About a year ago, Zachary McCoy took a bike ride around his neighborhood in Gainesville, Florida. It may have been forgettable to him, but not to history. Because McCoy used an app to track his mileage, the route was forever etched in the Google-verse and attached to his name.
On the day of this ill-fated bike ride, McCoy passed a certain neighbor’s house three times. While this normally wouldn’t raise alarm, the neighbor happened to be the victim of a burglary that day, and had thousands of dollars worth of jewelry stolen. The Gainesville police had zero leads after a four-day investigation, so they went to the county to get a geofence warrant. Thanks to all the location data McCoy had willingly generated, he became the prime suspect.
Bike Ride Inside the Geofence
McCoy had no idea about any of this until he received a vague email from Google ten months after the bike ride. The email stated that the police wanted access to all of his account information, and that Google would be turning it over to them unless he dropped everything, got a lawyer, and successfully blocked it in court within the next seven days.
The only clue in the email was a case number, which led him to the burglary report on the Gainesville Police Department’s website. Unsure what to do, he turned to his parents who hired a lawyer with money from their savings account. The lawyer quickly figured out that McCoy was being targeted because of a geofence warrant, which allows law enforcement to search Google’s vast Sensorvault archive for a list of all mobile devices that were active within a certain area during a specific time range. It’s the opposite of innocent until proven guilty, and as you can imagine, it fingers many innocent people.
The only shred of privacy left in this situation is that McCoy would remain anonymous up until the seven day period elapsed. Fortunately, McCoy’s lawyer was able to clear his name without releasing it to the police, although they certainly know it now that the case has made national news. How? The lawyer filed a motion declaring the geofence warrant null and void, which made the police backpedal. The state attorney’s office told McCoy’s lawyer that they found details that led them away from his client, and they simply withdrew the warrant.
EULA Text Walls Are Privacy Prisons
Like millions of people, Zachary McCoy has willingly sacrificed privacy in the name of convenience. Our more grizzled readers may be disappointed to learn that McCoy doesn’t read through those novel-length end user license agreements, and didn’t realize that he was allowing Google to keep a record of everywhere he’s been by turning on his location. Although it’s ultimately Google that made him have to hire a lawyer, they may not be the only bad guy in this particular equation.
The app McCoy used to track his bike rides, RunKeeper, which launched in 2008, has been around nearly as long as Android phones themselves. In 2016, the company that owns the app got in legal trouble in Europe because RunKeeper not only continues to track users when they’re not using it, it also sends user location data to a US-based advertiser.
It’s cliché at this point, but it bears repeating: nothing is free except maybe your mother’s love. If there’s no cost to you, then you are the product. Carefully consider what you join, and opt out while you can.