Google Search For A Fraud Victim

Uploaded on 2017-03-29 in NEWS-News Analysis, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Law

Google has been served with a search warrant by a US judge which requires the firm to hand over personally identifiable information on anyone who has searched for a particular name.

The warrant requires Google to provide a wealth of information on any internet user who was found to have searched for one of four variations of a fraud victim’s name.

The rationale for the records request is to do with the specifics of the fraud case: the perpetrator attempted to initiate a $28,500 wire transfer from the victim’s account, using a fake passport as ID. That passport, according to police, was illustrated with a picture of someone with the same name as the victim.

A Google image search of the victim’s name brings up that same image, the warrant says, while comparable searches using Bing and Yahoo do not. That led the police to conclude that the perpetrator likely carried out the same search, in order to find the photo in the first place.

The warrant, which was approved by Minnesota Judge Gary Larson in early February, calls on Google to hand over data on all searches for the victim’s name that took place between 1 December 2016 and 7 January 2017. That data includes names, addresses, phone numbers, birthdays, IP addresses and account information of all the people who carried out the search, according to the warrant.

Any Google user in the world could potentially be covered by the warrant, which doesn’t contain any restriction as to whose data should be handed over. Webster told Ars Technica that despite pro forma language limiting the search to the town of Edina, the warrant’s demands aren’t limited to just the immediate physical environment.

Whether the warrant is legally sound is a matter of some contention. Webster argues that “search warrants require supporting probable cause, not just mere suspicion or theory.

“For that reason, ‘anyone-who-accessed’ search warrants… can be risky to execute, as evidence could potentially be thrown out in a pretrial motion,” he adds. “Moreover, it’s possible that such a wide net could catch completely routine and non-criminal searches of the victim’s name by neighbours, prospective employers or business associates, journalists, or friends.”

Andrew Crocker, an attorney at the Electronic Frontiers Foundation, joked that the case should be renamed: “Case name should be in re Minnesota Unconstitutional General Warrant.”

A Google spokesperson said “We aren’t able to comment on specific cases, but we will always push back when we receive excessively broad requests for data about our users.”

Guardian

Google Required To Pass Foreign Emails To FBI:

Tim Berners-Lee’s Web - Things to Change:

Law to Imprison Journalists for Publishing Leaks:

 

 

« Cybersecurity’s Human Side Is A Problem
Drones For Rail & Road Tunnel Inspections »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

SecureAuth

SecureAuth

SecureAuth delivers cutting edge identity and information security solutions for cloud, mobile, web, and VPN systems.

Cavirin

Cavirin

Cavirin’s Automated Risk Analysis Platform reduces risk and automates security and compliance.

Ministry of Defence Georgia - Cyber Security Bureau

Ministry of Defence Georgia - Cyber Security Bureau

The aim of the Cyber Security Bureau is to establish and develop stable, effective and secure Information and Communication Technology systems for the Civil Office of MoD of Georgia.

Exonar

Exonar

We enable organisations to better organise their information, removing risk and making it more productive and secure.

Logz.io

Logz.io

Logz.io is an AI-powered log analysis platform that offers the open source ELK Stack as a enterprise-grade cloud service with machine learning technology.

ISA Security Compliance Institute (ISCI)

ISA Security Compliance Institute (ISCI)

ISCI, a not-for-profit automation controls industry consortium, manages the ISASecure™ conformance certification program for industrial automation and control systems.

Area 1 Security

Area 1 Security

Area 1 is the only Pay-per-Phish solution in cyber security. And the only technology that blocks phishing attacks before they damage your business.

Pixm

Pixm

Pixm’s computer vision based approach offers a truly unique and effective means to protect organizations from web-based phishing attacks.

PizzlySoft

PizzlySoft

PizzlySoft is a global company that is seeking convergence of network and security / software and hardware. We put our value on creating the best security.

US Coast Guard Cyber Command

US Coast Guard Cyber Command

US Coast Guard Cyber Command’s focus is to ensure the security of our cyberspace, maintain superiority over our adversaries,and safeguard our Nation’s critical maritime infrastructure.

Anametric

Anametric

Anametric is developing new technologies and devices for chip scale quantum photonics, with a focus on cybersecurity.

Cybertech Nepal

Cybertech Nepal

Cybertech Nepal is committed to provide high-quality cyber security solutions, including server assessment and hardening, forensics and malware analysis, end-point threat analysis, and VAPT.

Summit 7 (S7)

Summit 7 (S7)

Summit 7 is a national leader in cybersecurity, compliance, and managed services for the Aerospace and Defense industry and corporate enterprises.

Borwell

Borwell

Borwell delivers software and IT solutions to the UK MoD and to UK Government departments, which are secure by design.

Trickest

Trickest

Trickest enables Enterprises, MSSPs, and Ethical Hackers to build automated offensive security workflows from prototype to production.

Sensity

Sensity

Sensity is a company that offers an AI-driven solution to detect and verify deepfakes and other forms of identity fraud.