I do not understand why we accept such low standards from our governments.
A warrant should be required. A warrant should be a cryptosecure signed file from the judge(s). The search tool should validate the signatures. The parameters in question should also be signed across and be the only allowed inputs.
Also there should be accountability for the reasonable expectation aspect of warrants. A realistic threshold should be enforced... If an officer or judge starts to dip below the threshold they should be seen as incompetent.
> A warrant should be required. A warrant should be a cryptosecure signed file from the judge(s). The search tool should validate the signatures. The parameters in question should also be signed across and be the only allowed inputs.
The issues run deeper. Court orders are widely rubberstamped. Circumventing legal processes like this creates a verneer of judicial review that's meaningless, because "judicial review" should not mean "a judge's eyes have scanned the warrant for the signature line he needs to sign on".
As a cherry on top, things like the fruit of the poisonous tree doctrine are pretty unique to the US - most countries don't have something like it, or only forbid using evidence if the manner in which it was gathered was too egregiously illegal, but otherwise it doesn't matter if prosecutors obtained evidence legally or not. It doesn't take a genius to see how that's not exactly conducive for the LE system to stay in their legal lane.
>The issues run deeper. Court orders are widely rubberstamped.
I wrote the following to try and address that. I agree it's a big problem.
> Also there should be accountability for the reasonable expectation aspect of warrants. A realistic threshold should be enforced... If an officer or judge starts to dip below the threshold they should be seen as incompetent.
I wonder what would change in the criminal legal system if all warrant applications must be counter-argued by a public-defender-like-role. I suspect the "defender" would just end being an always-ignored voice in the room, at least based on my understanding of post-patriot-act America.
That implies that the police overthrew the government. The police are the government, and the government has not been on the side of the people for many years.
Warrants are still required to compel data from companies like cell phone companies. This is different. This is a company expressly setup to sell data they gather to the police. No compulsion is required, they're voluntarily doing it, and the users are "voluntarily" giving that data away, via sketchy apps that only disclose the location data giveaway buried in a ToS.
But they should require a warrant to get data on me... We need to normalize that entering my data is like entering my home. You require a warrant to inspect things that are default private.
> I do not understand why we accept such low standards from our governments.
Do you even? Who would you vote for for that not to happen? As far as I can tell, virtually 100% of both parties everywhere in the country support all of this.
Well they certainly tried. After a few months of politicians giving lip service to their cause, followed by about 6-12 months of the cops mercilessly beating the shit out of them without consequence, protesting in the streets about policing started to look a lot less interesting and effective.
1. The line between "protest" and "riot" is fuzzy and arbitrary at best, and that's without considering that police violence against a protest will almost universally turn it into a riot because humans are humans.
2. Are you seriously trying to say that racial issues have nothing to do with excessive police surveillance?
I think theft, property damage, violence upon innocent bystanders all clearly count as rioting.
The fuzzy part is more like what proportion of the people are rioting and how many are protesting and how to separate the former from the latter for the sake of justice.
"Defund the police" had nothing to do with police overreach. Interesting. Perhaps the problem is that so many are convinced that it's "just" a racial issue, not a general police issue.
To be a bit more quantitative, I think the sheer volume of property damage coincident to these protests should disabuse anyone of the notion that they were mostly peaceful.
Guess the amount of attributable property damage, and then click [1].
66.8% in the last USA presidential election. But even so, that still isn't enough. People would be amazed how much a difference it would make if everyone voted.
I'm going to propose something crazy. Government shouldn't be allowed to do whatever isn't illegal. Government should not be allowed to do anything unless specifically authorized by law. With respect to electronic surveillance, the methods need to be clearly circumscribed. Anything outside of specific, written guidelines enacted into law should be illegal.
That's true for the Federal government (although even that has loopholes you could drive a truck through, like exceptions for national security) but not for states. States have general police power and generally can regulate anything unless there it is forbidden.
Exactly. For instance, we were all warned that the "temporary" measures taken by governments to enforce quarantines and travel restrictions during COVID were just a pretext for a permanent state of pharmaco-military-industrial fascism precisely because governments never willingly give up power, and to this day I'm not allowed to leave my apartment without government permission or else snipers will shoot me dead in the street, and not having my vaccine passport on me at all times means an instant lifetime vacation in the CDC gulags.
Oh wait, no... that never actually happened because governments actually willingly give up power all the time.
