Google Just Killed Warrants That Give Police Access To Location Data

/in /by

December 14, 2023 | By Cyrus Farivar & Thomas Brewster | Forbes |

CellHawk Support Note:  We recommend continuing to request Google Geofence/Reverse Location Searches as usual until Google rejects the warrants entirely and no longer produces any responsive data.

“Geofence warrants,” which allow law enforcement to get location data across a wide area, have become commonplace in recent years.

On Wednesday, Google announced it would soon change the way it would store and access users’ opt-in “Location History” in Google Maps, making the data retention period shorter, and making it impossible for the company to access it. That means it will no longer respond to “geofence warrants,” a controversial legal tool used by local and federal authorities to force Google to hand over information about all users within a given location during a specific timeframe.

Because geofence warrants — also known as reverse-location searches — have the potential to implicate anyone who happens to be in the vicinity of a crime, Google’s decision to end access to location data is a major win for privacy advocates and criminal defense attorneys who have long decried these warrants.

The company confirmed the impact of the change to Forbes. A current Google employee who was not authorized to speak publicly told Forbes that along with the obvious privacy benefits of encrypting location data, Google made the move to explicitly bring an end to such dragnet location searches.

“The repository of everyone’s location data dating back months or years was a hazard, and Google is trying to clean up that hazard,” Jennifer Granick, an attorney with the American Civil Liberties Union, told Forbes. “That is a real benefit for people’s privacy for people’s locations over time which is some of the most revealing information about us.”

Armed with facts about a criminal incident, and the vast location history data and associated device data from a geofence warrant, investigators would try to identify a suspect who might have committed a crime.

“These warrants are dangerous,” wrote Jennifer Lynch, an attorney with the Electronic Frontier Foundation, in a Wednesday blog post. “They threaten privacy and liberty because they not only provide police with sensitive data on individuals, they could turn innocent people into suspects.”

The change doesn’t prevent the government from getting information on a specific user by demanding their full account details, the Google employee said. But investigators can no longer hand over some coordinates and a timeframe, and compel Google to give it either identifying data or metadata on all users within those parameters.

The move comes just days after the very first federal appellate court, the U. S. Court of Appeals for the Fourth Circuit, in Virginia, heard oral arguments in a case called United States v. Chatrie, where it was asked to evaluate the fundamental legality of geofence warrants. (The court’s ruling, which only would cover five states largely along the eastern seaboard, will likely not come until next year.)

“Good news from Google, I never thought I’d say that,” said Michael Price, one of Chatrie’s lawyers, and the litigation director for the Fourth Amendment Center at the National Association of Criminal Defense Lawyers.

“From a practical perspective, judges are often concerned about taking a tool away from law enforcement. But here that decision has just been made and may lower the stakes in some respects for finding it unconstitutional.”

Earlier this year, a California state legislator proposed a bill that would have outlawed the practice for California-based companies – notably, Google – to comply with such court orders. (That bill did not advance in the statehouse.) Now, in one fell swoop, Google has now largely taken the decision out of future judges’ hands.

Google doesn’t typically break down how many geofence warrants it receives, though it broke with tradition in 2021, revealing that more than 25% of the warrant requests it had received in the U.S. at the time were reverse location warrants. The volume of geofence warrants received by Google tripled from the end of 2018 to the end of 2019, reaching 3,000 warrants in a single quarter.

As Forbes has previously reported, practically all geofence warrants are targeted at Google, given its vast amount of search and location data. While other tech firms could theoretically be served with similar warrants, public court records nearly always point to a data request from Google over other companies.

While it may receive more geofence demands than any other tech company, it isn’t the only tech giant being told to respond to them. Apple said earlier this year that it had received such geofence requests, but could not provide the data because of the way it protects user locations.

Such warrants have been used in some of the most significant law enforcement cases in recent memory.

They were used to identify those who stormed Capitol Hill on January 6 and to identify individuals involved in the Kenosha riots of 2020 in response to the shooting of Black citizen Jacob Blake. Forbes learned last year that law enforcement were raiding historical Google location data, going back seven years in one case where cops were trying to gather evidence to send two men to death row.

Geofence warrants have also reportedly been used to investigate relatively minor crimes, such as a wallet stolen from a Utah hospital.

