Reverse warrants are the new tech-related toy law enforcement is experimenting with. Oddly, a lot of what’s come to light so far originates in the Midwest, an area not exactly known for early adoption. Outside of the NYPD and feds confirming they use warrants to seek a list of possible suspects (rather than targeting any specific suspect), most reporting has covered deployments by law enforcement agencies in Minnesota.
We can add Wisconsin to the list of areas where cops are working backwards to suspects by using the copious amount of GPS data hoovered up by Google and others. Russell Brandom of The Verge has more details:
[P]olice and federal agents have struggled to track down the bank robbers. Local media sent out pictures from the bank’s security cameras, but it produced no leads. Finally, police hit on a more aggressive strategy: ask Google to track down the bank robbers’ phones.
In November, agents served Google with a search warrant, asking for data that would identify any Google user who had been within 100 feet of the bank during a half-hour block of time around the robbery. They were looking for the two men who had gone into the bank, as well as the driver who dropped off and picked up the crew, and would potentially be caught up in the same dragnet. It was an aggressive technique, scooping up every Android phone in the area and trusting police to find the right suspects in the mess of resulting data. But the court found it entirely legal, and it was returned as executed shortly after.
The warrant [PDF] was requested by a federal agent. This doesn’t rule out the use of reverse warrants by local law enforcement, but this request originated at the federal level. The feds are involved in almost every bank robbery, so the appearance of federal officers here isn’t a surprise.
Nor is the use of the reverse dragnet. In this case, the submitted geofence was far more constrained than some we’ve seen in other cases. But considering how many people go into (or near) banks for completely innocent reasons, the GPS data/phone info of hundreds of non-bank robbers ended up in the hands of the feds. It’s up to investigators to sort through the data for possible suspects and they can make mistakes. The more data investigators get, the less likely it is they’ll find who they’re looking for and the more likely it is they’ll mistake innocent people in heavily-trafficked areas for criminals.
Right now, it’s just another tool for law enforcement to use. But it’s one that inverts the normal expectations of warrant procurement. Instead of targeting an individual or place, the warrants allow cops to search Google’s data stores for information about anyone who wandered into a targeted area during a certain time period. This shouldn’t be acceptable but there’s no record of any court rejecting these broad demands for data about thousands of people no one suspects of committing crimes. Until a court steps up to shut these down, their use will continue to escalate. The problems already seen in limited use will escalate right along with them. That’s bad news for cell phone users, which at this point is pretty much everybody.