- Google collects location history on Android devices, and that data can be accessed by law enforcement agencies with the help of so-called “geofence warrants”.
- That’s what happened to an Android user who was at the wrong place at the wrong time, which was enough for police to consider him the prime suspect in a burglary in the neighborhood where he’s been biking for months.
- He was eventually cleared, but that involved having a lawyer contest the warrant in court and ensure the police were convinced he wasn’t the perpetrator.
- Visit BGR’s homepage for more stories.
Google collects a treasure trove of information about all Google services users to serve better ads. Many appreciate the trade-off. In return for personal data that can be monetized with online ads, they get excellent Google services that work more effectively the more Google learns about your life. Google Assistant is one such example. Maps is another service that’s directly dependent on Google’s ability to collect data.
But it turns out that Google’s oft-criticized data collection policies have an unexpected side effect: Location history data might just turn you into the prime suspect for a crime you didn’t commit.
Google can collect location data from Android phones even without you realizing it. In essence, it can do so even if you’re outside of Google Maps, something that may not be clear to users who might want Google to only track them for navigation purposes. And that’s what apparently happened to Zachary McCoy, a 30-year-old who happened to have biked near the house of a 97-year-old woman on the day she was burglarized.
The man received a note from Google’s legal investigations support team in mid-January that the local police had demanded information about his Google account, NBC reports.
What had happened was that local police used a geofence warrant to obtain information from Google about devices present around the location of the burglary. That was enough to single out McCoy, who happens to bike regularly by that house, as he lives in the same neighborhood.
McCoy used RunKeeper on his Android phone to track his bike rides, and the app used location data to keep track of him. The same data reached Google’s servers as well. On the day of the burglary, he had passed the victim’s house three times. He wasn’t “casing the joint,” he was just repeating the same loop.
“It was a nightmare scenario,” he told NBC. “I was using an app to see how many miles I rode my bike, and now it was putting me at the scene of the crime. And I was the lead suspect.”
McCoy had to hire an attorney to learn all of this, and his lawyer ultimately filed a motion to render the police warrant “null and void” and to block the release of any further details about McCoy to police. Google hadn’t turned over any identifying information to law enforcement at the time — the police used anonymized data to zero in on McCoy as a suspect.
The same location data that could have been used against him helped prove to the police that McCoy rode past that house for months, not just on the day of the burglary.
This type of geofence warrant may have not worked in this case, but the report notes there are cases where this type of technology can help law enforcement catch criminals. Privacy and civil liberties advocates may not like the practice, and there’s an argument to be made that location data alone might not be indicative of a crime. The bigger problem, in this case, is the fact that the user was seemingly unaware of how his location data was being used by Google, and that he ended up being a suspect for a crime he didn’t commit.
Google confirmed reports that said it tracks user location data even when the setting is off in 2018. Since then, Google has taken several steps to improve privacy on Android 10 devices, location tracking included. It also built better privacy protections inside of Google Maps. But what happened to McCoy proves that users still don’t understand or aren’t adequately informed about what happens to their data.