only one of the remaining five had the capacity to commit the crime. So you've got your man, all you have to do is dig up some evidence. Unless the true perpetrator wasn't on the original list to begin with, or fabricated an alibi, in which case you're attempting to convict an innocent person. Which huge databases are ideal for doing because it's very easy to use selection bias to raise the apparent probability of random events.

It's like the reverse pyramid scheme. You choose a stock and send brochures to a million people telling half it will go up and half it will go down. Then it goes up or down and next week you send brochures to the half million people you sent the accurate prediction to last week, telling half of them that a different stock will go up and the other half that it will go down. By the end of ten weeks you have about a thousand people who think you can predict the market when all you've really done is to start with a large pool.

"99.9% accurate" in a city of two million means that 99.95% of the matches are false positives.

You can't start with a list of names and then look for evidence it was them. You have to start with the evidence and see who it points to.


We can build algorithms to avoid racial bias

Can we? Those algorithms are built/trained by humans with biases - how can you be sure we can build/train AI to avoid those same biases?


It's an excellent open question. I'd argue that relative to training it out of humans, we have a glimmer of hope of building algorithms that avoid racial bias because you can always bust an algorithm open and "examine its entrails," and the same can't be done with human thinking.

... but it's not categorically, definitely better, just more likely to be so.


oh come on. we're not talking about mass survaliance here. this is a clear cut case of a warrant, deacribing the place or thing to be searched and or the persons to be siezed, issued by a judge presented with probable cause.im weary of state overreach too but this isnt it.


The judges are not made aware how many people will be affected by this.

In fact the FBI has often hid the scope of Stingray operations from judges for precisely this reason.


>The judges are not made aware how many people will be affected by this.

Only one person was affected by it. The initial request was for anonymized data and the subsequent request for actual data was made for only one specific person.


Remember that protest @ the beginning of Trumps presidency? Or any protest that has elements that go bad? When they were seeking images of people they could recognize in order to detain/question/harass because they were in the vicinity of some mischief?

It is already known that agent provocateurs are used to incite peaceful mobs. It would be no great difficulty to use a agent provocateur to give a probable cause to pull the lever that dumps the complete list of people in that mob with little effort.

Technology affords law enforcement great powers. But simply handing these powers over without judicial oversight and control can turn very dangerous.


I'll go back even further. Remember when police used honey pot wifi access points at the DAPL protests? Remember the hippie's getting beat at occupy?

You don't need to lecture me. I'm with you. In fact, I participated in the Restore the 4th protests just after the Snowden leaks.

What I'm saying is let's not cry wolf here. Yes surveillance technology can be used to set up a system of oppression. So can many other state apparatuses. If the state had such desire it could skip the middle man of surveillance and skip straight to martial law. That is why we have a system of courts and warrants and checks and balances etc.

A warrant for data highly limited in terms of scope in time and place isn't a threat to civil liberties. A blank check for a Nation State Actor to get any data it wants, anytime, without giving any cause is a threat to civil liberties. We make ourselves look bad when we confuse the two.


> That is why we have a system of courts and warrants and checks and balances etc.

The problem is that those are worth nothing if judges and courts do not understand (or don't want to) the full consequences of carelessly signing those warrants.

In Germany we have some local courts which are "famous" for being very near to the police and will often rule against your personal freedom or accept half-cooked "evidence" from copyright holders (rather their shady lawyers) for purposes of spamigation and alike.

You can't trust in the court system to rule in favor of freedom here.


Whose civil liberties are hurt by a few blocks of cell phone information after a crime has occurred?

The crime itself is a violation of civil liberties.


See, your mindset is part of the problem.

I'm not in any way suspicious, just because I have been around the area where a crime has happened. As we know those blocks can be quite large so you will have lots of "suspects" whose only connection to the crime is being around a crime scene.

Then you question all of them and hope that something sticks with one of them. That is unprofessional and will lead to lots of problems once your neighbours get to know that you are suspicious of $crime because you were near $location.


You question them, ask if they saw anything unusual, ask if they saw anybody matching a suspect's description, spot a known perp, spot somebody staking out the place hours before the crime...


I don't want to talk to police just because I was near. Now what. More suspicious? Less suspicious?


This is sarcasm, isn't it?


These are search warrants. They can comb through the details of your life to any extent.


> ...because no case has ever been so righteously pursued, with such a vigorous degree of righteous indignation, that an innocent person was ever thrown in prison[0], yeah?

Yes, wrongful arrest and conviction happen all the times. And I definitely don't want it to happen to me because my phone was near a crime scene.

However, I don't believe that the risk of wrongful accusation is a good argument against surveillance.

That's because while surveillance can make you a suspect, it can just as easily clear you. Imagine that there are two suspects for a crime, you and someone else. Turns out they detected the other guy cell phone close to the crime scene, arrested him, and found him guilty. Surveillance saved you from a wrongful accusation, even if you aren't aware of it.

There is a bias here, a bit like with vaccines. A vaccine is much more likely to save you from a deadly infection than to kill you because of some nasty side effect. But you only see the side effects, you can't see the sickness that didn't happen.

Note that I am not saying mass surveillance is a good thing (vaccines certainly are). Just that the "wrongful accusation" argument is more in favor of mass surveillance than going against it.


The risk of a false positive is nonzero, but how does it balance against the value of a true-negative? Given that alternatives the police have include "picking up anyone who just looks like they might be a perpetrator" (which all too often translates to racist policing), is there value to communities (especially communities with past racial policing concerns) of tools that tell the cops it's probably not any of the people the system doesn't identify (or identifies as affirmatively not in the area of interest)?


> The risk of a false positive is nonzero, but how does it balance against the value of a true-negative?

Do you mean a miss?

Misses are unavoidable. If the perpetrator didn't have their phone on them, this is not going to help a bit. However invasive your investigative powers are, there will always remain a chance of misses. The question is how much privacy and freedom of innocents you want to sacrifice for a small further decrease of miss chance.


I don't mean a miss, I mean "This phone breezes through the dragnet but is clearly moving the wrong way to be associated with the crime in question, so we can discard this suspect."

That'll be great news for the suspect in question if it's the black guy the cops picked up using "traditional" policing methods because he looks like he was in the wrong neighborhood.


It's 1984 kafkaesque. The slowly-boiled frog deserves neither liberty nor safety. What the naïve fools don't grasp is anything they do or any information about them can be used to target them for arbitrary or deliberate police or political purposes.

Oh and then there's the peer-pressure gaslighting of anyone pushing back on the "nothing to hide" mantra or pantopticon surveillance state. Ask them to live in glass houses or give over their banking details, suddenly they have less "nothing to hide."

Lock up anything you value because no one else will. Also a good book: Three Felonies a Day


I always find comparisons to Nineteen Eighty-Four to be a [small] part of the problem.

In Nineteen Eighty-Four, mass surveillance is allowed to exist because of the application of force (torture and murder). It's a dystopia founded in violence and oppression. We like to think things are like the book, because it paints us as victims.

However, the truth is that, at best, we're complicit. This reality is explored in the far more prescient Brave New World.

This surveillance is allowed not because people are afraid to protest, but because they don't care (or rather, they care more about other [meaningless] things).


Or, in many cases, people have done the mental calculus between free, powerful, entertaining services and their privacy rights and have chosen the former.


