00

Digital Investigators Uncover Crook Using Google Cookies

google-cookies

Last March, digital forensics service CCL assisted British law enforcement in apprehending a suspect through an intricate and unprecedented procedure that netted them access to a smartphone’s tracking cookies buried by Google Analytics. These cookies had Google “value” put on them by the search engine, which included vital information about the time sites were accessed but more importantly how the sites were found via the search engine phrases keyed in by the user. Not only were the digital crimes of an individual revealed through the efforts of a private business working with their own set of in-house tools and techniques, but also the latest in Google’s advanced user-learning sneakiness.

We can all be happy to hear that the kinds of data that search engine powerhouse and other Internet overlords devise ways of collecting can be used for the benefit of personal and public safety. We remember the scandal over the iPhone tracking tool uncovered by Apple last month, but that kind of technology could potentially save your life if the only way authorities could find you is by what Apple is secretly saving. It’s certainly an interesting arena for debate. On one side you have what seems to be unbridled information collection being discovered only in the process of solving traditional criminal activity, which seems sketchy to say the least. But on the other side you have what looks like a company, who promises to not be evil, simply coming up with ever more technologically savvy ways to profit from search engine analytics.

If law enforcement starts to look toward the data collecting of Google and friends with ever more reliance to catch criminals, we might have a problem. Instead of law enforcement having the means to perform their own intricate searches on the digital movement of suspects, they’ll continue to look toward private computer forensic services and worse the sole technological capabilities of Google to do their investigating for them. It’s a problem because as of 2011 there’s virtually no regulating the means in which law enforcement can utilize digital information, gained from any source. There’s no doubt in my mind about the importance of making sure our law enforcement officials have the means to find what they want online or through the profit-driven efforts of companies. But these efforts must have the same benchmarks as the standard search warrant.

The real concern here is not the use of this information for the greater good, but the potential for this kind of hidden information to keep getting more and more elusive of an article to find within the elements of my smartphone. If Google has the means to track my smartphone use for months and devise a plethora of files on the nature of me as a user, we’re talking about the composition of individuals through just 1s and 0s that will sit in a mainframe somewhere indefinitely. It’s the indefiniteness that is worrying. Google promises not to be evil today, but they’ll have the kinds of websites I browsed on my phone at the airport on file, and the way I got to them too, for decades to come.

Often we see this kind of access as a moot issue because if we aren’t doing anything criminal, what do we have to hide? Unfortunately, law enforcement makes mistakes too. While you may not be a criminal, your web searches and your browsing history could make you a person of interest. Then those nice technologies that help the police do their job, well, they aren’t so nice anymore.