Judge issues search warrant for anyone who Googled a victim's name A judge in Minnesota, America, has granted cops a search warrant to direct Google to provide personal details about anyone searching for a specific name. Tony Webster, who describes himself as a web engineer, public records researcher, and policy nerd, published a portion of the warrant out of concern that administrative …
> What numpty uses Google when planning crimes? It's all about duduckgo or yandex over tor.
It's part of a cunning plan by the cops. They know full well that the originating IP address of any searcher is likely to be registered to a local coffee shop but... hey - they've all got to be checked out and they might as well stop for donuts at the same time.
And once they know the coffee shop, date and time they've got CCTV coverage of the miscreant. All they need to do then is work out which of the customers is the actual miscreant. Assuming the shop is a major chain that uses CCTV.
That is assuming they actually went to a coffee shop. Someone trying a crude fake passport scam isn't being very clever, calculating or patient. Of they were in a coffee shop at the time that's probably because they wanted a coffee, not because they were looking for anonymity...
The request is certainly potentially broad, however is it unreasonably so? Can anyone suggest a more concise request that would achieve the same?
Likely they will get a few dozen hits - how do they filter them down? Request the search history of all of them? Again very broad. If you are not guilty should you care?
It's not a rare name if 5 of you live withing 50 miles? Sounds like a crowd to me.
There is only one of me alive and the only other person with my name is dead. At least according to Google. Pretty much as I expected.
I have no idea where Google came up with all those pictures they listed. None of me. ;-) A few of them have my first name or my last name. Lots of the rest are totally off the wall. Like how picture of Donald Trump made the short list I do not know.
My respect for Google search just dropped way down.
You may be shocked to discover that Teh Internets are international, and Google has hundreds of millions of users making billions of searches per day, so your shortlist of "suspects" now includes everyone from Billy Joe Bob in Bear Creek to Gupta in Mumbai.
Happy hunting.
While this is way beyond overreach for information, I am pleased the local cops are trying. Most places they just take the report of fraud, etc. and say "Oh.. the Internet.. tough." and go back to their coffee and donuts as they know it's pretty impossible... well maybe not for the NSA, FBI, CIA, et al.
Which it just hit me... why didn't they hit the NSA for this? I'm sure they have the info.
In light of the updated info in the article on this.... so it's not world-wide but only for that particular city is interesting to say the least. Sounds like the cops have an idea who did it and it's not someone out of country or even out of state which in itself seems unusual after most other reported incidents of this point to someone in eastern Europe or in Asia.
I think popcorn is in order and comfy chair to see how this plays out.
I don't think the cops have an idea who did it, but I would expect that very few people do a google search for my name (once you exclude me being curious what google will return in such a search), or for any other not very important person. So this search should only affect very few people.
@Lt.Kije - The problem is your average US bench warming shyster ...er judge barely understands how to turn on a computer. Thus there is a tendency to sign overly broad warrants for computer searches. When it is pointed out the incompetent they tend to have a hissy fit because someone dared to point the emperor has no clothes.
"Google may not cooperate, however. The internet king has an interest in fending off overreaching governments and police to avoid becoming an on-demand data dispensary."
Is that why?
I think not. Of course, handing over data all the time takes away from their business and is an unwelcome distraction. BUT, I think the main reason they want these requests to stop is that if courts can order such data to be handed over, then the only protection that people have is for Google not to have the data in the first place.
That is the only real protection against having governments and law enforcement agencies (not to mention criminals) hoovering up your data - don't have it there in the first place.
If they were serious about protecting their users and customers then they would not store anything that wasn't necessary and would anonymise everything possible.
But of course Google want to collect that data and want to make sure it is identifiable, as much as possible.
"name(s), address(es), telephone number(s), dates of birth, social security numbers, email addresses, payment information, account information, IP addresses, and MAC addresses of the person(s) who requested/completed the search."
And how is Google going to get my MAC address? That's either a goof up or very, very, unsettling.
"name(s), address(es), telephone number(s), dates of birth, social security numbers, email addresses, payment information, account information, IP addresses, and MAC addresses of the person(s) who requested/completed the search."
And how is Google going to get my MAC address? That's either a goof up or very, very, unsettling.
have a look at https://www.whatismybrowser.com/ and note that they can see inside your local network and pick up your local IP.
If Google etc. really wants to know your MAC address, they know it.
Nope, don't see the local LAN IP address here from https://www.whatismybrowser.com/. Only the public DHCP IP address on the ISP WAN.
Some of the other info it displays clearly depends on JavaScript, so there may be more info visible with Javascript. Stack Overflow also claims that ActiveX on IE may give the MAC address (not an issue for those not using IE). TBH I'm slightly impressed the warrant knew to ask for the MAC address, but this is probably boilerplate request language from other computer warrants. For example, Google does not have payment info for most of us, I hope, but boilerplate ISP warrant language might ask ISPs for MAC addresses.
Agreed. Your PC spills out a lot of browser information, but at worst (if you value your privacy anyway) all they should be able to get is WAN IP and DNS locale.
I prefer these sites : https://whoer.net/#extended or www.ipleak.net
Mine? Well all they'd get from me is a dislocated IP address located in, errr... well... that would be telling wouldn't it ;-)
Incorrect. IP != MAC, end of. Unless it's done out of band there is no way they're getting MAC of source / return.