Correct. It's best modeled by neither 1984 or Brave New World---It's "The Ones Who Walk Away From Omelas."

People get the basics that there are breakdowns in the system of safeguards and a non-zero chance that they'll be the victim of a crime or injustice facilitated by ubiquitous observation. But relative to the benefits, the odds they'll be the one locked in the dungeon suffering are so low that they'll readily shoulder that risk for the observed, immediate, and obvious benefits.


This looks like a fascinating read. Thank you for bringing it to our attention!


I know few people who can do mental calculus, fewer who can perform the cost benefit analysis you describe and none who have the right to make that decision for everyone else, but that's exactly what happens


...which is why you have some privacy minded people using gmail anyway, or getting biometric passports.


In the real world, maybe 5% do the math. The rest are dazzled or browbeaten by apps and continuous demands for some permission they don't fully understand the scope of.


... so ... soma?


> "This surveillance is allowed not because people are afraid to protest, but because they don't care (or rather, they care more about other [meaningless] things)."

The People aren't getting honest and consistent news about such things. The Snowden revelations were met with what relatively amounted to crickets.

Should people be more aware? Yes. Absolutely. However, the mainstream media driven system is designed to make that close to impossible for most people. Editorial: I don't think that's an accident.


It's allowed to persist because they've self-medicated and conditioned to not care. It was started because of fear ... so I agree that Brave New World is absolutely a more appropriate context in which we can frame ourselves.


This comment is unproductive and ridiculous.

1. Histrionic comparison to a dystopian novel.

2. Calling people who disagree with you "naive fools".

3. Evoking this category of "nothing to hide" strawmen.

This information can only be attained by a warrant, and doesn't change the fact that you are tried before a judge, by a jury of your peers. Furthermore, Police are funded by local governments with locally elected officials, so they are eventually bound by the public. If you are to any degree right, you haven't explained how this data could be used to undermine, circumvent, or influence these factors and bring about a 'surveillance state'. At this point you're just fear mongering.


> This information can only be attained by a warrant, and doesn't change the fact that you are tried before a judge, by a jury of your peers.

Sure. But getting tried is extremely expensive, in money and time. And it tends to fuck up your life in numerous ways.

Me, I just don't carry a cellphone that's always turned on.


At this point, you're gaslighting.

The procedure creates a means that can be exploited for fishing expeditions. The details of exploitability have been well enumerated in previously given literary examples.

Every infrastructural/institutional mechanism we implement or allow to be implemented is an undeniable weapon.

Just as some people may be nervous when others do something perfectly legal (walking around with a firearm), others get understandably nervous when others clamor in support of instituting new mechanisms to allow our civil institutions to circumvent due process.

"Someone was here at a time" is not a justification in and of itself for the casual dismissal of what normatively should be a right: the right to be free of being surveilled.

Does the jurisprudence provide for such a protection? No.

Would it have an Earth shattering impact on the business world if such a legislation was passed?

Absolutely.

Should we pass it?

in my opinion, yes, absolutely.

We've spent decades experimenting and finding out what happens when no one takes a firm stance against these seemingly innocuous forms of data gathering. People build systems with little pieces of innocuous information which in isolation are harmless, but in aggregate allow a terrifying capability to predict and otherwise manipulate or outright harm an individual.

Data aggregation protection must happen. We cannot allow the weaponization of data, even sanctioned, against our descendants, or we are as culpable in the erosion of liberty for them as those who came before us.

No more. Enough is enough.


Claiming I'm gaslighting is absurd and blatant rhetoric. It is reasonable for me to ask how the state can exploit the system in such a way which somehow defeats or undermines the checks on exploitation.


You're asking the previous poster to answer a question he has already sufficiently answered. Rhetoric or not, it's the truth.

While you may consider the literary sources he pulled from to be "BS", we've had more than enough precedent implemented in the last 30 years that these literary "cautionary" tales are instead of being used as a warning to not encroach on civil rights, are instead being viewed as instruction manuals for how to do so.

I.e. Semantic/linguistic engineering, appeals to nationalism, declaration of 'war' against nebulous but never seeming to disappear enemies, silencing or suppression of journalism/access to information, and engineering of artificial socioeconomic classes.

If you haven't read the books, and are just tired of seeing people talk about them, then I recommend you read them and take them to heart.

If you have read them, and yet still consider them irrelevant, then I can only question your motives/ position and whether it is fundamentally dependent on slowly eroding others right to be free of surveillance, because in no way whatsoever does the implementation details of the government in the United States proof its' citizens against these forces which are very actively employed by parties foreign and domestic.

I don't like to assume malice, but I find it absolutely mind boggling that anyone paying enough attention could not recognize this in good faith. It's just too painfully obvious.

So, if you truly aren't gaslighting, please enlighten me as to how you're trying to do anything but undermine actually valid concerns through rhetorically underhanded means? Because I'm honestly not seeing it.


>"nothing to hide" strawmen

Obviously I have no source for this except for personal experience but fwiw about %90 of the people I talk to here in the Bay Area believe the benefits of serveillance outweigh the harms and communicate such by saying they have "nothing to hide". I know my sample could be biased somehow but I've organized groups of activists before and done recruiting for such activities all around the bay (from ghetto to mansion). I have definitely noticed a trend. People here and on the internet seem more perceptive but that's definitely biased by my limited visited websites. I think it's impossible to have a constructive conversation about serveillance without talking about the "nothing to hide" people since, after all, in order to change policy you have to get people to agree on policy change.


> This information can only be attained by a warrant...

...and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.


So essentially they asked for anonymised lists of phones (i.e. not even the actual numbers) that had been in the locations where the suspects had been, then cross-referenced these to find potential suspects, presumably finding some phones that exactly matched the reported movements of the suspects which they then made a second application to de-anonymise.

Do people honestly think this is disproportionate for investigating a home invasion? It seems like they have been quite privacy conscious in my opinion.

What would have been a better way to investigate this crime?


  Do people honestly think this is disproportionate
  for investigating a home invasion?
I think the concern is not Google sharing this data once they have it. The concern is Google having it, in the first place (in personally identifiable form).

There's a lot of unclarity about which free and paid Google services and products are and aren't tracked. Who knows if their DNS resolver or their wifi-visibility-to-phone-location service or google-maps-used-without-logging-in would have come up in such a search warrant?


> The concern is Google having it, in the first place

This. I think it's the only responsible thing for the police to do. Since they know the data probably exists they have to look, but does this data need to exist?

What we need is some limitations on what is collected and how long it is stored.


Hold on, this is great justification for Google having this data (in addition to the real reason, which is to provide better location-based services). Due to the anonymization process, no one's privacy is unduly infringed upon, and investigators have a tool for catching criminals. Do you not see that last bit as a societal win?


We know, because its outlined in their privacy policy that they store dns logs for 24 hours, and store the location data of devices which allow the location history feature, and provide data to governments who send a proper search warrant with reasonable cause.


My problem isn’t so much that Google is storing location data if people have agreed to allow it. The semantics of agreeing to enable location history are arguable, but by default Google’s location history feature is opt-out. I’d prefer it be not be that way, but that’s a debate for another time.

What I do have a problem with is what this line from the article suggests:

>An Associated Press investigation last year revealed that even with these settings disabled, Google continued to collect and store users' location data.

Maybe I’m missing something from the TOS, but it seems to me that the opt-out process doesn’t do what it describes; so what is it for?