The California District Attorneys Association, a state level group that has previously opposed new restrictions on geofence warrants, noted that in 2022, sheriffs deputies in Santa Clara County used the technique to solve “9 separate residential burglaries.”

Similarly, Orin Kerr, a law professor at the University of California, Berkeley, wrote on X on Wednesday that “from a public policy standpoint, that seems like a bummer.”

“Geofencing has solved a bunch of really major cases that were otherwise totally cold,” he wrote.

“And there are lots of ways of doing the legal process (including Google’s warrant policy, although that’s just one way) that are a lot more privacy protective than ordinary warrants. But I can see why this might be in Google’s business interest. If there isn’t a lot of economic value to Google in keeping the data, and having it means you need to get embroiled in privacy debates over what you do with it, better for Google to drop it.”

Read the original article HERE.

To read Google’s Location History update, visit: https://blog.google/products/maps/updates-to-location-history-and-new-controls-coming-soon-to-maps/

More 2G and 3G shutdowns loom in the US

/in /by

November 28, 2023 | By Mike Dano | Light Reading |

UScellular said it will turn off its 3G CDMA network on January 14, 2024. Separately, Cellcom said it plans to shutter its 2G network in December after shutting down its 3G network in March.

UScellular and Cellcom recently set dates to shutter their aging wireless networks. The smaller network operators are following in the footsteps of their bigger, nationwide rivals, which are making similar moves.

On its website, UScellular said it would shutter its 3G CDMA network on January 14, 2024.

“Major wireless carriers have already shut down their 3G CDMA networks and you’re likely starting to notice the effects on your older devices. When we shut down our network, 3G devices will lose service completely,” the operator reported on the site. “We are committed to supporting our customers and are ready and available to assist you through this transition. To keep you connected, we’re offering big discounts on 4G/5G devices.”

UScellular CEO Laurent Therivel said there are fewer than 42,000 customers left on that network, down from 386,000 around 18 months ago.

“We believe we’re going to continue to see more customers migrate over the next several months,” he said during UScellular’s recent quarterly conference call, according to Seeking Alpha. “We intend to reform that spectrum to support our LTE network. And we expect to see additional systems operation savings once that CDMA network is fully shut down in 2024.”

Like Verizon, T-Mobile and AT&T, UScellular said it would shut down its aging 3G network in order to put more resources – including spectrum – toward its 4G and 5G networks. Indeed, UScellular is in the process of adding valuable midband spectrum to its 5G network.

UScellular operates a wireless network across around 21 states and counts around 5 million mobile customers. It recently announced it is for sale, though it’s not clear whether there are any buyers.

Separately, as noted by Wave7 Research, Cellcom said in September it would shutter its 2G network at the end of 2023 after shutting down its 3G network in March.

“Cellcom will be contacting customers who need a new device, which includes phones that are not compatible with VoLTE [voice over LTE] and some models of our home phone replacement unit,” the company said on its website.

As Light Reading previously reported, Cellcom began its 5G rollout in 2022 with equipment from Ericsson and Cisco. The company provides telecom services throughout Wisconsin and upper Michigan.

Follow the leader
The nation’s big network operators turned off their 3G networks during the course of last year. According to the financial analysts at MoffettNathanson, the 3G network shutdowns by Verizon, AT&T and T-Mobile affected a combined total of 2.3 million lines of service during 2022. But the financial analysts at Wells Fargo put the figure at 1.1 million.

In either case, it’s unclear exactly how many of those lines were active or unused. The operators recorded their 3G disconnections as “subscriber adjustments” rather than in their tally of gained and lost customers.

As for 2G, AT&T discontinued service on that network in 2017, while Verizon shuttered its 2G network around 2020. T-Mobile said earlier this year it would turn off its 2G GSM network on April 2, 2024.

Meanwhile, some regulators are starting to look at spectrum and standards for 6G networks.

Read the original article HERE.

