Geofence warrants: What the US Supreme Court ruling means for privacy

0
13


While investigating a 2019 bank robbery, police in the US state of Virginia turned to Google location data in search of the suspect. Using a “geofence warrant”, they got the company to identify all the phones that had been near the bank around the time of the crime.

On Monday, the US Supreme Court held that obtaining this kind of sweeping location history data qualifies as a “search” under the Fourth Amendment, which means that it triggers constitutional principles against unreasonable searches and seizures. 

The court, in a 6-3 verdict, also ruled that people have a “reasonable expectation of privacy” when it comes to cell phone location. It said this data cannot be treated as ordinary business records simply because a technology company holds them.

How a geofence warrant works

Ordinary investigations begin with a suspect and then seek information about that person. A geofence warrant, however, works backwards. The search starts with a place and a time and works towards identifying who was there.

Investigators had witness accounts and CCTV footage of a suspect who had appeared to be on a phone. They obtained a warrant directing Google to search its location history database for every device within a 150-metre radius of the targeted location.

Google first provided anonymised data on all devices in the area during a 30-minute window. Investigators then sought more detailed movement information for a smaller set of devices over a two-hour period before finally obtaining names and contact details for a short list of users. Google eventually narrowed the list to three users. One of them was Okello Chatrie, who was eventually sentenced to 12 years in prison after pleading guilty.

Does India have anything similar?

While there is no statutory geofence warrant regime in India, there are production powers that are used to obtain records about an already identified person. 

Story continues below this ad

Section 94 of the Bharatiya Nagarik Suraksha Sanhita allows investigators to summon documents, including call detail records (CDR), from telecom operators who process these requests through designated nodal officers.

Section 63 of the Bharatiya Sakshya Adhiniyam governs whether electronic records are admissible in evidence before a court.

A CDR request starts from someone already under suspicion. But a geofence warrant starts from a location and searches the movements of everyone who happened to be there before narrowing in on a suspect.

In India, a request for all devices connected to a specific cell tower during a given window is referred to as a “tower dump”. Like a geofence warrant, it starts from a place rather than a person and can capture the records of a large number of uninvolved individuals.

What the US Supreme Court said

Story continues below this ad

The case turned on the Fourth Amendment to the US Constitution, which protects people against “unreasonable searches and seizures”.

Traditionally, US courts have held that a person loses privacy protection over information voluntarily shared with a third party such as a bank or a telephone company. This is the third-party doctrine. The government had said that Google’s location records should be treated the same way since users had let the company collect that information.  

The court disagreed. It relied on the 2018 case of Carpenter v United States, which held that historical cell site records need a warrant because they offer a detailed record of where a person has been.

In the case of Chatrie, Google’s location history service logs a device’s position around every two minutes and places it within about twenty metres and can estimate which floor of the building a phone is on, which is a more precise and more frequent record than the cell tower data at issue in the 2018 case.

Story continues below this ad

Quoting from the Carpenter case, the court said that such data provides “an intimate window into a person’s life” capable of revealing not just moments but the association behind them, like where someone worships, works or seeks medical care etc.

The court said that people do not intentionally choose to disclose this information the way they might choose to share information with a bank. Location data, it said, is generated as an unavoidable feature of ordinary phone use.

The government said that location history is an “optional add-on” a user must actively switch on, unlike simply carrying a phone. The court rejected that too. Justice Kagan, writing for the majority, said that an individual has “reasonable expectation of privacy in records about his cell phone’s location” even when a third-party company holds it.

Having found that obtaining the data amounted to a Fourth Amendment search, the court has sent the case back to a lower court to decide whether the warrant itself met the constitutional requirements.





Source link

ADVERTISEMENT

LEAVE A REPLY

Please enter your comment!
Please enter your name here