>Do people honestly think this is disproportionate for investigating a home invasion?

The scale of the search[0] is grossly disproportionate, to be sure. The population of the city in question was 60,797+[1] almost ten years ago.

So, we have a wide-net around the house, a period of about six hours requested, and if that main road is a major artery for driving, then we can safely assume (if it's day-time time-frame) that at least a small-to-medium-size portion of the population would've been simply driving by.

Now, for the St. Paul Food Market, they wanted 33 hours' worth of data and that is off of two main drags (it looks like). Given Google's overestimation of its ability to place a device at a location (noted in the article) and the potential of the predominance of the population to have driven in that area (let's say business day versus weekend); then, yeah, that does seem grossly disproportionate for investigating a robbery of a home invasion, and/or markets; especially considering that the markets weren't hit multiple times over that time-frame - they just wanted to see patterns of travel for everyone in the area over that period of time.

>What would have been a better way to investigate this crime?

The original police-work methods they were using, which they admitted in their court-filings as having actually led to the suspects? The confidential informant being chief amond those, yeah?

Touting this method as being a more useful mechanism for investigation, when that was countermanded by the evidence of the events - as told in the article, is disingenuous - at best.

[0] - https://img.apmcdn.org/170e8a92a0f2ddb41b4a415707a8e4db547af...

[1] - https://en.wikipedia.org/wiki/Eden_Prairie,_Minnesota


The additional search areas limit the potential for collateral intrusion though, because they are essentially going to be ANDed with the list from the main crime scene not ORed. Even if the whole town visited those markets, it could never be more intrusive. Also, the reasonably wide rectangle is precisely because the location data is not particularly accurate, I am not sure why you think this supports the idea that it should be smaller.

I'm honestly shocked that people think that the police are overstepping the mark by requesting anonymised phone data from around the scene of a home invasion murder.

Over the last few years I've watched the privacy debate on HN evolve from completely legitimate criticism of mass surveillance programs with insufficient transparency and oversight, to criticising a detective getting a warrant from a judge, that is specifically written to request anonymised data! While investigating a murder in his community!

> The original police-work methods they were using, which they admitted in their court-filings as having actually led to the suspects? The confidential informant being chief amond those, yeah?

The level of proof required in a criminal case is incredibly high, what's more police have a responsibility to find all assailants as well as test the veracity of witness reports and follow all reasonable lines of enquiry.

"Witness is lying", "Someone stole my car" etc etc. All these will be presented as defences. They don't even need to be probable, because the prosecution needs to clear a very high bar of proof. This is why police collect as much evidence as they can and don't just stop when they think they know who did it.

Ultimately the detective has a responsibility to the wife who's husband is dead - and to society in general - to make sure people face justice when they offend, and they can't half arse it.

(Disclosure: I am a detective)


>to criticising a detective getting a warrant from a judge, that is specifically written to request anonymised data! While investigating a murder in his community

Exactly. I'm extremely pro-privacy (and don't hold a particularly high opinion of police either), but I see nothing wrong here. They made sure to get warrants, made sure the data obtained via the first warrant was anonymized, and then obtained a much more narrowly scoped warrant once they identified a single phone in the dataset that closely corresponded to the facts of the murder. This should be a textbook example of properly protecting privacy while investigating and closing a crime case.

This reminds me of some of the handwringing over police submitting cold case DNA samples to ancestry companies and catching their perpetrator via a match with one of their relatives. That should be something to celebrate, not be concerned about.


>I'm honestly shocked that people think that the police are overstepping the mark by requesting anonymised phone data from around the scene of a home invasion murder.

I think you're trying to tout that the ends justify the means by obfuscating the facts. There was no murder. The man died of a heart attack. While the home invasion was undoubtly the cause, to arrive at the conclusion that it was murder is disingenuous. Manslaughter, possibly, if you could prove that the heart attack wouldn't have occurred without the home invasion but that's extremely difficult.

>Over the last few years I've watched the privacy debate on HN evolve from completely legitimate criticism of mass surveillance programs with insufficient transparency and oversight, to criticising a detective getting a warrant from a judge, that is specifically written to request anonymised data!

Because the latter can directly lead to former. What happens to this data, when it's "no longer needed" because the police believe that they have a suspect? Do you honestly believe that it's deleted? This is in the United States, after all.

>While investigating a murder in his community!

Just because you repeat a lie, it doesn't mean it is the truth.

>...what's more police have a responsibility to find all assailants as well as test the veracity of witness reports and follow all reasonable lines of enquiry.

and

>Ultimately the detective has a responsibility to the wife who's husband is dead - and to society in general - to make sure people face justice when they offend, and they can't half arse it.

Negating the continual lie you're propogating, this line of justice-boner thinking is exactly how the "Investigation Center" (for lack of a better moniker at the moment) in Chicago[0] came to be. Whatever it takes to make sure that justice is served, yeah? After all, from the inference that I get from your statement, the police owe it to the community that justice is served and it's their responsibility to make sure that it happens, no matter what, yeah?

Furthermore, I don't think that you quite understand that anonymised data doesn't implicitly mean that an end-user is anonymous. The two principles are quite distinct and far-removed.

(Disclaimer: I lean heavily towards anti-authoritarianism.)

[0] - https://www.theguardian.com/us-news/2015/feb/24/chicago-poli...


> There was no murder. The man died of a heart attack. While the home invasion was undoubtly the cause, to arrive at the conclusion that it was murder is disingenuous.

This isn’t the detective obfuscating facts, this is you being unfamiliar with felony murder doctrine.


>...this is you being unfamiliar with felony murder doctrine.

Someone isn't aware of the merger doctrine, I see. To point: Where's the felony murder charge[0,1]?

[0] - https://www.newrichmond-news.com/news/crime-and-courts/45488...

[1] - https://kstp.com/news/lennie-dwayne-brooks-randy-lorenzo-bro...


How does this implicate the merger doctrine? Isn't that for lesser included offenses — which felony murder would not be here? It does appear that the suspects were not charged with felony murder here, but it's not clear why that was.

The CA legislature recently attempted to narrow their felony murder law [1], but I don't think MN has done the same (and even the CA attempt may have failed due to a conflict with the CA Constitution [2]).

Could you explain on how the merger doctrine is involved?

1: https://www.sacbee.com/news/politics-government/capitol-aler...

2: https://www.mercurynews.com/2019/02/19/felony-murder-law-rep...


I'm going to duck out of this because I don't believe you are assuming good faith on my part


you familiar with this ?

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Pretty sure "grab that pile of anonymous bits" isnt a proper description ;)


How do you expect a group of politicians from the 18th century to weigh in on the acceptability of this type of warrant? Even politicians from this century don't understand technology.


> How do you expect a group of politicians from the 18th century to weigh in on the acceptability of this type of warrant?

Because they lived through a time when blanket warrants were common and decided that they were not to be allowed in this new political framework?

--edit--

err, "general warrant" is what I meant to say...


How do you invalidate a legal concept like "define that which you want to seize" because old people founded the nation ?

The old coots dont have to know how to define it. The modern police do and I want the phone records for those several thousand people doesnt cut it


If your goal is to arrest someone for the crime, then this may be the best way; but if you optimise society for catching criminals you aren't optimising for prosperity, comfort or sustainability.

