Linked by Thom Holwerda on Wed 1st Jun 2016 22:40 UTC
Google

It's not clear whether either of the public warrants were filled. No Google-based evidence was presented in Graham's trial, and the other suspect plead guilty before a full case could be presented. Still, there's no evidence of a legal challenge to either warrant. There's also reason to think the investigators' legal tactic would have been successful, since Google's policy is to comply with lawful warrants for location data. While the warrants are still rare, police appear to be catching on to the powerful new tactic, which allows them to collect a wealth of information on the movements and activities of Android users, available as soon as there's probable cause to search.

Odd that this is news to anyone - and especially odd that police are seemingly only now catching on to this. I, myself, find this a fun and useful feature - especially while travelling - and since you can turn it off completely, I personally have little trouble with it, and I have fully considered the pros and cons of using this feature. That being said - the average user won't know a lot about this feature and won't weigh the options, leaving them exposed to potential warrants.

I wonder if there's a way Google could ever set this up in a way that doesn't potentially expose the data to police, much like end-to-end encryption does for instant messaging, while the data still remains useful for targeted advertising (Google's bread and butter). Would it be possible to develop a system where only computers have access to the data for targeted advertising, without human intervention? Fully automated and closed?

If not, Google might want to reconsider this avenue of targeted advertising - which would mostly be for PR reasons, since carriers still have very comparable - if slightly lower-resolution - data.

Order by: Score:
GPS is not secure, vulnerable to forgery
by Alfman on Thu 2nd Jun 2016 00:27 UTC
Alfman
Member since:
2011-01-28

Knowing how police use this information, someone knowledgeable could use cheap off the shelf SDR equipment to alter his own location as well as incriminate someone else. In this case, google's data could make a great alibi!


Of course, an easier low tech solution would be to leave the phone with someone else.

Edited 2016-06-02 00:34 UTC

Reply Score: 5

Morgan Member since:
2005-06-29

A (Google created) augmented reality game that I play on my phone, Ingress, has recently seen a record number of banned accounts due to a new method of detecting location spoofing. Spoofing GPS data, an easy way to cheat in the game, is so trivial to pull off and the tools so numerous that it took some drastic measures by Niantic Labs (the company spun off from Google that runs the game in its current state) just to even differentiate spoofing from innocent device bugs/quirks. Even with that, they've had a ton of false positives, and the hardcore spoofers have already gotten the upper hand again.

In short, it's a futile effort to unequivocally prove that GPS location data is accurate, complete, and valid, and in my personal opinion it should never be used as evidence in any criminal case. It's no different than polygraph results, which are inadmissible in criminal cases in the United States because they are not proven to work, and are easily spoofed as well.

Reply Score: 3

FlyingJester Member since:
2016-05-11

I would hope that GPS and Wifi data will at some point be no more damning than having pictures of something incrimination.

Reply Score: 3

Alfman Member since:
2011-01-28

Morgan,

That's interesting, I hadn't heard about it. Shadow Cities looks like it would have been neat as well.
https://en.wikipedia.org/wiki/Ingress_%28video_game%29

But yeah, depending on physical GPS coordinates seems like a weakness of the game.

Reply Score: 2

Obfuscation
by Alfman on Thu 2nd Jun 2016 01:53 UTC
Alfman
Member since:
2011-01-28

Thom Holwerda,

I wonder if there's a way Google could ever set this up in a way that doesn't potentially expose the data to police, much like end-to-end encryption does for instant messaging, while the data still remains useful for targeted advertising (Google's bread and butter).


Be careful, while many services will claim to be secure against interception, not all of them are. For example the design of apple i-message's end-to-end crypto was perfectly compatible with wiretapping. This would have been obvious to the engineers working on it, but somehow PR didn't get the message or didn't care they were making false claims. It's still being criticized by the security community:

http://www.tomshardware.com/news/apple-imessage-crypto-fundamentall...


Anyways, back on topic. The data points police are requesting is information that google wants too. Their engineers could obviously do much more to protect user privacy; leaving the data in the user's control (on our own devices or encrypted without a key on google's servers) would be a good way to assure user privacy. But deep down, google opposes privacy and it would be hypocritical to pretend otherwise. It's not just google though, I predict everything google does is going to become the norm as the tech industry and advertisers continue sharing more and more beds. The last bastion for privacy may be open source platforms that the community builds itself.

Reply Score: 3

perfect alibi
by unclefester on Thu 2nd Jun 2016 07:41 UTC
unclefester
Member since:
2007-01-13

Conversely if he left his phone at home streaming a movie he would have had a perfect alibi.

Reply Score: 5

Not "fixable"
by kcorey on Thu 2nd Jun 2016 12:35 UTC
kcorey
Member since:
2007-11-06

There's no way this could be fixed to work as messaging apps.

In whatsapp comms can be encrypted between me and another person, as we implicitly or explicitly connect using a key that Apple/Google don't know anything about.

In Google's case, the data goes from your phone to Google, where it's unpacked. They have a key, as they sell that information to advertisers.

It's no argument at all that Google doesn't want to give that info to the government. Advertisers can get that information. Why can't the govoernment demand it?

Carried to extremes, the police could simply advertise, and get the same information. With Pay Per Click, I can't imagine it wouldn't cost them much, as who would click?

