Here is the Court ruling (pdf)
In a major decision, the federal Fifth Circuit Court of Appeals held that geofence warrants are “categorically prohibited by the Fourth Amendment.”
The court found that geofence warrants constitute the sort of “general, exploratory rummaging” that the drafters of the Fourth Amendment intended to outlaw.
“The Electronc Frontier Foundation (EFF) applauds this decision because it is essential that every person feels like they can simply take their cell phone out into the world without the fear that they might end up a criminal suspect because their location data was swept up in open-ended digital dragnet,” the EFF says.
The new Fifth Circuit case, United States v. Smith, involved an armed robbery and assault of a US Postal Service worker at a post office in Mississippi in 2018. After several months of investigation, police had no identifiable suspects, so they obtained a geofence warrant covering a large geographic area around the post office for the hour surrounding the crime. Google responded to the warrant with information on several devices, ultimately leading police to the two defendants.
Aside from ensuring you don’t accidentally photograph someone and make legal trouble for them, these warrants are why you don’t bring your phones to a protest.
Yet buying, harvesting, and selling geofence data is perfectly fine.
I understand that companies have to submit to these rulings, but do they have to do it quietly? It’s mostly a rhetorical question. They could keep a tally of every instance the government made they do something they disapproved of and make it public. Not profitable at all unfortunately.
I’m under the impression that these sort of third-party warrants are often accompanied by a gag order. Which is why warrant canaries are a thing.
What about not collecting the data in the first place?
Not really an option, when the data is being used for billing purposes (which phone, used what services, and when).
The US has no laws forcing data retention like the EU, but it would take something like anonymous micro transactions in order to have a working billing system, without collecting the data (and it being available to law enforcement).
That data comes from Google. They aren’t billing android users. They’re just hoarding data for no good reason.
Police isn’t going after Apple for this kind of data, probably because Apple isn’t collecting it.
Even mobile telecom company probably don’t need to collect that data. They need to process the location/cell location when a call happens to process it, and to increase a counter for local vs roaming call duration for billing purpose. As soon as the call ends the location information can be discarded.
There ya go. 👍