The country with the greatest personal liberty, currently probably the US, is consistently a place that people would choose to live if they had a choice. This is a hint that moving away from personal liberty will end up with a society that is (1) free of crime and (2) not a desirable place to move to.

I'm not really going to expand the argument; I hope it is self-evident why having your activities reviewed by a person who might choose to arrest you is going to make your life worse. Statistically and at the macro scale that is a bigger threat to you than a home invasion (even if you think you aren't committing any crimes - I hope you've read all the laws that apply to you, don't ever get into a grey area and the police never make a mistake!).


> The country with the greatest personal liberty, currently probably the US, is consistently a place that people would choose to live if they had a choice

You haven't been around the world very much, have you? I wouldn't say that many people in the Nordic countries, for example, would choose to move to the US. If they do, liberty is certainly not among the reasons why.


If I'm strictly honest, I'd choose Switzerland. But there is not really any evidence that the models of countries that small can scale to any meaningful number of people; which is the same problem the Nordics have. The geography of economics doesn't really work in a linear way. At the 100M+ people America stands out.

Even if you want to make the argument that the US is coming 2nd to the EU or 3rd to someone else; it doesn't really alter the core point here. People prefer liberty; they aren't going to move to, say, China despite the fact that China is developing a more sophisticated surveillance network that will be used to fight crime.


Please note that my point wasn't about making a pissing contest on which country is the best or whether the US should adopt anything from any other country. I was simply replying to the claim that America is the beacon of liberty that everyone wants to go move to. That's a bit ridiculous statement to a bunch of people around the world.


I have visted a few countries.

In the US you have the potential to make more money but you damn sure arent more free.

Even Mexico has more freedoms


> Even Mexico has more freedoms

Citation needed.


personal experiences when driving 4 wheelers around drinking beer and other things.

weed is legal nationwide so is prostitution

is that enough ?


>The country with the greatest personal liberty, currently probably the US

What's their prison population again?


There's countries where the percentage is lower, yet it's basically illegal to criticize the government.

More importantly, what does that change about the argument that arresting criminals is hardly the only thing to consider? Here's the same argument with enhanced contrast: If you threw Earth into the sun, all crimes would stop. If that's all we care about, everything else is just kicking the can down the road. But that would be a "crime" in and of itself, right? IMO the same could be said about mass surveillance, it's stripping humans of their rights to preserve their rights, burning the village to save it.

Generally I can't help but notice that it's really not the size of the crime that seems to matter, but whether it's aligned with centers of power or not. We're aiming at a world where a tyrant can't be assassinated, and the defenseless can be murdered without consequence, with a bit of playing for time and lip service to principles here and there.

> It is forbidden to kill; therefore all murderers are punished unless they kill in large numbers and to the sound of trumpets.

-- Voltaire


>There's countries where the percentage is lower, yet it's basically illegal to criticize the government.

Don’t you see how deeply ironic that statement is? There are countries where even trivial things like criticising the government are illegal, and yet somehow the United States manages to imprison more of its own population than anyone else.

Put another way, you are more likely to have your liberty completely revoked if you live in the United States than if you live anywhere else in the world, both by population and per capita.


I'm aware of all of that, and that changes none of the points I made, nor the questions I asked. 3 comments freaking out, not one addressing the meat.


Are you ignorant or choosing to ignore how much of the prison population is there due to criminalising the use of narcotics and much of the violent crimes committed is a result of this policy? Are you also ignorant or choosing to ignore that the policy has been used to target especially minorities who get sentenced much more often than whites despite drug use being at similar levels across races?

Calling all these people simply "criminals" is a bit too straightforward term when the system has been set up to mainly jail black men for crimes that have no clear victim. That's a serious issue for a country that claims to be all about liberty.


> Are you ignorant or choosing to ignore how much of the prison population is there due to criminalising the use of narcotics and much of the violent crimes committed is a result of this policy?

Neither, that's simply besides the point.


How's putting people in jail based on racism besides the point when it comes to liberty? What good is being able to criticise leaders if you're in jail and can never vote again?


It's beside the point because the discussion is about mass surveillance, which will only make the problems you mention worse. If we give police more and more ability to track people, who do you think they'll track, murderers or drug dealers/users? As a hint, the latter is far more profitable to the police station.

Yes we need to change laws that disproportionately put non-violent offenders in jail, but that's beside the point when talking about mass surveillance. Both are bad, and both should have separate discussions.


> How's putting people in jail based on racism besides the point when it comes to liberty?

The point made upstream was that optimizing for jailing criminals and ignoring all else is not a good metric, while also making the terrible mistake of calling the US pretty free, which was "refuted" by with, well, a single metric, incarceration rate -- I asked what that changes about the original point, and said incarceration rate is not the one and only metric by which to measure liberty. If you wish to contest either of those points, actually do it.


If you think its not illegal to criticize the govt get on twitter and start ranting.

Ask ted nugent how a secret service visit feels ?

or go local... simply go outside and start criticizing the local govt agents ( police )

I promise you will get a couple doses of freedom and likely be given the chance to donate to their cause


Excuse me, what? I think you should step out of whatever propaganda feed you are sucked in.

Literally all of the EU have a massively lower rate and in none of the countries it is remotely illegal to criticize the government.

In Germany for example, you have multiple programs on TV dedicated to make political satire of current politics. On basically tax funded TV.

And you won't have your name published for criticizing the white house [1] like in the country some people apparently unironically think of as the place with the most personal freedom.

[1] http://www.slate.com/blogs/the_slatest/2017/07/15/white_hous...


> Literally all of the EU have a massively lower rate and in none of the countries it is remotely illegal to criticize the government.

Yes, and? I didn't say that's the case in every country with a lower rate, I said there's countries that have a lower rate, but can hardly be called free. To judge something as complex as this by a single metric doesn't even pass the smell test.


Replacing IDs by Psuedonyms does not really give anonymity. Consider correlation with CCTV cameras, or identification based on sleeping in a house.

As an hypothetical, suppose there is data on two people, who were in the same house at 11:00 pm. Then, at 12:00 pm, one of those people moved over to a neighboring house for 1:00 hour, after which they went back.

It looks a lot like two people who live together, where someone snuck out to spend the night with someone else. This is sensitive data, and not really anonymous.


> So essentially they asked for anonymised lists of phones (i.e. not even the actual numbers) that had been in the locations where the suspects had been, then cross-referenced these to find potential suspects, presumably finding some phones that exactly matched the reported movements of the suspects which they then made a second application to de-anonymise.

In what conceivable way does that count as an "anonymised list?"

Suppose Google happens to sell geodata for everyone in your area of town to a third-party. Are you reassured if they tell you, "It's ok, we removed your phone numbers first."


We have no reason to trust either the sensitivity oe specificity of such an identification, and every reason to assume police and juries will think it's foolproof.


Several years ago while living in London we had a visit from the police because they were able to access my partner’s Oyster travel card registration details — she had provided her home address and I hadn’t.

They were following up on an apparently minor assault and pulled tbe Oyster card details for everyone on a specific train.

Considering this is a city with ubiquitous CCTV, smart phones are just another data source.


>Considering this is a city with ubiquitous CCTV, smart phones are just another data source.

London is quickly becoming one of the most dystopian cities in the world. I recently read a story [0] how London police are now face-scanning pedestrians and you are not allowed to cover up you face. If you protest this scanning, you're issued a £90 fine. You're basically treated like cattle.