I don't personally remember the government "willingly" giving up anything. They had to be dragged kicking and screaming to end the TSA Mask Mandate, and only did so after they were ordered to terminate it by a judge. The same thing happened with the vaccine mandates for private employers, and several other measures.
I don't remember anyone dragging any government officials kicking and screaming anywhere - the courts are a part of the government after all, so the government submitting to the courts' ruling is simply a matter of the checks and balances of government working. After all, if it were truly the case that government never gives up power voluntarily, the courts would never rule against the government.
And outside of the two instances you mentioned, the vast majority of quarantine measures were indeed voluntarily lifted without injunction from the courts.
But I suppose it's simply the nature of modern hyperreality that we must remember the past differently.
Yes they have, just not very often and not without a long political fight and not without strong political leaders to push it forward.
Say what you want about the "system" and the two parties and so on, but we the people send our senators and reps to Congress, and the same is true at the state level. This type of thing would be best done at a state level to show people, particularly those in other states that it can work well.
this view of an average Americans level of agency in our political process could most politely be described as 'simplified'.
Before you even get in the weeds as to how voting actually works, that two party thing you mentioned provides, at the ideal best, two people with two sets of ideas about how to get things done. IF they don't agree on how to manage something (say we get the rare politician who's not in favor of further deregulating banks), there's no guarantee that one of those two ideas will be any good, or aligned with the political zeitgeist they're supposed to represent. Much more often, the wedge issues they differ on are a fraction of the things they'll be making decisions about, and stuff like military spending, bank deregulation, and general market deregulation are bipartisan supported. So if you don't like either of those, you're effectively excluded from the political process.
Then, you have all the ways in which the voting process is gamed by those in charge of it. Gerimandering is an obvious and easy one to spot, but there are other, more pernicious methods employed - like restricting voting to a single day, not making voting a holiday, purging voter rolls prior to the primaries (we'll deal with the primaries in a second), restricting felons from voting (whilst making things like marijuana possession a felony, an easy way to shunt out the underprivileged). There's more, for good reading on this topic check out Republic Lost by Lawrence Lessig.
We are married to first-past-the-post voting, which is demonstrably the worst system but the easiest to game.
The supreme court, which makes many of the most impactful political decisions, isn't voted in. And they have life terms. So even if you manage to make progress elsewhere, they can just decide that things should be different and change the way the law works.
The Senate arbitrarily distributes the power to block legislation among the least populous states, making it easier to manipulate the population into voting for people who will do this.
K Street (the lobbyists) literally get paid to 'help' draft legislation that favors only those who can afford it. Some of our laws are actually for sale.
Then you have the primaries, which are effectively controlled by two fairly small cabals of (who exactly? I dare you to enumerate the people involved). Each of which has it's own set of obtuse rules that's not subject to an iota of the scrutiny that actual elections are subject to, even though you could make the argument that the primaries are the more important election, because they decide what the two options will be.
Then there's the news. Rather, there's the institutions that claim to be news, but all of which behave more like winged propaganda machines, pumping their color and fueling anger at (whatever the wedge issues are for the other team today). These outlets all have things they will not talk about, like the issues with our elections or growing income inequality, because these things are precisely the things that the power structure, which all major news networks benefit from, is founded upon.
One thing both parties agree on completely; there should only be two parties. This would strike one as odd if they weren't so deeply acclimated to the situation.
You can write the law however you want, but it's the people holding the guns who decide how those laws are enforced that really decide what the laws are. The glorification and deification of cops and soldiers as saint-like figures of pure virtue makes it that much easier. Ultimately the only real constraint on police and military power is mass civil disobedience, and technology and weaponry and mass surveillance can nullify much of that.
So what happens you get a warrant that specifies electronic data collection only, yet when you arrive at the location, you find they don't use computers at all and have everything you need to convict in a handwritten ledger of some sort? Do you have to leave the ledger because the warrant specified electronic?
yes, that's how warrants work. if you get a warrant that says you may search the kitchen and don't find anything, you don't get to go and search the bedroom.
I have no idea, I'm not a lawyer, nor a criminal to be on the receiving end of a search warrant so I have no insights into their details. Why do you assume otherwise?
So you're saying that an investigator looking for a specific type of evidence cannot find other evidence of the same crime? Are they then supposed to go back to a judge to say now we need to modify the warrant or get a new warrant? Do they leave people around so the new evidence isn't removed while the new/updated warrant is obtained? Are their time limits on the execution of a warrant?
This is mostly a US thing, not really the case in UK, EU, or India for instance.
