Google Search For A Fraud Victim

Google has been served with a search warrant by a US judge which requires the firm to hand over personally identifiable information on anyone who has searched for a particular name.

The warrant requires Google to provide a wealth of information on any internet user who was found to have searched for one of four variations of a fraud victim’s name.

The rationale for the records request is to do with the specifics of the fraud case: the perpetrator attempted to initiate a $28,500 wire transfer from the victim’s account, using a fake passport as ID. That passport, according to police, was illustrated with a picture of someone with the same name as the victim.

A Google image search of the victim’s name brings up that same image, the warrant says, while comparable searches using Bing and Yahoo do not. That led the police to conclude that the perpetrator likely carried out the same search, in order to find the photo in the first place.

The warrant, which was approved by Minnesota Judge Gary Larson in early February, calls on Google to hand over data on all searches for the victim’s name that took place between 1 December 2016 and 7 January 2017. That data includes names, addresses, phone numbers, birthdays, IP addresses and account information of all the people who carried out the search, according to the warrant.

Any Google user in the world could potentially be covered by the warrant, which doesn’t contain any restriction as to whose data should be handed over. Webster told Ars Technica that despite pro forma language limiting the search to the town of Edina, the warrant’s demands aren’t limited to just the immediate physical environment.

Whether the warrant is legally sound is a matter of some contention. Webster argues that “search warrants require supporting probable cause, not just mere suspicion or theory.

“For that reason, ‘anyone-who-accessed’ search warrants… can be risky to execute, as evidence could potentially be thrown out in a pretrial motion,” he adds. “Moreover, it’s possible that such a wide net could catch completely routine and non-criminal searches of the victim’s name by neighbours, prospective employers or business associates, journalists, or friends.”

Andrew Crocker, an attorney at the Electronic Frontiers Foundation, joked that the case should be renamed: “Case name should be in re Minnesota Unconstitutional General Warrant.”

A Google spokesperson said “We aren’t able to comment on specific cases, but we will always push back when we receive excessively broad requests for data about our users.”

Guardian

Google Required To Pass Foreign Emails To FBI:

Tim Berners-Lee’s Web - Things to Change:

Law to Imprison Journalists for Publishing Leaks:

 

 

« Cybersecurity’s Human Side Is A Problem
Drones For Rail & Road Tunnel Inspections »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Center for Internet Security (CIS)

Center for Internet Security (CIS)

CIS is a nonprofit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats.

CyberTech Network

CyberTech Network

CyberTECH is a global cybersecurity, Internet of Things (IoT) and Smart City network ecosystem and incubator operator.

CI-CERT

CI-CERT

CI-CERT is the national Computer Incident Response Team for Cote d'Ivoire.

LaoCERT

LaoCERT

LaoCERT is the national Computer Incident Response Team for Laos.

Assystem

Assystem

Assystem delivers a comprehensive security approach for the industrial and service sectors that integrates physical security systems, industrial cyber-security, functional safety and dependability.

Aries Security

Aries Security

Aries Security provides a premiere cyber training range and skills assessment suite and develops content for all levels of ability.

Gray Analytics

Gray Analytics

Gray Analytics is a Cybersecurity Risk Management company providing best-practice services across a broad spectrum of cyber scenarios for both government and commercial customers.

BriskInfosec Technology & Consulting

BriskInfosec Technology & Consulting

BriskInfosec provides information security services, products and compliance solutions to our customers.

Arista Middle East

Arista Middle East

Arista Middle East is part of Global Arista Technologies specializing in OT Cybersecurity.

ThreatER

ThreatER

ThreateER (formerly ThreatBlockr / Bandura Cyber) is a cybersecurity platform that provides active network defense by automating the discovery, enforcement, and analysis of cyber threats at scale.

SureCloud Cyber Services

SureCloud Cyber Services

Our Cyber Testing capability has been honed since we were founded in 2006 as a disrupter in the penetration testing market.

Eleviant Tech (CTG Group)

Eleviant Tech (CTG Group)

Eleviant Tech (CTG Group) is a USA based digital transformation company with expertise in Mobile, Cloud, Web, IoT, AR, RPA, Cyberseurity and AI Technologies.

RST Cloud

RST Cloud

RST Cloud is a cutting-edge technology company that specialises in threat intelligence solutions for businesses of all sizes.

MadWolf Technologies

MadWolf Technologies

MadWolf’s mission is to deliver enterprise-quality managed services and focused applications to organizations operating in the non-profit, association and international development sectors.

Digital Twin Consortium (DTC)

Digital Twin Consortium (DTC)

Digital Twin Consortium is a global ecosystem of users who are driving best practices for digital twin usage and defining requirements for new digital twin standards.

Noma Security

Noma Security

Noma Security's mission is Application Security for the Entire Data & AI Lifecycle.