X

Lawmaker questions Google's CEO about geofence warrants

The warrants allow police to sweep up location data belonging to any people who were in a specific area.

Alfred Ng Senior Reporter / CNET News
Alfred Ng was a senior reporter for CNET News. He was raised in Brooklyn and previously worked on the New York Daily News's social media and breaking news teams.
Alfred Ng
3 min read
screen-shot-2020-07-29-at-1-58-42-pm.png

Google CEO Sundar Pichai faces questions on privacy at the Big Tech antitrust hearing on Wednesday.

House Judiciary Committee / Screenshot by CNET

Geofence warrants are facing legal challenges across the US, and on Wednesday, a member of Congress questioned Google about the increasingly-popular police surveillance method. 

At the Big Tech antitrust hearing in front of a House Judiciary subcommittee, Rep. Kelly Armstrong, a Republican from North Dakota, questioned Google's CEO Sundar Pichai about its compliance with geofence warrants. The hearing, focused on competition in the tech industry, was the first time the CEOs from tech giants Facebook, Google, Amazon and Apple had testified before Congress simultaneously. 

While the hearing is focused on antitrust, issues like security and privacy have also come up for the tech CEOs. Pichai faced questions about compliance with the European Union's General Data Protection Regulations and data privacy among its users. 

"Our utmost care is ensuring privacy and security of our users as we serve these markets," Pichai told lawmakers at the hearing. 

Watch this: Sundar Pichai: Google is committed to keeping your information safe

Following Pichai's statement, Armstrong raised the issue of geofence warrants -- once a relatively unknown search request from police that in recent years saw a surge in demands from law enforcement.   

Police have been increasingly sending geofence warrants to Google, with a 1,500 percent jump from 2017 to 2018, and a 500 percent increase from 2018 to 2019. In 2019, Google had received up to 180 geofence warrant requests a week. These warrants are being challenged as unconstitutional in Virginia and lawmakers in New York are looking to make the practice illegal.

Unlike a normal search warrant, geofence warrants don't need a specific person or probable cause to get data from Google. It's essentially a search in reverse, where police send a warrant to Google for a time and a place, demanding that the company provides information on all devices that were in that region during the specified time. 

These sweeping searches often mean that hundreds of thousands of innocent people are caught up in the data sent to police.

Read more: Geofence warrants: How police can use protesters' phones against them

Privacy advocates argue that it's the digital equivalent of a general warrant, and Armstrong agreed at Wednesday's hearing, stating that they violate the Fourth Amendment. 

"People would be terrified to know that law enforcement could grab general warrants and get everyone's information everywhere," Armstrong said. "It requires Congress to act, and it requires everybody that is a witness to be willing to work too, because it is the single most important issue." 

While Google isn't the only tech company that has location data of its users, it's frequently the subject of these geofence warrants because it has the largest scale with more than 2.5 billion Android users and more than 150 million people using Google Maps .

Apple, for instance, doesn't get many geofence warrants because it doesn't keep the same data logs as Google does for location. 

"This is why we issue transparency reports because we think it's an important area for Congress to have oversight," Pichai said. "We recently made a change by which we automatically delete the location activity after a certain period of time by default for our users."

Google's transparency reports don't specify how many of the law enforcement requests are geofence warrants. If you've been caught up in a geofence warrant, Google is supposed to notify you about the police request.

The geofence warrants grab location logs from Location History on Google Maps, which is turned off by default. Roughly one-third of Google users have that feature enabled, however. And while Google introduced a feature that would automatically delete Location History, it's only for new users and the default expiration date is after 18 months.

The shortest amount of time that Google could keep that data for before it's automatically deleted is three months.  

Google declined to comment beyond Pichai's remarks on Wednesday.