Published Sep 14, 2020 by Xiph
People are completely unaware that there’s a cop in their pocket
Identifying and catching a criminal follows a firmly established, basic procedure. You gather evidence in the hope that it points you towards a suspect and then prove to the court that a search or arrest warrant is, well, warranted. Around the world, both domestic and international law enforcement and prosecutors have been attempting to turn that procedure on its head with a practice that only sounds relatively unassuming. In the USA, they call it ‘geofencing’.
No, we’re not talking about the world’s largest fence
In the world of law and order, geofencing means identifying and/or gaining access to the details of smartphone users who were anywhere near crime scenes when criminal acts were committed. Instead of following the evidence, settling on a list of suspects and securing warrants, a ‘geofence request’ does the opposite; asking for access to all devices used in the vicinity (or geofence) at the time of the crime in the hope that after a bit of random swiping, probable cause will magically appear on someone’s screen.
In other words, you could have been reading your book in the park while a house in a nearby street was burgled and if a geofence request is accepted, every message, every email, every anything from inside your mobile phone is now available for close scrutiny. And it’s been happening for a while now.
When it goes ‘right’…
In May 2019, after a successful bank robbery in Virginia, USA, authorities scanned surveillance footage and noticed that the suspect was holding a mobile phone before entering the bank. Police then secured a geofence request and a search warrant to Google in return for location information on anyone with a mobile device in the vicinity at the time. A list of 19 anonymised individuals came back, which police then whittled down to 9. Further access to data on the phones of the 9 left police with three unique users, now primary suspects. A month later, one of the three was proven to have committed the crime.
When it goes wrong, it goes very, very wrong
Over in Arizona, USA, a 23-year-old smartphone user named Jorge Molina was cuffed and incarcerated after police determined that “one hundred percent, without a doubt”, he had had just killed a man. What fuelled the police’s unwavering belief? Google, at the behest of a geoforce warrant, revealed that Jorge’s phone was at the scene of the crime. Justice is served, right?
Wrong and then some. To the wider world, for 6 whole days, Molina was considered a cold-blooded murderer, when in reality, he was only guilty of lending an old phone to a friend who was revealed to be the actual killer. That phone was still signed into Jorge’s Google account.
Respect the means just as much as the ends
Civil rights groups are up in arms over such practices becoming commonplace and who can blame them. Geofencing allows a cop or prosecutor to scour devices belonging to innocent individuals. It’s one of the most blatantly unnecessary invasions of privacy that US law allows.
The good news is, many in positions of power agree. In Illinois, three recent geofence requests were rejected by Chicago judges, believing that rummaging through the private data of innocent bystanders is no way to catch a thief. One of these judges, Gabriel Fuentes, perhaps put it best “…even if investigators have every reason to believe that something will turn up, a federal court should not permit the intrusion.”
Let’s get them before they get us
While yes, a trio of Chicago judges did the right thing. And yes, two New York legislative members have introduced legislation to stop invading the privacy of a person’s smartphone based on location – but these are rare instances. This practice, while arguably potentially effective, paints a larger picture of mass surveillance gone mad. While Australian’s are yet to suffer such unnecessary scrutiny, over a third of our population has already signed up for a kind of geofencing, albeit the more noble kind – COVIDsafe.
Yes, for the moment, the only kind of legal location-based surveillance that uses our own phones as trackers is COVIDsafe. That said, with the way the world is going and considering our government’s attitudes towards digital freedom, it won’t be long before our phones grow legs, order our hands behind our back, cuff us and read us our rights.
Unless we stand up for our right to privacy and ensure it doesn’t suffer any more damage, things are going to become more invasive. We need to turn to alternative tech that protects our privacy. Our devices and data are ours devices and that’s the bottom line.
Posted in: Security