Blog Editors

Joe Hodnicki
County Law Library Director
Butler County Law Library (OH)
Email

Mark Giangrande
Reference Librarian
Lecturer in Law
DePaul University Law Library
Email

Contributing Editors

Caren Biberman
Director of Library & Information Services
Cahill Gordon & Reindel LLP
Email

Sarah Glassmeyer
Director of Content Development
CALI
Email

Victoria Szymczak
Director of the Law Library
Associate Professor of Law
Univ. of Hawai‘i at Mānoa, School of Law
Profile
Email

David C. Walker
Information Services Librarian
Lincoln Memorial Univ.
Duncan School of Law Library
Email

About Law Librarian Blog
Email Editor Comments & Content

News Readers & Feeds
FeedBurner Subscription Service
Enter your Email:


Powered by FeedBlitz
View Recent Posts from Network Blog Feeds

Search This Blog

Blog Traffic

Since January 1, 2005

Disclaimer

Just in case you don't get it: The views expressed are solely those of the blog post author and should not be attributed to anyone else, meaning they do not necessarily represent the views of any organization that the post author is affiliated with or with the views of any other author who publishes on this blog.

Blogware

Powered by TypePad

Notices

© Copyright All Rights Reserved
Contact post author for permissions

« $74.59 per Page of New Content in the 2011 Edition of CJS Internal Revenue Volumes | Main | Opening: Faculty Services Librarian, Duncan School of Law, Lincoln Memorial University. »

April 25, 2011

More on Device Tracking

I've been reading the many articles out there about the tracking file that Apple places on the various iDevices it sells running iOS4.  The LLB covered the news last week in this post.  The file, called consolidated.db appears in unencrypted form on the iDevice and the computer image sync/back-up.  It seems to reconstitute itself from old devices to new.  Anyone with access to the device, the backup computer, and a program that reads it, can gain access to the information contained in the file.  From some reports, it's not even all that accurate.  Scary or not?  It depends on one's perspective.

Apple fans defend the company by saying Apple disclosed the tracking, if not the mechanism via EULA, and in testimony to Congress (see this letter and the information beginning at the bottom of page 5).  They also point to similar practices in Google's Android OS, although in the case of Android, the file is encrypted and harder to find.  Then there's the argument that people voluntarily give up location data to any number of social sites, so what's the big deal?

I suppose the big deal is that the information is more accessible by the less technically able when it exists in an unencrypted form.  One question that lingers is how much effort law enforcement need to expend to get access to an interesting file that is not protected.  Court order?  Access to the phone and "plain view?"  The Third Circuit recently ruled that evidence of other crimes found during the examination of a hard drive seized under warrant fell within the plain view doctrine:

This brings us to the question of whether evidence of other crimes in a computer can be examined under the plain view doctrine. We hold that the plain view doctrine applies to seizures of evidence during searches of computer files, but the exact confines of the doctrine will vary from case to case in a common-sense, fact-intensive manner. 

US v. Stabile (09-3500 & 09-3501, 3rd Cir. February 1, 2011).

Here is one of two other developments on the subject.  There is an article on the Washington Post website covering a government appeal to the Supreme Court in the case of US v. Antoine Jones.  Jones was tracked on public streets for 28 days with a tracking device attached to his vehicle without a warrant.  Circuit Judge Ginsburg's opinion reversing Jones' conviction is quoted, “the whole of a person’s movements over the course of a month is not actually exposed to the public because the likelihood a stranger would observe all those movements ... is essentially nil.”  The government's appeal is based on a conflict with two other circuits that allowed tracking.  Ginsgurg goes on to say “A person who knows all of another’s travels can deduce whether he is a weekly churchgoer, a heavy drinker, a regular at the gym, an unfaithful husband, an outpatient receiving medical treatment, an associate of particular individuals or political groups.”

I wonder if Judge Ginsburg owns an iPhone.  If so he should consider this article from the Atlantic by Alexis Madrigal, What Does Your Phone Know About You? More Than You Think:

I plugged my phone into my computer and opened an application called Lantern, a forensics program for investigating iPhones and iPads. Ten minutes later, I'm staring at everything my iPhone knows about me. About 14,000 text messages, 1,350 words in my personal dictionary, 1,450 Facebook contacts, tens of thousands of locations pings, every website I've ever visited, what locations I've mapped, my emails going back a month, my photos with geolocation data attached and how many times I checked my email on March 24 or any day for that matter. Want to reconstruct a night? Lantern has a time line that combines all my communications and photos in one neat interface. While most of it is invisible during normal operations, there is a record of every single thing I've done with this phone, which also happens to form a pretty good record of my life.

It's scary stuff.  The consolidated.db file is just the tip of the iceberg.  Then again, we are in the post-privacy age relying on devices with way too accurate memories.  Should the Court take up the government's appeal in Jones, the opinion could be very interesting.  More information about the Lantern forensics program is here.  [MG]

April 25, 2011 in Information Technology, News | Permalink

Comments

Post a comment