The problem is that they haven't realized there are actually two markets: one where the police can pay for customer data and another market where users can pay to have their data made inaccessible to police. Then it becomes a bidding war between LEO and the public. It's a great way to do price discovery on sensitive information which is presently subject to inefficient market solutions all while collecting a tidy profit on the side.
Thank you for the excellent segue as to why the police's monopoly on violence is a market failure that can be addressed by reinvisioning the gig economy.
In the links, I found a guide to disable the AD ID that this tech uses to track you, on Android.
I wonder what would happen if maybe an app or something allowed us to poison their data set. In theory, if my unique ID pinged in my home state and another state in the same hour, the data becomes a lot less useful.
The thing is criminals know this which means leave their phone powered off at home when doing anything remotley criminal or associating with others in the game. Where as with warrant tapping they could just avoid being on the cops' radar. Cops are using this to find bad guys not to investigate them. Which makes their job of catching career and methodical criminals harder but it does make it easier to catch most opportunistic and accidental criminals as well as many victimless crime suspects
Isn't it obvious why? Everybody uses cops as a punching bag but they are merely buying information that 3rd parties are willing to sell. The 3rd parties have deep pockets. How do you hold the data selling 3rd parties accountable? I'm not sure how. Nobody wants to give up their phones.
Local procurement ordinances. A city council can pass an ordinance that does not allow any part of the city's budget to be spent on data from data brokers or really any technology -- drones, facial recognition, whatever. This academic paper looks at efforts in Oakland, Seattle, and San Diego [1]
There are 3000 counties in America, how long do you think it takes to get things from city or county level up to state and federal level? These little local gestures aren't that effective overall. The problem is the commodification of your personal data.
> how long do you think it takes to get things from city or county level up to state and federal level?
As an observer, it took about 20 years to get MJ prohibition removed from town law and later adopted by State. Different issues have different incentives.
Why? Private citizens don't have the ability to put you in an interrogation room against your will, and aren't in the business of being professional investigators.
I get the argument that the best long-term solution would be regulating the data brokers. But if you want to do something right now that will actually restrict the police in your neighborhoods from using this as part of their jobs, this is a way to do that.
Police don't need warrants when given consent. Police can search your house without a warrant if you tell them that they can. Police can buy information from data brokers. Warrants compel compliance
If you swim in the "don't talk to police" ocean, you discover versions of the comic dialog (well, it isn't really funny) when the cops have you in the interrogation room "with your consent":
You: Am I under arrest?
Cops: We just want to ask you a few questions so you can help us out. You are not a suspect.
You: So I'm free to go?
Cops: We just want to clear up a few things. You are not under arrest.
You: So I'm free to go?
Cops: Before you go, we want to ask a couple things.
According to the article, Fog Reveal accounts are typically only offered to law enforcement organizations. The company apparently realizes the sensitivity of these data and doesn't just make it available to any random paying customer.
They are still voluntarily selling to police which is consenting. It's not your data, it's their data they collected about you.
Perhaps a good line to draw would be to ban resale of data? It's difficult to try to write a law around but at least we all agree it's a problem. It's a start.
It requires a legislative solution and increasing the issue’s visibility seems like a reasonable way to create negative public sentiment and apply pressure to legislatures.
Yes but every article points fingers at cops- the wrong target. The right target are the data brokers. How would you possibly tell cops they cannot use information that others can freely purchase?
I felt like it was using police to highlight the dangers of data brokers, rather than pointing the finger at police. Either way it seems like we agree that the problem here isn’t that the police are using a tool that aggregates 3rd-party data, but rather that the data is allowed to be aggregated and sold to begin with.
Great article and amazing work by EFF reconstructing the interface.
I’m reasonably familiar with how mobile ad networks function. Am I correct in assuming that current iOS devices wouldn’t be subject to this because Apple has restricted access to a cross app identifier? Or is Fog/Ventel relying just on Waze data?
Also, if you use pi-hole at home, wouldn’t that make the analysis much more difficult?
You'd think after a few cops got caught abusing these systems to spy or harass victims or former partners that they would be banned from doing anything without a warrant.
If police killing people hasn't triggered reform then it's hard to believe that abuse of a location database will do it.
Although if the victim was someone rich and powerful, then that might change. Still, the cops know to pick their battles to avoid angering someone that can fight back.
Unless they are paying for it with their own personal money, then I don't see how it couldn't be considered police powers if they are using it in an investigation.