“Fruit of the poisonous tree” is a legal metaphor used to describe evidence that is obtained illegally. The logic of the terminology is that if the source (the "tree") of the evidence or evidence itself is tainted, then anything gained (the "fruit") from it is tainted as well.
The doctrine underlying the name was first described in Silverthorne Lumber Co. v. United States, 251 U.S. 385 (1920). The term's first use was by Justice Felix Frankfurter in Nardone v. United States (1939).
Such evidence is not generally admissible in court. For example, if a police officer conducted an unconstitutional (Fourth Amendment) search of a home and obtained a key to a train station locker, and evidence of a crime came from the locker, that evidence would most likely be excluded under the fruit of the poisonous tree legal doctrine.
The fruit of the poisonous tree doctrine is intended to deter police from using illegal means to obtain evidence.
I quit carrying my phone out of the house because I knew something like this was coming. I really like it, I look at scenery and actually think about things now. People around me probably think I'm poor as dirt too, so they leave me alone.
Me too. At one time I considered clipping a battery lead and adding a power switch ... rather than pay to wear an ear-tag ... but leaving it behind just makes more sense.
I wish we knew which apps are contributing user location data to the Fog Feed. This is an egregious abuse of user trust, just to make a buck (or fractions of a penny per user).
Do Apple and / or the Google Play Store have policies about this? Are the app developers in breach of ToS?
The dumbest part about this is that it’s only _partial_ dragnet surveillance. They’re surveilling a biased sample of the population that installs sketchy apps on their phones. I’m betting there are more Android users in this dataset than the general population. In a way, by using Android you’re actually increasing your chances of false imprisonment.
After listening to some experts speak about this, I don't think that's the case. One cited a lot of large apps as sources of data, especially free apps that offer a good service. Waze keeps getting brought up in this debate as well, though I'm unsure if it is used in this context.
>Android you’re actually increasing your chances of false imprisonment.
That used to be true until apple implemented CSAM a black box that scans for hashes of straight to federal prison files. Without your consent or any way to audit it. No oversight.
Yeah I know its not 100% implemented yet but that is just a matter of time.
The default setting on iOS is to immediately upload every new image (photo or screenshot saved to the camera roll) to iCloud. Screenshots default to saving to the camera roll (and contain quite a bit of auxiliary data, btw). On the web, the default and sometimes only way to save an image is to add it to the camera roll.
> persistent surveillance comes in the form of PRISM compliance and covert warrants
You've moved the goalposts. We're talking about warrantless surveillance. FISA courts are flawed. But they're subject to investigation, deliberation and reform in a way police buying commercial data is not. (The warrant process is first and foremost a gate. When it fails at that, as it appears to have with FISC, it serves as a judicial record.)
The warrant is a pretty bad gate. Apple complies with 90% of the requests they get from American law enforcement for account access (and a startling 95% of device access requests by the CCP (!!!)), so I don't really buy the idea that they're valiantly protecting my identity tooth-and-nail. Moreover, I agree that these are two different arenas, but I don't see what the difference is. Apple cares about privacy sometimes, but the fact that they don't care about it all the time leads me to not trust them.
If we're going to demand user privacy, we need to do it properly. Apple has zero accountability, so they have zero incentive to not sabotage your privacy.
Some uses that spring to mind. Stalking. Finding out if your significant other is cheating. Finding out who your kid has visiting your house. Finding out who visits the local abortion clinic for shaming, suing, persecuting, and prosecuting.
Finding out who visits the local gay clubs. Finding out whose fucking especially when this is valuable blackmail material. Making a list of everyone's religious affiliations because nobody has ever misused THAT before.
Keep track of all the abortion clinics and sell lawsuits as a service. Plug in your name and let it tell you if there is anyone you are eligible to collect 10,000 from. Just check a box to have papers sent to your door and theirs and wait while other people harvest their money like they already reaped their privacy.
Privacy laws are in need of radical revision and I think I need a new phone. Ideally one that isn't tied to my name and makes voip calls over an out of country vpn.
Once your location pops up in one of these things you are now a "person of interest" which is just a fancy way for the police to avoid saying "suspect"
You are now in a position forced to defend yourself from guilt rather than them finding something that points to you. Everything about police work is motivated towards finding a reason to pin guilt on you. Nothing is about exonerating you.
You are absolutely correct and worse the more this tech is used to actually solve cases the fewer crooks will carry their phones and many crimes aren't pinpointed neatly in time.
