PROVIDENCE, R.I. (AP) β When U.S. law enforcement officials need to cast a wide net for information, theyβre increasingly turning to the vast digital ponds of personal data created by Big Tech companies via the devices and online services that have hooked billions of people around the world.
Data compiled by four of the biggest tech companies shows that law enforcement requests for user information β phone calls, emails, texts, photos, shopping histories, driving routes and more β have more than tripled in the U.S. since 2015. Police are also increasingly savvy about covering their tracks so as not to alert suspects of their interest.
Thatβs the backdrop for recent revelations that the Trump-era U.S. Justice Department sought data from Apple, Microsoft and Google about members of Congress, their aides and news reporters in leak investigations β then pursued court orders that blocked those companies from informing their targets.
In just the first half of 2020 β the most recent data available β Apple, Google, Facebook and Microsoft together fielded more than 112,000 data requests from local, state and federal officials. The companies agreed to hand over some data in 85% of those cases. Facebook, including its Instagram service, accounted for the largest number of disclosures.
Consider Newport, Rhode Island, a coastal city of 24,000 residents that attracts a flood of summer tourists. Fewer than 100 officers patrol the city β but they make multiple requests a week for online data from tech companies.
Thatβs because most crimes β from larceny and financial scams to a recentΒ fatal house party stabbingΒ at a vacation rental booked online β can be at least partly traced on the internet. Tech providers, especially social media platforms, offer a βtreasure trove of informationβ that can help solve them, said Lt. Robert Salter, a supervising police detective in Newport.
βEverything happens on Facebook,β Salter said. βThe amount of information you can get from peopleβs conversations online β itβs insane.β
As ordinary people have become increasingly dependent on Big Tech services to help manage their lives, American law enforcement officials have grown far more savvy about technology than they were five or six years ago, said Cindy Cohn, executive director of the Electronic Frontier Foundation, a digital rights group.
Thatβs created what Cohn calls βthe golden age of government surveillance.β Not only has it become far easier for police to trace the online trails left by suspects, they can also frequently hide their requests by obtaining gag orders from judges and magistrates. Those orders block Big Tech companies from notifying the target of a subpoena or warrant of law enforcementβs interest in their information β contrary to the companies' stated policies.
Of course, thereβs often a reason for such secrecy, said Andrew Pak, a former federal prosecutor. It helps prevent investigations getting sidetracked because someone learns about it, he said ββthe target, perhaps, or someone close to it.β
Longstanding opposition to such gag orders has recently resurfaced in the wake of the Trump-era orders. Apple in 2018 shared phone and account data generated by two Democratic members of the House Intelligence Committee, but the politicians didnβt find out until May, once a series of gag orders expired.
Microsoft also shared data about a congressional aide and had to wait more than two years before telling that person. Brad Smith, Microsoftβs president, last week called for an end to the overuse of secret gag orders, arguing in a Washington Post opinion piece that βprosecutors too often are exploiting technology to abuse our fundamental freedoms.β
Critics like Cohn have called for revision of U.S. surveillance laws drawn up years ago when the police and prosecutors typically had to deliver warrants to the home of the person being targeted for searches. Now that most personal information is kept in the equivalent of vast digital storehouses controlled by Big Tech companies, such searches can proceed in secret.
βOur surveillance laws are really based on the idea that if something is really important, we store it at home, and that doesnβt pass the giggle test these days,β Cohn said. βItβs just not true.β
Many tech companies are quick to point out that the majority of the information they are forced to share is considered βnon-contentβ data. But that can include useful details such as the basic personal details you supply when you register for an account, or the metadata that shows if and when you called or messaged someone, though not what you said to them.
Law enforcement can also ask tech companies to preserve any data generated by a particular user, which prevents the target from deleting it. Doing so doesnβt require a search warrant or any judicial oversight, said Armin Tadayon, a cybersecurity associate at advisory firm the Brunswick Group.
If police later find reasonable grounds for conducting a search, they can return with a warrant and seize the preserved data. If not, the provider deletes the copies and βthe user likely never finds out,β Tadayon said.
In Newport, getting a search warrant for richer online data isnβt that difficult. Salter said it requires a quick trip to a nearby courthouse to seek a judgeβs approval; some judges are also available after hours for emergency requests. And if a judge finds there is probable cause to search through online data, tech companies almost always comply.
βMost of the companies do play ball,β Salter said. βWe can speak with people, get questions answered. Theyβre usually pretty helpful.β
Nearly all big tech companies β from Amazon to rental sites like Airbnb, ride-hailing services like Uber and Lyft and service providers like Verizon β now have teams to respond to such requests and regularly publish reports about how much they disclosed. Many say they work to narrow overly broad requests and reject those that aren't legally valid.
Some of the most dramatic increases in requests have been to tech companies that cater to younger people. As the messaging app Snapchat has grown in popularity, so have government requests for its data. Snap, the company behind the app, fielded nearly 17,000 data requests in the first six months of 2020, compared to 762 in the same period of 2015.
Salter said the fact that weβre all doing so much online means police detectives need to stay tech-savvy. But training courses for how to file such requests arenβt hard to find.
For those worried about the growing volume of online data sought by law enforcement, Salter said: βDonβt commit crimes and donβt use your computer and phones to do it.β
βJudges are not going to sign off on something if we donβt have probable cause to go forward,β he said. βWeβre not going to look at peopleβs information without having something to go on.β
But Cohn said more tech companies should be using encryption technology to make all personal information, including metadata, virtually impossible to decipher without a user key to unlock it.
Until then, she said, police can short circuit constitutional protections against unreasonable searches "by just going to the company instead of coming directly to us."
Liedtke reported from San Ramon, California.