Law enforcement agencies in the United States have increasingly turned to purchasing customer phone data from phone companies and data brokers as a method to aid in criminal investigations. This practice has sparked significant debate about its legality and implications for privacy, particularly regarding whether it circumvents constitutional protections under the Fourth Amendment, which guards against unreasonable searches and seizures. Here's an overview of how this happens and why it's considered controversial, potentially illegal, and a tool for "solving crime."
How Law Enforcement Acquires Phone Data
Law enforcement agencies, including local police departments, state agencies, and federal entities like the Department of Homeland Security (DHS), Immigration and Customs Enforcement (ICE), and the FBI, have been documented buying access to vast datasets of phone data as well as individual phone data used to target an individual during an illegal investigation that allows ongoing surveillance without a warrant . This data often includes:
Location Data: Precise geolocation information derived from cell phone towers, GPS, or apps, which can track an individual's movements over time.
Call and Text Metadata: Records of who someone called or texted, when, and for how long, though not necessarily the content of those communications.
Advertising IDs: Unique identifiers tied to devices that can link location data to specific individuals when correlated with other information.
This data is typically obtained not directly from phone companies in every case but through intermediaries known as data brokers—companies that aggregate and sell consumer information collected from apps, carriers, and other sources. Firms like Venntel, Fog Data Science, and Babel Street have been identified as key players in this market, offering law enforcement subscription-based access to tools like "Fog Reveal" or "Locate X." These tools allow officers to query databases for information such as all devices present in a specific area during a crime (a digital "dragnet") or the historical movements of a particular device (individual).
The process often bypasses traditional legal requirements like search warrants. Instead, agencies may use administrative subpoenas—a lower legal threshold that doesn’t require judicial oversight—or simply purchase the data outright, treating it as a commercial transaction rather than a government seizure.
Why This is Illegal
The legality of this practice hinges on the Fourth Amendment, which requires a warrant based on probable cause for searches that intrude on a "reasonable expectation of privacy." Several factors contribute to the argument that buying phone data is an illegal end-run around this protection:
Supreme Court Precedent (Carpenter v. United States, 2018): The U.S. Supreme Court ruled that accessing historical cell-site location information (CSLI) from phone carriers without a warrant violates the Fourth Amendment. The decision emphasized that individuals maintain a privacy interest in the "whole of their physical movements." Critics argue that purchasing similar data from brokers—often more detailed than CSLI—should also require a warrant, yet agencies exploit the loophole of buying it commercially.
No Judicial Oversight: When law enforcement buys data, it avoids the need to demonstrate probable cause to a judge. This lack of oversight allows for broad, suspicionless searches—sometimes called "general warrants"—which the Fourth Amendment was designed to prevent.
State Actor Doctrine: Some legal analyses, like those in Cooper v. Hutcheson (2020), suggest that data brokers acting as willful participants in government surveillance could be considered "state actors." If so, their data collection and sale to law enforcement might still fall under Fourth Amendment scrutiny, requiring a warrant.
Legislative Gaps: The U.S. lacks a comprehensive federal privacy law regulating data broker activities. Existing laws like the Electronic Communications Privacy Act (ECPA) apply to phone carriers but not necessarily to third-party brokers, creating a loophole that law enforcement exploits.
Use in Crime Solving
Law enforcement justifies this practice as a cost-effective and efficient way to solve crimes. Examples include:
Geofencing: Agencies use location data to identify all devices near a crime scene, narrowing suspect lists. For instance, Fog Data Science’s tools have been used to track devices near petty thefts, burglaries, and even murders.
Pattern Analysis: By mapping a device’s "pattern of life," investigators can link suspects to crime scenes or disprove alibis.
High-Profile Cases: The Secret Service used Locate X to seize illegal credit card skimmers, and tower dumps have helped identify suspects in events like the January 6 Capitol attack.
While effective in some cases, the practice’s breadth raises concerns. It’s not limited to serious crimes; records show it’s been used for minor offenses like shoplifting or Medicaid fraud investigations, suggesting a disproportionate application.
Privacy and Ethical Concerns
Critics, including the ACLU and Electronic Frontier Foundation (EFF), argue that this constitutes "mass surveillance on a budget." The data often sweeps up innocent bystanders—anyone near a geofenced area—without their knowledge or consent. Post-Dobbs (2022), there’s heightened fear that such data could be used to target individuals seeking abortions or other now-criminalized activities in certain states.
Additionally, the secrecy surrounding these purchases—sometimes hidden from courts via "parallel construction" (rebuilding cases to obscure the data’s origin)—undermines defendants’ rights to challenge evidence against them.
Pushback and Potential Reforms
Legislation: The Fourth Amendment Is Not For Sale Act, with bipartisan support, aims to ban law enforcement from buying data without a warrant. It’s gained traction but hasn’t passed as of March 25, 2025.
Court Rulings: A Virginia federal judge in 2019 ruled geofence warrants unconstitutional for being overbroad, setting a precedent that could extend to purchased data.
Public Awareness: Investigations by EFF, ACLU, and media outlets have exposed these practices, pressuring agencies to justify their actions.
The obvious problem with this is that bad actors have been installed into every institution, including law enforcement and border patrol, and enemies of the political right use this tactic not to 'solve' a crime but rather to look or or use this information to manufacture a crime.
When device security fails, information can be both extracted as well planted onto the device of an individual or a group of users who could take over the device and use it with malicious intent while the user might not even be aware of it.
Comments