U.S. Fifth Circuit Rules Geofence Warrants Are Unconstituional
- August 15, 2024
- Clayton Rice, K.C.
Geofence warrants have been held to be unconstitutional in a recent opinion delivered by the United States Court of Appeals for the Fifth Circuit sparking praise for its critique of digital dragnets and concerns about the broader implications whether any digital warrants for online contents are constitutional. Google is the primary recipient of geofence warrants because of its Location History database and the quintessential problem is that geofence warrants never particularize a specific user to be identified and only identify a temporal and geographic location where any given user may turn up post search.
1. Introduction
On August 9, 2024, the Fifth Circuit, in New Orleans, Lousiana (here) released the opinion in U.S. v. Smith holding that geofence warrants present the exact sort of “general, exploratory rummaging” that the Fourth Amendment was designed to prevent and are “categorically prohibited”. (here) The opinion “part[ed] ways” with the Fourth Circuit, in Richmond, Virginia (here) in U.S. v. Chatrie creating a conflict in the jurisprudence that appears destined for the Supreme Court of the United States. (here) The ruling presents an opportunity to consider how geofence warrants function that I discussed in a previous post to On The Wire. (here)
2. Background
On February 5, 2018, three assailants robbed Sylvester Cobbs, a Contract Route Driver with the United States Postal Service. They made off with the mail bags containing $60,706. Three days later a postal inspector viewed a video of the robbery taken by a camera located at a farm office across the street. The video captured a suspect with his “hand up to his ear and elbow[] out” and “looking at something in his hand” which appeared indicative of cell phone use. But, nine months after the robbery, the suspects were still not identified. On November 8, 2018, investigators applied for a geofence warrant seeking information from Google to locate potential suspects and witnesses. The data grounded charges of robbery and conspiracy to commit robbery. The U.S. District Court for the Northern District of Mississippi dismissed the defendants motion to suppress based on the good faith exception. The Fifth Circuit affirmed.
Google received its first geofence warrant request in 2016. In 2019, Google received about 180 requests a week totaling about 9,000 annually. By 2020, that number rose to 11,500. Moreover, the use of geofence warrants has not been limited to the investigation of violent crime. Law enforcement in the United States has obtained these warrants for investigations involving stolen pickup trucks and smashed car windows. Unlike a warrant authorizing surveillance of a known suspect, geofencing is a technique used by the police when the location of a crime is known but the identity of the suspect is not. Geofence warrants effectively “work in reverse” from traditional search warrants. Law enforcement simply specifies a location and time period, and companies (predominately Google) conduct sweeping searches of their location databases and produce a list of cell phones and affiliated users at or near a specific area during a given time frame.
3. What is Location History?
Google is the primary recipient of geofence warrants mainly due to its extensive Location History database called Sensorvault that I discussed in a previous post to On The Wire. (here) Here are some key extracts from Smith where the court summarized how Google’s Location History functions with the observation that “manually deactivating all [Location History] sharing remains difficult and discouraged.”
- Once a person enables Location History, Google begins to “log[] [the] device’s location [into the Sensorvault], on average, every two minutes” by “track[ing] [the] user’s location across every app and every device associated with the user’s account.” (pp. 7-8)
- Moreover, not only is the volume of data comprehensive, so is the quality. “Location History appears to be the most sweeping, granular, and comprehensive tool – to a significant degree – when it comes to collecting and storing location data.” […] The data is “considerably more precise than other kinds of location data, including cell-site location information because [Location History] is determined based on multiple inputs, including GPS signals, signals from nearby Wi-Fi networks, Bluetooth beacons, and cell towers.” […] Google refers collectively to this data, regardless of its source, as “Location History.” (p. 8)
- Location History data allows Google to “potentially locate an individual within about sixty feet or less,” and in certain circumstances, down to three meters. In fact, Location History data can “even discern elevation, locating the specific floor in a building where a person might be.”
- However, Location History cannot estimate a device’s location with absolute precision. Instead, when Google reports a device’s location, it includes both the source from which the specific datapoint was derived, and a “confidence interval” indicating Google’s confidence in that estimated location. The smaller the radius, the more confident Google is in that phone’s exact location. (pp. 8-9)
When law enforcement first started requesting geofence warrants, they would simply ask Google to identify all users who were in a geographic area during a given time frame. However, Google balked at the overbreadth of the requests believing the early warrants were a “potential threat to user privacy.” (See: Chatrie, p. 324) Google therefore developed the following internal three step procedure on how it responds to geofence warrants.
First, law enforcement provides Google with the geographical and temporal parameters around the time and place where the alleged crime occurred. Google then searches Sensorvault for all users who had Location History enabled during that time frame. Google determines which accounts were within the geographic parameters of the warrant and lists each if those accounts with an anonymized device ID. Second, law enforcement contextualizes and narrows the data. It reviews the anonymized list and determines which IDs are relevant. Google typically requires law enforcement to narrow the number of users requested “so that the Government cannot […] simply seek geographically unrestricted data for all users within the geofence.” Third, law enforcement compels Google to provide account-identifying information for the users that they determine are “relevant to the investigation.” (pp. 10-11)
4. The Fifth Circuit on Rummaging
The Fourth Amendment was “the American founding generation’s response to the reviled ‘general warrants’ and ‘writs of assistance’ of the colonial era which allowed British officers to rummage through homes in an unrestrained search for evidence of criminal activity.” The Fifth Circuit thus began its analysis with the observation that general warrants are “plainly unconstitutional” and it was needless to review the history of the use of general warrants as “instruments of oppression from the time of the Tudors, through the Star Chamber, the Long Parliament, the Restoration, and beyond.” A geofence warrant functions in much the same way. It is a warrant to rummage.
When law enforcement submits a geofence warrant under the first step of Google’s internal procedure, the company is forced to search through its entire database to provide a new dataset that is derived from its entire Sensorvault. Law enforcement cannot obtain the location data unless Google searches through the entirety of Sensorvault – all 592 million individual accounts – for all of their locations at a given point in time. That search occurs while law enforcement officers have no idea who they are looking for, or whether the search will even turn up a result. The quintessential problem with geofence warrants is that they never include a specific user to be identified, only a temporal and geographic location where any given user may turn up post-search. Geofence warrants are “[e]mblematic of general warrants” and “uncomfortably akin to the sort of ‘reviled’ general warrants used by English authorities that the Framers intended the Fourth Amendment to forbid.” As the Fifth Circuit stated “[t]hat is constitutionally insufficient.”
5. Conclusion
In a post to the Electronic Frontier Foundation’s blog titled Federal Appeals Court Finds Geofence Warrants Are “Categorically” Unconstitutional dated August 12, 2024, Andrew Crocker praised the ruling for recognizing the “fundamental invasions of privacy created by these warrants” and upholding the constitutional prohibition of “general searches.” (here) And in a post to TechCrunch titled US appeals Court rules geofence warrants are unconstitutional dated August 13, 2024, Zack Whittaker commented that critics “have long argued that geofence warrants are unconstitutional because they can be overbroad and include information on entirely innocent people.” (here) But in a post to The Volokh Conspiracy titled The Fifth Circuit Shuts Down Geofence Warrants – And Maybe a Lot More dated August 13, 2024, Professor Orin Kerr of the University of California, Berkeley School of Law, argued that Smith is wrongly decided and raises questions of whether any digital warrants for online contents are constitutional. (here) “Just create a data source big enough – how big, we don’t know, but big – and then it can’t be searched, even with a warrant,” he said.