Police ask Google for location data to narrow suspect lists

Police in North Carolina have hit on a simple if potentially controversial way to firm up suspect lists – use location data from Google to work out which devices were being used near the scene of crimes.

According to WRAL, police in Raleigh used warrants in at least four recent investigations to make the search giant reveal the IDs of every device within certain map locations.

Based on one or a combination of GPS, Wi-Fi and cellular location data, police were first given a list of anonymised time-stamped identifiers corresponding to every device within the map coordinates they were interested in.

From an example warrant, this area of interest was as small as 150 metres from specific GPS coordinates, covering two narrow time ranges of around an hour each.

Once police could see the location of each device, a second pass then focused on specific IDs, asking for additional data on their movements outside the initial search area.

Finally, police asked Google to supply the names and addresses tying the devices they were interested in to their real owners.

Google, it seems, is a common denominator because even when a device is not running Android, it is still very likely to be using Google services, for example the Gmail or Maps apps.

Stopping Android from reporting location data is also not as easy as some assume with a report last year finding that even when location services were turned off, SIM chips removed, and all apps de-installed from a device, Google can still triangulate that device’s location from cell tower data.

Innovative it might be, but news of the police technique has sharply divided opinion. WRAL explains:

City and county officials say the practice is a natural evolution of criminal investigative techniques.

Which sounds reasonable given that the examples documented by WRAL related to serious crimes, including two murders, a sexual assault and a possible case of arson. It doesn’t appear this was being used lightly.

However, legal experts have major reservations:

They’re concerned about the potential to snag innocent users, many of whom might not know just how closely the company tracks their every move.

The problem is that while treating device location data as evidence sounds logical, the inferences that can be drawn from it are fraught with danger.

The obvious limitation is proving that a device’s registered owner was the one using it at the time and location police are interested in. There are numerous instances where that might not be the case, including theft or a deliberate attempt to implicate an innocent person.

It’s not that this data is not of legitimate interest, but how it might change the nature of police investigations should the technique become common practice.

It’s already standard for police to ask for text and phone call data for named suspects. This turns that on its head in an important way. WRAL quotes Raleigh defense attorney Steven Saad:

This is almost the opposite technique, where they get a search warrant in the hopes of finding somebody later to follow or investigate.

Put another way, if location data is requested while building a case based on a variety of evidence, that might be legitimate. The danger is that this data becomes the incriminating evidence from which the case is built.