Run wireshark and take a look for yourself, note all traffic to / from your gateway will have a source / dest MAC corresponding to your GW HWADDR / MAC.
have a look at https://www.whatismybrowser.com/ and note that they can see inside your local network and pick up your local IP.
Wrong. Javascript can see local IPs but not MAC addresses, which is why the link you posted (whilst very interesting) doesn't include it.
@WolfFan - Local IP addresses, not as surprising (although even that is a bad browser security leak). But when the packets are routed; i.e. they leave your local network, whether they are NAT'd or not, they loose your MAC address and gain the MAC address of the router. And so on for each of many hops. Many of those hops are very unlikely to be Ethernet at all and have no concept of MAC address at all.
So for Google or any other website to even see your MAC address, they have either hacked your machine, browser, or network. Or your browser is leaking information very badly. Discovery of any of that would be pretty newsworthy.
Except for sometimes IPv6. No surprise there. Sigh...
If Google really is doing any of that it would be a major concern. I don't think they are - Occam's razor: the Edina police are probably just a bit thin on their Layer-2 vs. Layer-3 networking background.
This post has been deleted by its author
Just tried whoer.net, and definitely no MAC address. IP address says I'm in Rejkjavik - oops must have 'accidentaly' turned my VPN on, silly me.
But the fact that I'm using UK DNS may be a bit of a give-away. Time to switch those as well I think, as well as preferred language.
Although why I need to be completely Anonymous to comment on El Reg I'm not sure. Paranoid? Moi?
It wouldn't give me any information because I have javascript disabled by default. I enabled it for the site out of curiosity and so now it knowns my VPN endpoint address and the IP address assigned by the VPN too. Interestingly they claim to be able to get the IP addresses of all interfaces but if they have, they didn't tell me about it. Definitely doesn't tell me my MAC address though, but that could be because a VPN link doesn't really have one.
From reading the story, the credit union is the victim here, not the person named on the account. They accepted instructions from someone pretending to be someone who had an account. Their processes did not verify that persons identity properly. They should have already replaced the the money back into the account and hopefully be looking at what went wrong with their processes.
As far as the article goes the victim is irrelevant. A person has used a fake identity to commit a crime, this is about tracking the criminal, not remedying directly about remedying the crime. It is those tracking methods, the forensics if you like, that are being questioned.
Recently there have been lots of comments about law enforcement authorities of one kind or another, often based in the USA applying extraterritoriality or just demanding information without judicial oversight.
In this instance both these issues appear not to be relevant, and the police are making a not unreasonable enquiry, but still copping some flak. In the old days if someone were to, for example, burn down a building, it would not be unreasonable for the police to enquire of the local library if someone had recently checked out "Mrs. Miggins' Guide to Arson and Animal Husbandry for Beginners". Good old fashioned police work I think it used to be called.
If this search turns up any evidence, I would be very surprised (although I am aware that the legal systems in some states can be strange to us Brits) if this lead to a conviction without at least some further proof. It might however raise a reasonable cause to make further enquiries relating to one or more people. If it turns out that the search was by the local "soup kitchen" service because the person had applied to be a volunteer, this would then hopefully be looked at, seen to be a coincidence and dismissed, allowing the police to concentrate their resources somewhere hopefully more fruitful.
As for the amount of tech info, if the link comes back to a phone which suspect X says "this is mine, no-one else uses it" this could help prove a case. if it turns out to be a shared PC in a student house left unsecured then of course its a bit trickier for the police, but again not an unreasonable request.
"Gary Larson is a former Minnesota Fourth Judicial District judge for Hennepin County, Minnesota. He was appointed to this position in 1985 and was elected to full terms in 1986, 1992, 1998 and 2004. He is currently assigned to the Criminal and Civil divisions. He retired in June of 2011."
Is a retired judge allowed to issue orders...?
Edina is a close in suburb (about 4 miles from the center) of Minneapolis, a fairly large city across the Mississippi River from Saint Paul. It probably is not, as some commenters seemed to infer, a backwoods hayseed village.
The reason for the local police to ask for the warrant they did seems a bit mysterious unless they already have a suspect in mind and are after corroboration, although in that case, the generality of the search request is mysterious. The obvious target for a search warrant is not Google, but the Bank of America, which allegedly received the fraudulent transfer. BoA is legally required to know who owned the account into which the transfer was deposited and Spire Credit Union would have been in position to provide the BoA account number to which they transferred the money.
The transferring credit union would be one of the injured parties, if not the only ones. The Bank of America, which reportedly received the fraudulent transfer, is a national corporation based in a different state, and the credit union likely is nationally chartered and in any cases claims its accounts are insured by the National Credit Union Administration, an agency of the US government. The transfer, if as described, violated a variety of federal laws and the investigating agency probably should be the FBI.
"The obvious target for a search warrant is not Google, but the Bank of America, which allegedly received the fraudulent transfer. "
If you read the article, the fraudster sent a message to the bank with a photocopy of the victim's passport - which was faked, with a photo that was not the victim but looked quite similar, and which turned up when you googled for the victim's name.
So it is most likely that the criminal got the wrong photo by googling for the victim's name. And if the victim is some unimportant person, then most likely very few people did that search. A very good way to find the identity of the perpetrator.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