Unleashing 5GSA’s Potential: Pioneering Network Slicing and Automation Obstacles

/in /by

November 22, 2023 | By Kamile Bigenyte | VoIP Review |

5G technology is receiving significant attention and becoming an exciting hotbed of innovative potential, with a multitude of experimental features currently under scrutiny. According to Marco Gatti, 5G Product and Solution Manager at Anritsu Service Assurance, one of the most promising developments involves network slicing. Network slicing allows potentially hundreds or even millions of simultaneous network slices to come about dynamically, each boasting its unique customer-defined attributes.

However, at this time, most telecom operators continue to limit the number of slices. But as the full potential of 5G Standalone (5GSA) matures closer to realization, the technology is poised to unlock an array of revenue-generating business opportunities across various industries. These include gaming, vehicle-to-everything (V2X), the Internet of Things (IoT), and mobile edge computing.

Network slicing can especially contribute significantly to critical remote services that heavily rely on high availability and guaranteed redundancy. With the advent of this technology, tasks such as remote robotic surgeries, which require ultra-reliability over low latency, can become a reality. Moreover, intensive plant and machinery can considerably minimize downtime and avert breakdowns with the aid of embedded monitoring capabilities connecting over a reliable 5G slice, thus managing potential issues within microseconds.

There are, nevertheless, certain challenges and complexities being faced. With the increasing scale and diversity of network operations, traditional management techniques might prove insufficient. Moreover, the pursuit of dynamic 5G slicing, if not accompanied by innovation and adaptability in managing processes, might lead to unsustainable operating costs. The solution, as Marco Gatti posits, lies in increased automation.

In such a context, service assurance emerges as a critical enabler for effective automation since one can only control what is under active monitoring. Unlike standard call detail records, which can present post-event, effective service assurance hinges on the adoption of real-time monitoring. This, in turn, immediately alerts the orchestration, which can actuate on the core network. Establishing this closed loop helps anticipate potential issues when certain metrics approach a defined threshold, thus enabling the orchestration to take appropriate preventive measures.

However, the adoption of automation also hinges on a significant culture change within operations teams. These teams need to adopt a more developer-centric mindset, with an emphasis on repeated testing till full confidence is established in the solution’s ability to operate reliably.

Artificial Intelligence (AI) and Machine Learning (ML) can also complement automation by extracting insights from the multiple data streams collated by service assurance across the network. For instance, ML based on neural networks can enhance prediction reliability and anomaly detection capabilities. This, coupled with ML-based scripting, can enable faster and more effective network management in future networks.

But bringing about the full potential of 5G to create new business opportunities will only be possible when ZSM matures, OSS environments are prepared, and 5GSA-compatible devices are made available for diverse consumer and industrial applications.

 

Read original article HERE.

What is CNAM?

/in /by

October 2, 2023 | By Aiste Kryzanovske | VoIP Review |

Have you ever been caught off guard by an unknown phone call, leaving you wondering who it might be? We’ve all experienced that moment of hesitation before answering, contemplating whether the call is worth our time or is it just another scam call. In such situations, Caller ID has been a trusty companion, providing us with valuable information about the incoming call.

But have you ever heard of CNAM?

In this article, we will take a deep dive into what CNAM is, exploring its inner workings, benefits, and how it is transforming the way we identify incoming calls.

What is CNAM?
While Caller ID displays the calling party’s phone number, CNAM, Caller Name Delivery, also regularly referred to as Caller ID Name, takes it a step further by revealing the actual name associated with the phone number. It enhances the Caller ID experience by providing additional context about the caller.

By leveraging CNAM, you can instantly recognize the caller’s identity, whether it’s a friend, family member, business contact, or potential spam call. It enhances call identification, improves call trustworthiness, and streamlines communication experiences.

However, it is important to remember that not all carriers allow CNAM search, and not all phone numbers contain that kind of information. Some might also charge for CNAM lookup or display.

How does CNAM work?
The operation of CNAM consists of a series of phases that take place within the telecom infrastructure.

Call Initiation: When a call is initiated, the calling party’s service provider sends a signaling message to the recipient’s phone service provider. This signaling message includes the caller’s phone number.

CNAM Database Check: The recipient’s service provider receives the signaling message and checks its Caller Name Delivery database for a matching entry associated with the received phone number.

Database Search: The recipient’s service provider searches its CNAM database to find a matched entry connected with the received phone number.

