Skip to content
Naked Security Naked Security

Google’s location history data shared routinely with police

Law enforcement officials in the US have been routinely mining Google’s location history data for criminal investigations.

Law enforcement officials in the US have been routinely mining Google’s location history data for criminal investigations. Requests have escalated in the last six months, according to The New York Times.

The location data resides in Sensorvault, a Google system that logs information provided by the search and advertising giant’s mobile applications. Applications may gather the data even when not running, depending on the phone’s settings. However, for Sensorvault to store their data a user must have opted in to Location History, a feature that Google introduced in 2009. It stores daily movements based on raw data communicated via these apps.

Police officers don’t request the phone data of a particular suspect. Instead, they serve reverse location warrants, also known as ‘geofence’ warrants. These request anonymous IDs and locations relating to all phones found in a particular area over a particular time.

Officers analyse this data, looking for movement patterns that correlate with potential suspects or witnesses. When they narrow down the search to a handful of devices, they can request those users’ names and other information from Google.

The report highlighted several instances in which federal law enforcement have used this technique. They include the March 2018 bombings in Austin, Texas, along with a 2016 murder in Florida.

Sometimes, as with the investigation of a home invasion in Minnesota last year, these warrants can gather data on tens of thousands of individual devices. And, the Times reported that the use of location data has led to some mistakes.

One such case saw police arrest Arizona warehouse worker Jorge Molina after harvesting his phone data via a geofence warrant. They released him after nearly a week in jail when friends provided alibi information that placed him elsewhere at the time of the shooting. They then arrested another man, his mother’s ex-boyfriend, who occasionally used Molina’s car.

Geofence warrants apparently offer a way around a Supreme Court ruling last year, which made it unlawful for law enforcement and federal agencies to access a specific subject’s cell phone location records without a warrant. Geofence warrants allow officials to cast a net within a certain area and then follow up any leads surfacing from this potentially large data set.

If you don’t want Google to store your location in Sensorvault, you can turn off location history via your browser.

To do so, sign into your Google account, click on your profile picture and the Google account button. From there, go to Data & personalization, and select Pause next to Location History. To turn off location tracking altogether, you must do the same for Web & App activity in the same section.

If you want to view and download all the location information Google has saved about you, you can access it in your Timeline. The small gear icon at the bottom right of the map contains an option to delete it.


I’d much rather be able to find out where I last lost my phone, or have my wife be able to locate me if I get hurt but my phone survives. Not committing any crimes, I don’t care if Google knows where I am. Everybody I pass on the street or stand in line with at the grocery store already knows where I am. Both Google and Samsung can track my phone.


…besides, you’re already being tracked every time you use your debit or charge card. The stores you shop at know who you are and what you buy. Haven’t you noticed how targeted the automatic coupon printers next to the checkout keep offering you discounts on the very products you are already buying? How many stores do you have barcoded keyring tags for which you get some sort of discount when you use them while shopping? At least Target pays you a 5% for using their own (RedCard) charge card. Others: Big Lots, PetSmart, My Lowe’s Hardware, Home Depot Hardware, Office Depot, Holiday Grocery, Sear’s (though our Sears closed recently), CVS, Rite Aide, ACE Rewards, Auto Zone, CostCo, Safeway… they ALL know when you shop with them, who you are, what you buy, your home phone number, email, and mailing address. Who cares, if you maybe get some discounts as incentives. I get $5 coupons on my birthday from ACE Rewards. I get 5% off every purchase I make with the Target Redcard. I get 20% off Family and Friends weekends at Big Lots. I get all sorts of discount coupons from Bed, Bath & Beyond. Even if you don’t have any of those cards, ALL those stores have security cameras to prevent shop lifting. You’re still being watched… unless you live out in the boonies and shop at roadside fruit stands maybe, and only drive on dirt roads.
One more aspect of this to consider is the people who’ve driven off the road on a rainy night, down some embankment and got stuck in the bushes in the dark, injured and alone and still got found by their phones being trackable. Yeah, it’s rare, but it happens. Of course, if you’ve been committing crimes and turned off your phone tracking, perhaps you deserve to die alone in the dark, in the woods, down a cliff, slowly, painfully, and with broken limbs, as you consider what the word karma means.


A warrant to search Google’s historical geolocation data isn’t going to do much to help people who crashed on the way home tonight – the data would come too late for that. Recent mobile phone cell tower data might help, but if you’ve truly crashed alone and unexpected, then you’re not going to get searched for anyway…

I suspect that most people who are pinpointed after accidents from cell tower location data get found because they were able to get at their own phone (or someone in the car was) and place an emergency call, even if that’s all they were able to do and they weren’t able to speak or communicate usefully after the call went through.


Citation needed.


Nonsense. I am not claiming anything as a truth or even saying “I’ve formed the opinion that…”, just musing about what I suspect based on things I recall reading here and there over the years. If you know otherwise I am happy to hear about it.


Logically, the most likely scenario in which a search would commence is for the solo traveler, who fails to reach his/her destination at an expected time.

You wrote the opposite, namely, “if you’ve truly crashed alone and unexpected, then you’re not going to get searched for anyway…”

I’m curious why and what facts you possess to think differently.


If you fail to show up at your expected time on then you are not “unexpected”. So my sentence is hardly “the opposite” of yours.

If you wish to be tracked, turn location on. That’s about it.


Did you read the article? An innocent person was arrested because of the wrong use of this and placed in jail for a week. If that is okay with you, keep it on.


Jorge Molina also committed no crimes yet had to sit a week in jail. I see the connection between Sensorvault and his unlawful incarceration. I am in the process of breaking free of Google. Just because someone installs a window in your house shouldn’t give them the right to look through it when ever they want. Especially if the the window was paid for (G-Suite and other products). IMHO


Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!