How Your Data Can Get You Convicted

0
12
How Your Data Can Get You Convicted

By Paige Hastings

With the rise of awareness in data privacy there has been increased trepidation surrounding what personal information companies access and how they use it.[1] While it may seem as though the public disfavors cell phone apps and technology companies tracking locations and capitalizing off user data, the issue may not be so clear cut.[2]

Sensors in phones correlate with data from GPS satellites to create detailed user location information.[3] This information enables the use of maps and other features, but companies can also access the data.[4] Companies engage with consumers based on information received from this data, such as by streamlining relevant advertisements.[5] The government can also request the user data for geofence warrants.[6]

A geofence is a virtual perimeter around a specific physical location.[7] Created with the mapping software in phones, a geofence can detect movement inside its boundary.[8] When the government serves a geofence warrant on a company like Google, it requests information on “all users who were within” the specified area at the specified time.[9] This allows the government if granted the warrant, to focus on a given location and find an unknown suspect, so long as that person had a phone.[10] Initially, the data received is anonymous, but after narrowing down which users the government believes are relevant to the investigation, it can compel identifying information, including the name and email address associated with the accounts.[11]

An example of a geofence used in practice occurred right here in Richmond, Virginia. In United States v. Chatrie, data received from a geofence warrant allowed the Government to find the defendant and ultimately hold him accountable.[12] Call Federal Credit Union was the site of a bank robbery in May of 2019, and law enforcement was having trouble locating the suspect.[13] Since security footage showed the suspect on his cell phone when he first entered the bank, law enforcement requested a geofence warrant.[14] The warrant granted by the Chesterfield Magistrate drew a geofence with a 150-meter radius surrounding the bank at the time of the robbery.[15] The data received included the information of nineteen users, the suspect, and eighteen bystanders.[16] Law enforcement then de-anonymized the device identifications of three users believed to be relevant to the investigation by requesting the information from Google.[17]  The specific information allowed the Government to track the locations of the three individuals and ultimately implicated Chatrie.[18] Chatrie was later indicted and found guilty.[19]

Geofence warrants and similar consumer data use raises serious concerns for privacy rights. As the Court in Chatrie noted, geofence data endangers the rights granted by the Fourth Amendment’s protection against unreasonable searches and seizures.[20] In Chatrie, the Court determined that the geofence warrant was invalid because it was overly broad and lacked probable cause to search all nineteen individuals found within the geofence.[21] However, the evidence the warrant discovered was allowed because of a good faith exception that protects warrants reasonably believed lawful by law enforcement.[22] Demonstrating that even wrongly employed account and location data can be accessed and utilized.

Notably, the Court did not rule out geofence warrants entirely, it just required them to be more particularized with respect to the users it “searches.”[23] Although this could make it more difficult for geofence warrants to be used in the future, they remain a legal tool. Even though the Court found the geofence warrant to be a violation of the defendant’s Fourth Amendment rights, they permitted the evidence and law enforcement’s overall intrusive activity.[24] Future implications of how the government may take advantage of user data remain unclear, but cases such as Chatrie should put consumers on notice that location and account information is available and can be accessed by the government.[25]

[1] See Nina Burleigh, Americans Demanded Freedom From Tracking during Covid, and Then Grabbed Their Phones, nbc news (July 2, 2021, 11:35am), https://www.nbcnews.com/think/opinion/americans-demanded-freedom-tracking-during-covid-then-grabbed-their-phones-ncna1273007.

[2]See also Nathan Wessler, The U.S. Government is Secretly Using Cell Phone Location Data to Track Us. We’re Suing., aclu: news & commentary (Dec. 2, 2020), https://www.aclu.org/news/immigrants-rights/the-u-s-government-is-secretly-using-cell-phone-location-data-to-track-us-were-suing.

[3] David Nield, All the Sensors in Your Smartphone, and How They Work, gizmodo

(June 29, 2020, 10:38 AM), https://gizmodo.com/all-the-sensors-in-your-smartphone-and

-how-they-work-1797121002.

[4] Privacy & Terms: How Google Uses Location Information, https://policies

.google.com/technologies/location-data?hl=en-US (last visited Oct. 3, 2022).

[5] Id.

[6] A. Reed McLeod, Geofence Warrants: Geolocating the Fourth Amendment, 30 William & Mary Bill of Rights J. 531, 532 (2021).

[7] Verizon connect: what is a geofence?, https://www.verizonconnect.com/glossary/what-is-a-geofence/ (last visited Oct. 3, 2022).

[8] Id.

[9] United States v. Chatrie, No. 3:18cr130, 2022 U.S. Dist. LEXIS 38227, at *22 (E.D. Va. Mar. 3, 2022).

[10] Id. at *60.

[11] Id. at *25-30.

[12] Id. at *22, *82-84.

[13] Id. at *31.

[14] Chatrie, 2022 U.S. Dist LEXIS 38227, at *30.

[15] Id. at *33.

[16] Id. at *37-41.

[17] Id.

[18] Id.

[19] Chatrie, 2022 U.S. Dist LEXIS 38227, at *82-84.

[20] U.S. Const. amend. IV.

[21] Chatrie, 2022 U.S. Dist LEXIS 38227, at *54.

[22] Id. at *72-83.

[23] Id. at *83.

[24] Id.

[25] See A. Reed McLeod supra note 6 at 564-65.

Image Source:https://www.filecloud.com/blog/2020/11/geo-fencing-in-data-governance-and-its-possible-uses/#.Yz8Aa3bMK38