[0] https://www.independent.co.uk/news/uk/crime/facial-recogniti...


It's like the middle ages all over again. Citizens are a resource of the land and have no say in things except in the most extreme cases. The people in charge only care about the masses insofar as it relates to GDP growth (or whatever their metric of the day is) and is perfectly happy to subjugate them for that goal. God forbid we endure some economic instability while we deal with social issues. /s

I'm exaggerating but that sort of paternalistic authoritarianism seems to be more and more common among the politicians who's job it is to do things such as check the power of law enforcement.


I was there during the riots, the extra police from up the country had their breakfast at our canteen in Imperial. It was surreal. Closest thing I’ve seen was when US troops used Shannon airport en masses during the Iraq war.

When I got off the tube at my stop way out in zone 4 they had a surveillance van covered in cameras and other gear with a big LED display on the side with the words “WE ARE WATCHING”. It could be a strange place.


Is there still any advantage to having a registered oyster card?


Yeah, because if you have a weekly/monthly Travel Card (worth it if you travel frequently), you can't load that onto a contactless card, just an Oyster. And if you lose that, it's £150+ down the drain unless it's registered.


Yeah - now they'll simply pull your contactless card details instead. No need to register at all.


I find it concerning that a judge, being presented with a textual description of four GPS coordinates would sign off on a warrant without simply asking... "okay, can you show me that on a map then?"


Fine grained judge approval is the lowest form of privacy theatre. It will always degenerate into a worthless rubberstamping process. It's totally invisible, unchallenged and there is absolutely zero possible upside for the judge to ever deny an application. Everybody who agrees that privacy, invasive measures are both sometimes necessary and something that needs to be restricted should try to come up with something better.


Do we know that the judge didn't simply plug the coordinates into some online mapping service to find out? It's not that hard...


It's alluded to in the article that judges aren't aware of the size of the geofences they're asked to sign off on, yeah.


In the criminal justice system a judge is asked, in 15 minutes average per case, to see if there is any reason at all to suspect this person, nothing more.

A judge would sign off given just the list of coordinates, and legally, they'd be correct in doing so.


That's the difference though. This isn't a warrant against a person. It's a warrant against "anyone who google recorded as being in an area"


Police search areas around crimes, people known to be in those locations (log books, identifications on surveillance), and warrants against locations searching for evidence. Warrants don't need to be against a person.


> Police search areas around crimes

That is true, but these areas usually do not involve the private homes of people. Police can ask to look around, but if the owner of the home declines, then police have to come back with a search warrant and afaik that warrant needs to be specific to that property.

This is the digital equivalent of that but applied on a whole geographical area, basically a "digital bulk search warrant".

Because I doubt these warrants will surface to the judge how many people will be affected, in a very invasive way.

When you factor in much of our modern lives are saved on servers of Google or Apple, then this is actually a much worse invasion of privacy than just having a couple of unis take a quick look through your home physically.

This is the equivalent of them sitting down in front of your phone/computer and being able to spend hours upon hours on browsing through your private data.


They don't typically search those areas retroactively. And there is a qualitative and scary difference between a few cops walking around versus processing every single person that drives by on a major road for tens of hours.


...so? It would be like if the warrant was for the log book of who checked into a hotel during a certian timeframe.


Not really no. That would be clear. This would be like if the warrant was for everyone who checked into "the hotel or hotels within a polygon defined by these coordinates"


If the exact coordinates are provided as part of the request, how is that not clear?


Plus you are perfectly at liberty to lie or not sign the hotel logbook. If you pay cash you cannot easily be traced.


That sounds extremely clear.


It should be required to identify the size of the area affects. Primarily in the estimated number of people that will be scanned. But also in kilometer radius and duration of time.


It should simply not be allowed you mean.


This feels like a method of catching criminals that criminals will rapidly adapt to avoiding. "Don't carry the thing that broadcasts your location at all times while you're committing a home invasion" seems like a pretty obvious thing to avoid once a threat model is understood.

Regardless of the privacy issues, I don't anticipate this approach will stay useful in the long run.


Indeed. At least for professional criminals.

So this approach will just ensnare random innocents, who happened to be in the wrong place, at the wrong time.

Edit: Upon reflection, it's worse. Being aware of this approach, professional criminals could capture IMEIs in the target area for a while, write some SIMs, and carry some cloned phones during the operation. Then destroy all of those SIMs. So the police will target the people whose phones were cloned.


Or better yet, pick pocket someone else's phone at another location. Commit a small but likely-to-be-reported crime near that location. Then carry their phone (and not yours) while committing a much more serious crime. They'll be tagged at both locations.


That breaks down fast when the pickpocketing victim reports their phone stolen. Police have retrieved stolen phones via the pickpocketing victim running "find my phone" on their property when they realize it is gone.


In Germany the "Funkzellenabfrage" ("reverse location" request by cell) provided by the providers is used quite often. On the last Chaos Communication Congress there was a talk about this and the police uses it quite frequently.

The guesses were that on average every german phone is identified multiple times per year during this procedure. According to the Berlin statistics from 2017 there were nearly 450 requests resulting is 60 Million returned phones. Just compare that to Berlin's population...


of all places you would Germany is the country the most aware of the dangers of broad surveillance powers. Strange that police gets such a blank check...


It's always a constant struggle, just like Internet censorship [0]. Politics usually sell it with the "It's only used against terrorists and pedophiles!" angle, while police actually end up mostly using it in drug-related cases.

But it should also be noted that the US had its fair share of influence in eroding the actual application of privacy laws in Germany, by pressuring Germany to modify its G-10 law to appease the NSA [1].

People need to remember that the German BND (German intelligence agency), traces its roots straight back to the Gehlen Organization [2], which was established in alliance with the CIA after the end of WWII.

It's this old shared-history that allows the BND and NSA to work as closely as they do, to this day, bypassing privacy protections of the German Grundgesetz trough designed loopholes and secret agreements.

Case in point: According to German law it was completely legal for the NSA to listen in on Angela Merkel's phone calls [3].

[0] https://en.wikipedia.org/wiki/Zugangserschwerungsgesetz

[1] http://www.europarl.europa.eu/document/activities/cont/20140... (Page 3)

[2] https://en.wikipedia.org/wiki/Gehlen_Organization

[3] https://www.zeit.de/politik/deutschland/2013-10/nsa-uerberwa...


Does Germany not have judicial review of these kinds of police requests?


As far as I understand, every request has to be done with judicial approval, which is given every time since there's no mechanism to check for effectiveness after the fact and most judges have no clue how broad the request might be (and the police will certainly not dwell on that fact).


So the opposite of a blank check.


"Approved every time without knowing how big and having no review process." is exactly like a blank check.

You seem to be implying that needing to go get blank checks with no meaningful questions asked makes something not a blank check. But that's exactly how checks work. They're pieces of paper after all. This situation is more like blank checks than if they had 24/7 access to the entire database.


"Funkzellenabfrage" - That's a great word. Is there a word describing the ability of the German language to condense English phrases into a single word? :)


Bandwurmwort (https://de.wiktionary.org/wiki/Bandwurmwort)

"tapeworm word" in English.

Basically, they are compound words.


I think this would come under "agglutination"[1].

