Advertisement

Police like using Google data to solve crimes. Does that put your privacy at risk?

illustration of a geofence showing surveillance of an area on a map of L.A.
(Los Angeles Times illustration, photo by Getty Images)
Share via

After a man was shot dead outside a bank in Paramount in 2019, Los Angeles County sheriff’s detectives turned to Google for help identifying suspects.

Through a search warrant, detectives directed the tech giant to provide cellphone location data for people who were near places the man visited on the day he was killed. The data Google provided eventually led detectives to two suspects who are now in prison for the murder.

But law enforcement’s demand for Google location data using what’s known as “geofence warrants” also sparked concerns that the requests violated the suspects’ constitutional rights. This year, a California Court of Appeal upheld the murder conviction but ruled the warrant violated the 4th Amendment, which prohibits unreasonable searches and seizures, because it was too broad and could have potentially swept up thousands of people.

Advertisement

The case, People vs. Meza, highlights the central tension over the exploding use of geofence warrants: Law enforcement leaders see Google location data as essential for solving crimes, but civil rights groups fear such warrants will infringe on the privacy of innocent bystanders. The number of geofence warrants Google reports receiving from U.S. law enforcement increased from 982 in 2018 to 11,554 in 2020, the most recent data released show.

Concerns about the controversial law enforcement tool were heightened after the Supreme Court ended the constitutional right to abortion last year. As states banned or restricted abortions, civil rights groups feared that law enforcers could use Google data to figure out whether a woman planned to illegally end her pregnancy. Even though abortion remains legal in California, advocates worried that officials in states that prohibit abortion could use geofence warrants to track down people who come here for the procedure.

These privacy concerns caught the attention of Assemblymember Mia Bonta (D-Alameda), who introduced legislation to ban warrants that compel tech companies to reveal the identities of people who may have been at a certain place at a particular time or looked up keywords online. The original version of the bill would have banned all geofence warrants, but it was introduced as part of a package of bills that aim to bolster California as a sanctuary for abortion seekers.

Advertisement

Seventeen new bills aim to strengthen California’s position as a safe haven for abortion and other reproductive health care services.

“Quite frankly, it is a terrifying moment for us in terms of the amount of information that can be made accessible to a third party,” Bonta said in an interview.

The legislation, AB 793, garnered support from privacy advocates, reproductive rights groups, Google and the trade association TechNet. But strong pushback from law enforcement tanked the effort this year as lawmakers struggled to figure out how to craft a bill that would shield people seeking abortions while allowing police to use geofence warrants to investigate crimes.

“It became pretty apparent that there could be unintended consequences based on how that language was laid out,” said Bonta, who pledged to focus the bill on gender-affirming care and abortion access and try to pass it next year. “We wanted to make sure to get this absolutely right.”

Advertisement

The bill faces a high bar to pass because it could change a law passed by voters in 1982, which requires support from two-thirds of the state Legislature.

Opponents said the bill was too broad and would hinder the ability of law enforcement to investigate crimes.

Michelle Contois, a Ventura County prosecutor speaking on behalf of the California District Attorneys Assn., said law enforcement officials aren’t opposed to protecting patients who are coming to the state for abortions or gender-affirming care. But banning all geofence warrants, she said, is a “real overreach.”

“There are some crimes I think might not be solved at all,” she said. “When we are using these, it’s because we think this is the best way to get what we need in this case.”

Privacy advocates and abortion activists question whether the data requests are really necessary because geofence warrants could include information about people who aren’t potential suspects. The Electronic Frontier Foundation called on Google in 2021 to resist complying with these controversial warrants. Google says it collects data about a user’s location history for advertising and to improve the company’s services.

The debate in Sacramento forged an unusual alliance between tech giants and privacy advocates. In May, Google sent lawmakers a letter stating it supported AB 793. The company added that it would work with law enforcement to narrow the warrants if it is asked for too much data.

Advertisement

“Most law enforcement demands target one or more specific accounts. Geofence warrants, by contrast, request information about users who may have been in a particular place at a particular time. As such, these warrants raise heightened concerns about whether they impermissibly sweep in innocent users,” Rebecca Prozan, Google’s director of the West Coast Region for Government Affairs and Public Policy, wrote in the letter.

Last year, a coalition of tech giants that includes Google also supported a bill in New York that would bar the search of geolocation and keyword data, though it did not pass the Legislature.

A new report found that many of the apps tested had vague, boilerplate language about sharing data with law enforcement.

Data reported to the California Department of Justice show geofence warrants have been used this year in various criminal investigations, including a felony hit-and-run in San Diego and a homicide in Riverside. California authorities have also used geofence warrants to investigate a Mexican mafia killing and other crimes. The FBI turned to Google data to figure out who was inside the U.S. Capitol during the Jan. 6, 2021, insurrection.

Geofence warrants were also used to identify people protesting the police killings of George Floyd in Minnesota and Jacob Blake in Wisconsin. Sometimes, people swept up by them just happen to be at the wrong place at the wrong time. In one case, an innocent man in Florida became a burglary suspect after he rode his bike past a burglarized home in 2019.

District attorneys say that California’s laws are sufficient to protect people’s digital privacy. A geofence warrant typically involves three steps. In the first, Google gives law enforcement anonymized information based on the geographic area and time frame that’s provided in the warrant. Using the larger data set, law enforcement narrows down the devices authorities want to investigate before requesting that Google provide identification information such as phone numbers, emails and names, according to the bill’s analysis.

“It’s not just willy-nilly us asking Google and Google giving us everybody’s information,” said Contois, of the district attorneys association. “It’s not until we’ve gone through several steps, and convinced the judge at each step of probable cause, that we can maybe get identifying information and names.”

Advertisement

The California Police Chiefs Assn. didn’t respond to a request for comment. It was among numerous law enforcement agencies that opposed the bill, including the Los Angeles County Sheriff’s Department.

Hayley Tsukayama, senior legislative activist at the Electronic Frontier Foundation, which pushed for the bill, said AB 793 proposed banning all geofence warrants because there were concerns more targeted legislation would have loopholes that could still result in law enforcement identifying abortion seekers. Narrowing the bill, she said, is difficult for some of those reasons.

“I’m not saying that we can’t do it,” she said. “We just needed more time to do it than was left in this session.”

Advertisement