Zachary McCoy, a citizen of Florida, loves his bike-ride ritual around the neighbourhood in Gainesville. And like all fitness enthusiasts, kept track of the distance covered. What he didn’t know was that his riding data would get him arrested for burglary one day! The catch was that he was innocent. 

On January 14, 2020, Google sent him a notice regarding the burglary case, informing him that he had seven days to appear in court or risk his Google account information getting into the hands of law enforcement agencies. It was only when he spent a few thousand dollars to hire a lawyer that he was able to get his name cleared from the case. 

McCoy, and hundreds of other innocent people around the world, became victims of the ‘geofence warrant’ every day. 

What is geofencing?

“Right time, right place!” Ever had this thought when you see a push notification of an irresistible offer from your favourite store just as you’re in their vicinity? It’s not a coincidence, it’s geofencing. 

A geofence uses GPS or RFID technology to form a virtual geographical boundary of a particular area. The software gets triggered whenever a mobile phone enters or leaves the area. It can be used in multiple domains to get different results.

Geofencing in law enforcement

The police often use Google data to track criminals by placing geofence requests (a.k.a. geofence warrant). A warrant compels Google to hand over the data from their sensor vault to the law enforcement agencies. 

It was through a geofence warrant that the FBI got its hands on the Capitol breach rioters. The FBI was able to create a huge database of rioters using Google’s sensor vault. The vault stores data like location, search queries, IP addresses, device signals, device sensors like GPS, cellular network information, information from nearby WiFi networks, information from nearby Bluetooth devices, etc. This information is crucial for the police to track and identify possible culprits. 

However, Ari Waldman, professor of law and computer science at Northeastern University thinks the FBI using geofence in the rioting case was unethical. “Even if I think staging a coup against a democratic government is abhorrent, it doesn’t mean that constitutional privacy protections shouldn’t be in place.”

Google’s three-step verification

Contrary to what it may look like, it’s not easy to gain access to this database. According to Google, any such request needs to go through a three-step verification process. Google has developed the system in collaboration with the department of justice’s Computer Crime and Intellectual Property Section and other law enforcement agencies. 

When Google receives a geofence warrant, it provides an anonymous list of Google users with their location data aligning with the coordinates shared by the law enforcement agencies. 

Thereafter, it’s the government’s turn to identify the relevant devices. If required, agencies direct Google to provide additional details. Google expects the government to narrow down the data, but doesn’t have any firm policy on this. 

Finally, Google is called upon to provide the full information on the relevant devices that the government has shortlisted. 

Geofencing back home

During COVID-19, the Indian government kept track of quarantined patients using the Arogya Setu app. Reportedly, the officials received an alert when a patient breached the 300-metre radius. However, it was largely unsuccessful, as thousands of people still breached the radius. 

Kamal Jain, a professor at IIT-Roorkee told AIM that while geofencing is not used in law enforcement in India that extensively, it can have other uses also. “For example, we can use geofencing in Char Dham yatra. We can get live updates of how many people are at certain points and get alerted if the saturation increases,” he said. “We can also use it to keep track of foreigners that come on short trips in India,” Jain added.