[1] https://en.wikipedia.org/wiki/Agglutination


One of my favorites was "Vorlesungsverzeichnis" (lecture directory/course catalog).

Vorlesung = lecture

- Lesung = a reading (like a book reading)/lesson

- add "Vor" ("before" as in "in front of [a group]") and it becomes Lecture

Verzeichnis = directory

- Zeichnis = symbol, signal, reference, sign

- add "Ver" (hard to really explain what it does) and it becomes directory, index, register, list


German is considered an inflective language, because it uses just one suffix for words, and that suffix has many-many variants to express the required grammatical meaning (singular/plural, modality, subject/object, dative/accusative, genitive, etc.)

Agglutinative languages just jam everything after the word in small morphemes. (And some, just to be sure, has a few variants of each of those, to match vowel kinds and such.)


The literal translation is just "radio cell query". But it's a very catchy word :D


> Bruley said detectives learned about the potential value of the practice and how to write the warrant applications at an August training seminar held by ZetX, an Arizona-based company that teaches police about cellphone investigations, and sells software called TRAX that generates legal documents and maps cellphone data to assist in analysis. The company holds trainings all across the country.

> Material from the U.S. Department of Justice was presented, said Bruley, including suggested language for use in these types of warrants.

I found this bit to be concerning as well. Create software that is more valuable with more warrants? "Train" officers on how to carefully write warrants to sneak them past overworked and less-technologically-sophisticated judges. Judicial deception as business development.


Do they also give it to you so that you can use it in defense?


If it gets brought up by them during trial then they need to submit it during discovery

IANAL TINLA etc


How often does someone carrying out a planned crime carry a phone with them that is switched on, these days? Use of mobile phone data by the police has been standard practice since 2001, at least, and widely publicised.


>How often does someone carrying out a planned crime carry a phone with them that is switched on, these days?

Almost all of the time.


Do you have a source for that?

I read somewhere how the police once solved a crime by analysing a cigarette butt left behind in a stolen car, but within a few years it was quite common for them to find that a stolen car had its ashtray filled with cigarette butts apparently taken from a public ashtray: even joyriders were clever enough to thus outwit forensics. So it would seem weird to me if armed robbers or professional burglars were carrying switched on phones, and most crimes are committed by people who commit multiple crimes, as I understand it, people who have plenty of experience of how the police and the courts operate.

In online discussions there are always people who claim that criminals are idiots, but I don't think that's accurate. I reckon that when it comes to crime, most criminals are in effect a lot more intelligent than I am with my elite university degree and so on. But in general, the older I get, the more aware I become of my own limitations and the less likely I am to dismiss anyone else as an idiot.


>In online discussions there are always people who claim that criminals are idiots, but I don't think that's accurate. I reckon that when it comes to crime, most criminals are in effect a lot more intelligent than I am with my elite university degree and so on.

Career criminals (mob, drug cartels, etc) yes.

But people who commit random premeditated crimes are more often than not (judging from trial) in "Fargo" movie territory, and most smaller criminals (e.g. gang members, methheads, etc) are dumber than cotton.


I've worked with a few small town USA type law enforcement agencies. No big city ones, so think towns around a few thousand people total, or a county with 15k people total. This won't reflect the majority of the US, but it does seem to reflect the majority of arrests in this location.

A lot of criminals (again, around here at least) are that stupid. The detectives have solved many cases just by searching for the suspects name on Facebook. Some examples were: seeing the stolen items right in their profile pic, drugs with the suspect standing there while holding a gun, a video of a friend recording someone breaking into a car, hell, they had to get CPS involved because a parent had a video of them hitting (it was hitting, not disciplining) their own child. All of that just on Facebook. The hardest they had to work to get those pictures was add them as a friend under a fake profile.

Now career criminals are a completely different beast. The law enforcement here (luckily) doesn't have many or any "advanced" criminals around here. There are definitely plenty of low hanging fruit here to keep law enforcement busy, and being in small town USA, once they know who you are, they KNOW who you are and who you hang out with.

The detectives always said that if most of these people left their phone at home, didn't take any pictures, and didn't tell their friends about what they did, that crime may not get much priority (or any) depending on what the crime was.

I don't have raw data to back that up, but it does happen here. I do agree with you about the career criminals though, but there are still A LOT of stupid people out there or maybe it's something in the water here.


Professionals, sure. Drug cartels use the information revealed in trials to adjust their tactics. But a lot of people are amateur criminals. Even professional criminals, like some CIA spies in recent years, get discovered because of their cell phone use (or habitual lack of cell phone use).


I'm sure plenty of criminals are idiots.


I think at some point people will go to jail because they turned off and on their phone before and after a horrible murder that happened nearby.


According to Zoz in his excellent DEFCON 22 talk "Don't Fuck It Up!"[1] on the difficulties of OPSEC, this type of correlation has been in use for years.

>[2] Matching entry / exit point – we know specifically they look for that, so don’t match the last use and first use of phones, overlap it.

[1] https://www.youtube.com/watch?v=J1q4Ir2J8P8

[2] http://privacy-pc.com/articles/dont-fuck-it-up-6-opsec-with-...


> How often does someone carrying out a planned crime carry a phone with them that is switched on, these days?

All the time.


So would this work the other way around? Leave your phone at home to prove you didn't go somewhere?


That's one piece of evidence of many a prosecutor and/or jury would take into consideration; just like the other way around.


I'm sure someone has tried to use their digital records as an alibi.


No, because people leave their phone at home all the time, but phones rarely go on trips without the owner.


So, send phone on trip to "prove" I wasn't somewhere else; put it in my kids backpack, fix it under my neighbours car.


So you put it in your kid's backpack and later the police will see that you spent your day in an elementary school. Does not seem like a very good alibi. The same is true for your neighbor, they will see that you spent your day in the parking lot of your neighbor's workplace, pretty suspicious.


So put in your wife’s purse and say you spent the day with your wife (maybe spousal privelege would be useful there)


Or hide it in a bar or at your workplace for a day


Why did the police ask Google, and not the cellular operators? They know who was where to the level of positioning detail this requires.


Cell providers have information on what cell sites a mobile user has connected to and rough triangulations of the devices position.

Google has the exact GPS coordinates sent by the device itself, WiFi networks around it, and other location data.


But that's only if the GPS and wifi are activated on the phone. On my phone it's rarely the case.


I'm sure if there is no data from Google they get it from the cell provides, or they _also_ get it from cell providers, but Google is definitely going to have much richer and detailed information on an individual -- if they have it turned on.

I bet in 7/10 cases they do.


I don't disagree, I just wanted to point that Google might not have all info on all Android phones.


Because google gets more detailed records than cellular operators.

https://qz.com/1183559/if-youre-using-an-android-phone-googl...


Because Google has all the data for every Android user and many iOS users vs having to send requests to up to 5 companies (ATT, Sprint, US Cellular, T-Mobile, and Verizon) and compile the data.


Of course, Palantir is behind this. Someone should really start putting checks on Silicon Valley executives, especially Peter Thiel.


In France that’s how the former president got busted, he used his burner phone from a sparsely populated area.


Which president got busted for what?


Nicolas Sarkozy, for peddling influence. He was under investigation for getting money from Gaddafi when the police discovered he had another phone and was peddling influence with his lawyer as accomplice. He was trying to get informations on yet another enquiry against him by promising a judge he would use his influence to find him a higher job.