I agree that GPS data should not be admissible in court, as it's unreliable. My phone could be stolen, and taken to a bad part of town. My phone could get lost. It could run out of battery. It could be spoofed. It could have no signal, so the last reported position is unreliable. etc, etc, etc.

The problem to my mind is basing judgements on blind trust in tech. I love tech. Use it all the time. Don't trust it farther than I could throw it. I still have a map, even though I've got GPS.

-Ken

Reply Score: 3

RE: Not "fixable"
by Thom_Holwerda on Thu 2nd Jun 2016 13:03 UTC in reply to "Not "fixable""
Thom_Holwerda Member since:
2005-06-29

Advertisers can get that information.


Advertisers cannot get that information. This information is Google's biggest secret, and sharing it with anyone but themselves would undermine their entire business model. This data is probably better protected and secured than Apple's most precious source code.

It's a common misunderstanding - fueled by PR from other companies - that Google sells your data. It does not. It sells targeted advertising based on your data - or, better put, Google buys advertisements from others and shows them to the right people based on user data.

At no point do third parties other than Google ever get to see your data (save for this case, of course, wherein warrants possibly expose that data to law enforcement).

Reply Score: 4

RE[2]: Not "fixable"
by Alfman on Thu 2nd Jun 2016 14:26 UTC in reply to "RE: Not "fixable""
Alfman Member since:
2011-01-28

Thom Holwerda,

Advertisers cannot get that information. This information is Google's biggest secret, and sharing it with anyone but themselves would undermine their entire business model.


Agreed. Google scans user emails/youtube views/web searches/GA tracking beacons/location data/etc to maximize ad revenue for google, but this does not mean google is selling the data outright.

This data is probably better protected and secured than Apple's most precious source code.


You know, the financial incentives would lead you to think that, but the NSA leaks revealed a lot of google incompetence regarding security of user data, at least at the time. I don't know if google is an exception to this, but most companies I have experience with only jump on security when they are facing public scrutiny.


At no point do third parties other than Google ever get to see your data (save for this case, of course, wherein warrants possibly expose that data to law enforcement).


I agree this is what google intends, in the "business as usual" sense. But in the absolute sense, there probably are exceptions. Google is so big that it's statistically probable that some insiders are conducting espionage for government or corporate outsiders. And sometimes the hackers make it in.

http://www.nydailynews.com/news/world/security-experts-china-hacked...


Ironically, one breach even captured google's records of US government surveillance targets.
https://www.washingtonpost.com/world/national-security/chinese-hacke...

Edited 2016-06-02 14:27 UTC

Reply Score: 2

RE[3]: Not "fixable"
by dionicio on Thu 2nd Jun 2016 15:32 UTC in reply to "RE[2]: Not "fixable""
dionicio Member since:
2006-07-12

Alf, as I understood the journals from those days, They got access to the 'grain silos' [beyond official agreements] but not to the 'distillate tanks' which are indeed the more valuable.

Not expecting Governments to incur on expensive works already done by Civil Society.

Quite clear to those who followed the news that -Corporate side- the sin was a financial one.

Reply Score: 3

RE[2]: Not "fixable"
by dionicio on Thu 2nd Jun 2016 14:44 UTC in reply to "RE: Not "fixable""
dionicio Member since:
2006-07-12

Some years now is an arms race, Thom. And FBI had not come into the IT fray if not asking for a little civility, a d├ętente. Not their field, and it shows.

Detonator here was the acknowledging that substantive areas of Law Frame within the IT field has been misunderstood [and at some issues plain dismissed].

Of late I leave Military and Intelligence out of my ramblings because they're by philosophy trained to embrace the World as it comes -undone-.

If society doesn't go forward and present civilized accords and clever solutions then They will take the necessary measures. And THAT is what doesn't sound very nice.

Reply Score: 2

RE[2]: Not "fixable"
by dionicio on Thu 2nd Jun 2016 15:00 UTC in reply to "RE: Not "fixable""
dionicio Member since:
2006-07-12

Those 'gooses' are enormous power, Thom. So big, that those Corporations know a lot more than Governments and Parties, of a lot of countries.

This is Big Leagues, Thom!

We Individuals here are just 'barking' for the crumbs, and for a little of decency. Eyes wide open, looking upwards.

Reply Score: 2

Comment by drcouzelis
by drcouzelis on Thu 2nd Jun 2016 14:27 UTC
drcouzelis
Member since:
2010-01-11

For those, like me, who didn't know what the article was referring to, it looks like it's called "Google Location History".

http://www.howtogeek.com/195647/googles-location-history-is-still-r...

Reply Score: 4

Comment by dionicio
by dionicio on Thu 2nd Jun 2016 15:51 UTC
dionicio
Member since:
2006-07-12

"and since you can turn it off completely"
?
Have you desoldered the chip?

Lately have come to grips with so many arguments AT IT SITES saying things about UI as equivalent of actual, physical behavior.

Reply Score: 4

Comment by Phloptical
by Phloptical on Thu 2nd Jun 2016 19:03 UTC
Phloptical
Member since:
2006-10-10

Well......at least they are going through the courts to get information. The real worry comes when they lump in the request for location data into the BS patriot act.

Reply Score: 3