Match Found: If a matching entry is found in the CNAM database, the caller’s name is returned in the signaling message to the recipient’s device.

Caller ID Display: The recipient’s device displays the caller’s name alongside the phone number in the caller ID. If no matching entry is found in the Caller Name Delivery database, the caller’s phone number is shown without a name in the caller ID.

CNAM Database Administration: The CNAM database is typically maintained and managed by telecommunications carriers or third-party CNAM service providers. They constantly update the database with new additions or changes as individuals or organizations request modifications to their caller information.

It is vital to note that the Caller Name Delivery database is normally kept and administered by telecommunications carriers or third-party CNAM service providers. The CNAM database is constantly updated with new additions or alterations as individuals or organizations request changes to their caller information.

Benefits of CNAM
Implementing CNAM functionality in phone systems brings several benefits for both individual users and businesses:

Caller identification: CNAM allows users to quickly identify the person or organization behind an incoming call, improving call screening and decision-making processes.

Improved efficiency: By displaying the caller’s name alongside the phone number, CNAM eliminates the need to search for additional information manually, saving time and streamlining call handling.

Enhanced user experience: Caller Name Delivery provides a professional touch to communication by associating caller names with their phone numbers. It adds a personal touch, particularly in business environments.

Spam call detection: CNAM helps in identifying potential spam or nuisance calls. If an unfamiliar name or unrecognized number appears on the caller ID, the user can make an informed decision on whether to answer or let the call go to voicemail.

Trust and credibility: In business settings, displaying a caller’s name can establish trust and credibility, helping organizations build stronger relationships with customers and partners.

CNAM and privacy concerns
Privacy concerns often arise when discussing CNAM. They are frequently related to the issues of how and when callers’ names are displayed, saved, exchanged, or controlled by other parties. It is critical to clarify that CNAM operates within legal limitations and abides by telecommunications and privacy legislation. Telecom operators and CNAM database providers follow strict guidelines to ensure the protection of personal information.

Laws and regulations, such as the Telecommunications Act and regulations set forth by government agencies, such as the Federal Communications Commission (FCC) in the United States, govern CNAM usage. These regulations aim to prevent misuse of personal information and safeguard individuals’ privacy.

CNAM implementation and availability
CNAM can be accessed via a variety of communication channels, including landlines, mobile devices, and Voice over Internet Protocol (VoIP) services. Different service providers may have varying levels of Caller Name Delivery integration and availability, including those in the VoIP industry. Some VoIP service providers that offer CNAM functionality include DIDWW, Sangoma, VoIP.ms, and Plivo.

On landline phones, CNAM is typically offered as part of the Caller ID service. Similarly, mobile devices often have CNAM functionality built into their operating systems or caller display applications. However, when it comes to VoIP services, the integration and availability of Caller Name Delivery may vary among providers. Therefore, it is important to check with your VoIP provider about the availability of the service and to learn how to enable and utilize CNAM functionalities effectively.

Conclusion
CNAM is a powerful tool that goes beyond traditional Caller ID by displaying the actual name associated with a phone number. By providing additional context about the caller, CNAM enhances call identification, improves trustworthiness, and streamlines communication experiences. It allows users to quickly recognize callers, detect spam calls, and establish trust in business settings. CNAM is widely available on various communication platforms, and users should check with their service providers to enable this valuable feature. Embrace the power of CNAM and never be caught off guard by unknown callers again.

Read original article HERE.

TechDirt: Don’t Want To Be Part Of A Geofence Warrant Line-Up? You Have Options.

/in /by

October 30, 2023 | TechDirt | By Tim Cushing |

Google is an internet powerhouse. It’s home to the most-used search engine in the world. It has its own operating system and its own line of cell phones. It also has its own cell phone service. It has ad services, a suite of web-based productivity apps that are (somewhat compatible) with a bunch of Microsoft software, an app store, and a considerable amount of consumer loyalty.

To keep all of this running by keeping all of this profitable (although it’s the ads that actually make the money), Google gathers a ton of data from its users, both implicitly and explicitly.

Google’s desire for data has generated its fair share of legal action and legal threats, ranging from users who think they’ve been wronged to the Department of Justice itself, which believes Google is violating anti-trust laws with its products and services.