In the future I think that the idea that the government doesn't know where everyone is at all times will seem hard to imagine. (This is an IS statement not an OUGHT statement)


Yeah, there's even already tech now to have drones constantly monitor cities: https://gizmodo.com/a-spy-plane-that-surveilled-an-entire-ci...

If you e.g. see a car speed off after a robbery, you'd just need to rewind to see where the car came from and who (or from which houses) it picked up before the robbery. I guess they'd just need to add cameras in underpasses for total surveillance.


I'm actually kind of surprised that we don't all have permanent connected heart rate monitors already, in order that an ambulance can be called automatically should something happen.


https://www.apple.com/apple-watch-series-4/health/

> With the new accelerometer and gyroscope, Apple Watch Series 4 can detect that you’ve fallen. When an incident like this occurs, a hard fall alert is delivered, and you can easily initiate a call to emergency services or dismiss the alert. If you’re unresponsive after 60 seconds, the emergency call will be placed automatically and a message with your location will be sent to your emergency contacts.


Carrying a phone can make you a suspect. Not carrying a phone can make you a suspect.

Conclusion: You are a suspect.

I can't stand our culture's constant fear of people.


Sadly it ain't even exclusive to the US [0]

[0] https://youtu.be/pdIA0jeW-24


Good to know Google could help find missing people (specially in disasters like missing planes and floods) but they just don't want to.


>But by that point, police had already developed suspects without Google's help, based on vehicle descriptions and a confidential informant, they said in court filings.

Even with a lack of probable cause and massive data surveillance, good old fashion police work is what mattered.


My concern with this sort of search is it could evolve to be used in a pretextual manner on small crimes.

"We have a reported flasher in this area, lets dump the cell phone record locations to find them. Oh looks, there are people with warrants that live in the area."


  "Most human beings can't interpret large strings of numbers
  and GPS coordinates without a map to illustrate them, and
  judges are no exception," said Nathan Freed Wessler, an
  attorney for the national American Civil Liberties Union.
One would hope though (clearly not, in this case) that a judge would be motivated to recognise when they were unable to interpret data like this that they were given, and request that it be provided in a clearer form that they could interpret.

If judges do not do that routinely then perhaps they should be required to do so


You would hope, but I bet it rarely happens. I've only been in a courtroom once and hope to never have to deal with that again. Its a real let down seeing how decisions are made so quickly.


this article convinced me to never use an Android phone nor Google maps ever again,


It should convince you to never use a cell phone again, because I guarantee you [1] - your cell provider will happily give all of this info, in response to a search warrant, signed off by a judge.

Hell, they don't even wait for a search warrant, they'll sell it to anyone who pays. [2]

You are carrying a tracking device that is constantly broadcasting your location to anyone that will listen, for Pete's sake. What, you expect that the recipients of your location will not turn it over, in response to a valid search warrant?

[1] https://www.zeit.de/digital/datenschutz/2011-03/data-protect...

[2] https://9to5mac.com/2019/02/07/wireless-carriers-selling-loc...


Because you think Apple (iOS, Maps) is not susceptible to warrants? Or is there some alternative which won't track you at all?


Apple doesn't track you by default (or when it does, it sends the data anonymously).

The Apps on ios might track you, and that's why I will not use Google maps again.

Your provider indeed tracks you, but at least for now, the accuracy is way below GPS. It is an issue and we should all be worried about slippery slope that it puts us all on.


>it sends the data anonymously

It shouldn't send anything at all if Apple was privacy minded. A warrant for all anonymous data from that location combined with a provider data from that cell and the user isn't anonymous anymore.


>It shouldn't send anything at all if Apple was privacy minded.

You can turn location services off at the device-level, which stops everything from collecting your location data.

You can disallow apps, individually, from having access to your location data, as well; but that requires granual settings that most people aren't aware of and/or can't be arsed to go check every time that they install an app.

If I recall, correctly, apps using the Facebook SDK will still retrieve and push the last known location (yay for pointers...) but that's a problem with the app (and Facebook) moreso than it is with Apple.

So, this was just a long-winded and pointless way to say, you can prevent the data from being sent but, agreed, Apple could do slightly better in this area; however, I think it's a trade-off betwixt absolutely strict-privacy (e.g.: explicit deny until approved) and usability for them.


Looking at the graph of reverse location searches over time (despite being an atrocious way to present the information) shows that there were a lot when it was first started and then quickly petered off. Is this an indication of its efficiency, pushback from Google, or denials from judges, I wonder?

Edit: Or they were just hot on it after the training and then their interest petered out.


Or they had a backlog of active cases where it was effective, and then it slowed to a steady-state of incoming cases.


>ordering Google to identify the locations of cellphones that had been near the crime scene in Eden Prairie

So, is the court pretending that Google isn't conducting a search that involves every cell phone Google has ever known about, or are they saying that's "Google's database" particularly describes the place to be searched?


So the police have a list of 1000 people who were near a crime scene. Next step is to narrow it down - racial profiling, who has a criminal record... Young people are statistically more likely to commit violent crime, that's probably taken into account.

It might be wise to turn off location if you belong to any minority group.


The interesting point would be if its repeat crime by the same person. Say that the same cell phone has been at several crime scenes during the crime period.

The combined data set/cluster of cell phones present at the time during crime scenes would be interesting for the police.


Or maybe casing places/people for something they want to do later. You know...pre-crime.


question: can an appeals judge later throw out the warrant, if the judge applied the law "incorrectly"?

This technique makes sense for cops. For a lot of killings there's a lit of potential suspects so this weeds out all but a few.


It doesnt weed out anyone. You dont have to have your phone with you during a crime.


sure, but not everyone plans it perfectly. Plus, some are crimes of opportunity


IANAL but I think the law says "if the judge says its okay, its okay."


>>"if the judge says its okay, its okay."

Sure but a superior judge can overrule the previous judge.


Next steps: Identify all cars near a crime scene.


Thanks to ALPR-laden vehicles constantly cruising around collecting this data for sleazy companies like Vigilant, this is probably already happening.

This will be made even easier as more car manufacturers start installing GPS, wifi and 4G as standard features so they can double dip by collecting data on the people who pay them tens or hundreds of thousands of dollars for a car.


This is already happening

We have a 2018 Nissan Rogue and Toyota RAV4 (as well as previously a 2015 RAV4). Every time you start the Rogue, it flashes a message saying that "Vehicle Data Transmission is ON" (or "OFF"), and that certain features (live traffic updates, etc.) may not work if data transmission is off. It is clearly stated that data is transmitted to "Nissan and its business partners."

And these days the trend is for devices to have non-owner-controllable software updates, so there's no guarantee that purchasing a car without this antifeature will keep you safe.

With the Rogue you at least can (apparently) make a choice on keeping your privacy or selling out in exchange for a better navigation system (still kind of sad that this needs to be done after spending >$30k on it...), but with the Toyotas there's no choice... they have some "HD Radio" technology (not related to audio quality) which is used for traffic and weather data, and there's no way to find out or control what it sends.


Is anyone surprised that your cellphone location is used in a criminal investigation? Silly people. Just a few years ago they caught a killer like this around here. They asked the cell phone providers for location data, pruned the group with what they knew about the killer and took a DNA test of the remainder of the suspects. Easy.


Note that most police in the US can locate any mobile number in real-time, usually within 100m, without a warrant.