We will know that sometime between Friday afternoon and Saturday morning someone robbed a location and due to imperfection of GPS signals your suspects will include dozens of people including people who walked by 2 streets over. Over time your suspect list will be less and less likely to contain the criminal but it will statistically likely contain at least a few who got in trouble previously especially minorities who can be threatened with 10 to 20 years in jail in order to make them accept 6 months -> probation or risk facing a jury of mostly white people. You can then successfully close tons of cases without finding any actual criminals, doing any real work, or even risking court.
And your local businesses get unpaid slave labor rented to them cheap. What a goddamn paradise. All we need is some cotton that needs picking you know or a soul and a shred of decency.
Yeah, It actually becomes worse for the innocent. The criminals can just leave their phone at home and actually have an alibi while committing the crime.
Meanwhile Mary Jo, is now a suspect for a murder because she wanted a coffee.
> It relies on advertising identification numbers, which Fog officials say are culled from popular cellphone apps such as Waze, Starbucks and hundreds of others that target ads based on a person’s movements and interests, according to police emails.
> …
> On Monday, the Federal Trade Commission sued a data broker called Kochava that, like Fog, provides its clients with advertising IDs that authorities say can easily be used to find where a mobile device user lives, which violates rules the commission enforces. And there are bills before Congress now that, if passed, would regulate the industry.
>>Fog Reveal refers to a company called Venntel as its “data partner,” but neither company would clarify their relationship to the outlet. Motherboard has reported extensively on how Venntel sources global advertising data from its parent company Gravy Analytics. The data itself comes from apps installed on peoples’ smartphones; app developers often enter agreements to sell their users location information to third parties. Venntel then sells its own surveillance product to government agencies, including Customs and Border Protection.
Seems this is no particular app, just apps SELLING the location data on to aggregators, who then sell it to Fog, who surface it in their Reveal product.
So, no need to identify a person or phone and phish them into installing your tracker. This is just find your crime, ID the phones in the area, and start tracking them based on location data sold into the marketplace...
While it's a great capability for the cops, it means that we really are at the point where we've all been sold a covert device to track our every move.
(And deleting our Google location history is worthless, as Google has nothing to do with this.)
The backing legislation, Health and Location Data Protection Act of 2022 (S.4408), was forwarded to subcommittee on June 15 but hasn't seen any action since [0]. That said, I don't know how quickly the Senate Committee on Commerce, Science, and Transportation moves through things. From skimming the previous meeting agendas [1], it appears that they often take months before discussing bills. It's possible that they will discuss this bill before midterm elections, but I'm doubtful. According to the Senate's schedule [2], the Senate has 33 more working days before midterms. I don't see enough momentum behind this bill to actually get it considered before midterms.
I remember a HN post from several years ago where a location data provider left an exposed API or web page that allowed anyone to enter a phone number and see the location of the device in real time, but I can't find it now.
I'm sure if the location data (and other related data) for those in power and law enforcement leaders were to be made available to everyone, in an easy to digest and display method...I'm sure some of these data flows would be quickly be made illegal, and quickly shut down. ;-)
Is there a way to figure out how good of a job I'm doing avoiding tracking? I don't even think it would be unlawful to ask someone with access to this tool to look ones own phone up to see how much tracking data they are getting.
When people in the U.S. are arguing about why their govts should need a warrant to spy on peoples phones, people in PRC are required to install an app that literally spies on them.
Surveillance is really going in its worst way, if there's not a worse one.
I wonder if this data is being used in trial or being used in warrant applications given that the data can easily be spoofed by providing inaccurate data to these analytics apis?
You give the legal system way too much credit. When it comes to evidence provided by the police, "spoofed data" is considered an ultra rare edge case not worth considering unless the defense has some excellent evidence to the contrary.
I would argue that the average deGoogled device has less apps and Google Play app bloat to decrease the surveillance surface. Less apps translates to less location data.
All the google stuff spying on you goes to Google databases, which (at least as far as we know from public info and the news story here) requires a warrent.
It's non-Google apps that are sending location data to the 3rd party brokers supplying this tool. deGoogling a phone has nothing to do with these apps.
A warrant should be required. A warrant should be a cryptosecure signed file from the judge(s). The search tool should validate the signatures. The parameters in question should also be signed across and be the only allowed inputs.
Also there should be accountability for the reasonable expectation aspect of warrants. A realistic threshold should be enforced... If an officer or judge starts to dip below the threshold they should be seen as incompetent.