That’s why Google has become the go-to source for data cops want to obtain. These requests tend to be the first move in criminal investigations with no readily apparent suspect. Cops send warrants to Google for information on anyone using certain search terms in any certain area — something often referred to as a “keyword” warrant.

Far more common are geofence warrants. A crime occurs and cops send a warrant to Google asking for information on any devices in the area of the crime. From that long list of partial identifiers, investigators hope to find a list of suspects worth pursuing.

The problems with geofence warrants are several. First, most courts aren’t really paying attention to the warrant affidavits, allowing cops to seek whatever information they desire under the theory there’s probable cause to believe Google holds the data requested.

Inattentive judges (or those being actively misled by cops) won’t ask for more details about the area covered by the geofence or the odds that such a request (especially when covering a heavily trafficked or heavily populated area) would necessitate Google searching (on the government’s behalf) all of its users’ data for these particular coordinates.

The government is in the business of obtaining data haystacks from Google and demanding it be trusted to sift through the data without rounding up the unusual suspects — innocent people who just happened to be in the area of criminal activity.

That’s simply not good enough in some cases, which has resulted in judicial pushback on these broad requests. These rebuttals from judges make it clear the government needs more than the broad assumption Google might house the data requested.

Popular with cops. Probably shouldn’t be popular with anyone else. While most people might understand they’ve agreed to share location data with Google, that’s not the same thing as agreeing to share it with the government. And, given Google’s history with location data gathering, there’s a good chance some users may have assumed they never gave Google consent to collect this data.

But you don’t have to be part of this virtual lineup. Tools and options are available for users of Google services, a list of people that likely includes a vast majority of internet users.

Shira Ovide’s article for the Washington Post first details everything that’s extremely questionable about law enforcement’s reliance on geofence warrants.

 In a typical search warrant, police have a suspect in mind and ask for a judge’s approval to search their home, phone data and other potential evidence. Legal experts are generally fine with those targeted warrants to Google.

 In the large-scale search term and location warrants, police know a crime occurred but don’t know who might have committed it.

 They come up with what could be potential evidence — the location near a crime or a search term like “pipe bomb” — and ask a judge to order Google to provide information on people who match those criteria.

 “That’s not the way criminal investigations are supposed to go,” said Jumana Musa, director of the Fourth Amendment Center of the National Association of Criminal Defense Lawyers.

That’s correct. Warrants are supposed to be particular (in the legal sense of the word) and supported by probable cause the search will turn up evidence of criminal activity. The warrants served to Google force the company to search the entirety of its data stores to provide data responsive to the warrant. And cops don’t actually believe it is involved in the crime being investigated. All they feel they have to show a court is that it’s probable Google houses the data it seeks. Whether or not the data can be linked to a suspect is conveniently ignored.

Legal rulings on these warrants are all over the place. Given the relative novelty of this technique, it’s unlikely individual federal circuits — much less the Supreme Court — will be delivering clarifying precedent any time soon.

Given that fact, it’s probably best to just remove yourself from this equation. The most tenacious will find a way to live life without Google products, services, operating systems, or hardware. For everyone else, Ovide details how people can opt out of most Google services to ensure they won’t be swept up the next time cops decide an criminal investigation requires nothing more than a few mouse clicks.

 In the “Activity controls” settings of a personal Google account, you can turn on or off the option for Google to save records of everywhere you go with your phone or other mobile device.

 […]

 You can also delete all or parts of your Location History data.

 To minimize Google’s data on what you search, go to the Activity controls and click “turn off” in the Web & App Activity section. It helps to use Chrome and Google web search without logging into a Google account.

These steps should help keep you from being swept up by geofence warrants. “Should” is the operative term, though. Whatever you’ve decided to stop handing over to Google directly may, at points, be gathered indirectly via ad partners or sites/apps/services that heavily integrate Google infrastructure.

Even if it’s impossible to quit Google completely, a few small steps will lower your Google footprint, making it a bit more difficult to end up on a digital lineup provided by Google to investigators who have no idea who they’re looking for but know exactly where to go to get a bunch of data without being asked too many questions from their judicial oversight. The more you know, as they say. And the more you know, the less Google knows about you.

 

Read the original article HERE.