Every time I see one of these I'm validated in my decision to switch to Apple.


Why did you have to make this about corporate cheerleading? Even though Apple shares location information per request as well (e.g. Find My Friends information is going through iCloud and will get shared with the authorities). Are you more validated if the shared data sent to police have a nice little Apple logo on top?


Reading the comments in this subthread made me paranoid enough to check my ios privacy settings. I've blocked access to any shifty apps like Google or Facebook, the only thing that marks any specific place is Significant Locations under System Services. And that has the following text:

"Significant Locations are encrypted and cannot be read by Apple."


This is a law requirement, and Apple complies and delivers the data too. No reason to bash Google over this particular thing.


Your mobile provider will be just as helpful with law enforcement. They've been selling your location data for a long time.


I'm surprised how you don't hear about this information being used in missing persons cases.


It doesn't bring clicks, outrage or Apple advertisers out of the woods, so it also doesn't get featured on HN.

But it's certanly used to track missing persons and kidnappings for a long while now.


It isn't all that useful. A friend has a business that helps LE on missing persons cases and while cell phone tower data can give at least an idea on where a phone was on last it does not say anything about whether that phone was still in the possession of the person that it belonged to and whether or not that is simply where it ran out of juice. It may give a vector for general direction of travel. So while it may be useful it is not a magical device, and more often than not leads to a lot of misdirected effort.


In Spain there was a case of a missing woman, and the authorities tracked phones which moved in the same direction of the victims one to get a reduced list. The attacker disposed of the phone from a bridge after 5 or 10 minutes, but even with that the police have already an small list of suspects and have an start point to investigate. Anyway, they have to wait and they didn't get to trap the attacker until a year later when he tried to attack other victim.


True, though they only get which cell towers you're connected to, not your actual GPS location.


In a densely-populated region this could peg you at within a city-block's radius.


Apple is the same. There are a lot of hidden regulations when you work on that scale.


btw, this is the same story even if you use a feature phone. Mobile operators are also sharing data and they have to keep all your data and activities for at least 6 months. Telecommunications is full of these regulations.


Yup. Both Apple and Google has to give user data to law enforcement when issued a search warrant.


"But while Apple's location data processing is anonymous, two hard-to-find settings— "Location History" and "Web and App Activity" — allow Google to keep track of everything their users search, and everywhere they go. It affects all Android users, and iPhone or iPad users with apps like Google Maps installed on their device."

iOS keeps as much location data local to the device as possible, and anonymizes the rest. In many cases there's nothing for them to give up.

Also, you could even use Google apps and just disable background location for those. Because unlike Android, iOS actually respects that choice.


What is "hidden" about this regulation? It was a search warrant approved by a judge. A concerningly broad search warrant, which is now being scrutinized.


If you read the article,

"Location services may collect and share data with companies like Google and Apple, who in turn may share it with law enforcement agencies. "


The article is pointing the finger at Google apps on iOS devices:

“But while Apple's location data processing is anonymous, two hard-to-find settings— "Location History" and "Web and App Activity" — allow Google to keep track of everything their users search, and everywhere they go. It affects all Android users, and iPhone or iPad users with apps like Google Maps installed on their device.


If you switch off GPS for Google Maps on your iPhone, you should be save. Did that and only use Google Maps now to sanity-check Apple Maps traffic conditions.


Safe from Google and Apple but not from cell tower triangulation.


Well yeah, you can be followed by a guy in a trenchcoat too, no matter what your phone's privacy settings are.


The difference between cell tower triangulation, and Google/Apple services tracking your location is small.

The difference between cell tower triangulation, and being followed by a guy in a trenchcoat is not.

In fact, there's a number of categorical differences between the first two, and the third.

1. The first two are automated. 2. The first two are recorded in a computer-searchable database. 3. The first two, by nature, are capable of scaling to encompass every cell-phone owner.

You're not going to get the 'set a spook to follow people' approach to accomplish any one of these.


And, more importantly, the first two can work after the fact. So you do not have to plan ahead of time that you want to trace someone, you can decide that you want to trace someone six months after the period of interest.


Fair points. I was trying to illustrate that there are plenty of ways other than phones which can track people, but as you say, the guy in the trenchcoat doesn't scale. Better examples would be ubiquitous cameras with facial or number plate recognition.


Personally I'm not a fan of Apple either (for non-privacy related reasons.) I'm planning to move my device (Pixel 2) to CopperheadOS to eliminate my concerns with Google services.


This will not protect you, cell phone operators will turn over cellphones connected to nearby towers with a warrant.


Not where I come from. Also, my main concern is a foreign company (Google) basically being a private intelligence agency and possessing information on my movements, interests and other things.


Every time I read such misguided comments praising Apple's surveillance devices vs. the competitors I lose a little bit more of what's left of my faith in humanity. Even the supposedly tech literate among us have completely lost sight of the fundamentals.


Apple's position is that Maps computes as much on-device as possible (reminders, etc), and everything else is produced using rotating randomly-generated identifiers that can't be tied to your Apple ID. What's your vision for a better system?


I am just curious, what makes you think you are well-informed?


> I am just curious, what makes you think you are well-informed?

I don't it's a claim to be well-informed or even better informed as compared to others. I dare say everyone in the HN is reasonably well informed on a variety of subjects. I think it is a critique of the limitations in reasoning. A person can be well informed and still succumb to flawed reasoning. No matter how well informed one is one can still have blind spots. E.g. an allegiance to a particular device or OS in the hope of being safe from surveillance.


This should surprise no one. I believe this has been known for a while now. This is one of the many reasons I have location services and GPS disabled on my Android and have all that tracking/history disabled in my Google account. GPS is only ever enabled precisely when I need it and only at those times (for navigation only).

I also disable my wifi as well for the same reason - Google is able to track your location based on that, and they absolutely do so. I've seen it documented elsewhere. Only if you really need wifi enabled should you use it.

Also, call me crazy but I'm pretty sure there is a legal requirement that mandates that warrants be very specific about who/what they apply to and what they expect to find in order to be justifiable.


I hate to be the bearer of bad news, but Android really appears to be a different beast:

https://qz.com/1131515/google-collects-android-users-locatio...


Interesting. But Google has something that allows all users to see what has been collected on them. All of my stuff is empty - no website history, no location history, no youtube history, etc. All of it is empty and always has been when I check periodically.

So then the question becomes...is Quartz wrong or is Google simply lying about what they have on me? And FWIW, I checked prior to the Quartz article being written so it would have been before any actions were taken by Google to modify its practices.


Law enforcement will just go to the carriers who have your rough location data regardless of your GPS settings. They probably aren't keeping detailed tracklogs like Google today but I'm sure some fat government contracts can fix that.


Yes, but that gives them tower connectivity only. Which is very, very general in terms of location unless you triangulate the location in real-time. And even then, you have to be connected to at least 3 towers at once for that to be accurate, which to my knowledge is not how phones operate. So they will only get the very rough location based on which tower you were connected to and when. In any modestly populated area that becomes effectively worthless in both practicality and the courtroom. In a city like NYC, that would literally result in a dragnet of tens of thousands for each of the major service providers. Even a bad attorney could get that thrown out immediately.


I wouldn't trust that GPS is actually off for the baseband processor when you set it off. This is key for the real time location tracking by phone number.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: