Google Search For A Fraud Victim

Google has been served with a search warrant by a US judge which requires the firm to hand over personally identifiable information on anyone who has searched for a particular name.

The warrant requires Google to provide a wealth of information on any internet user who was found to have searched for one of four variations of a fraud victim’s name.

The rationale for the records request is to do with the specifics of the fraud case: the perpetrator attempted to initiate a $28,500 wire transfer from the victim’s account, using a fake passport as ID. That passport, according to police, was illustrated with a picture of someone with the same name as the victim.

A Google image search of the victim’s name brings up that same image, the warrant says, while comparable searches using Bing and Yahoo do not. That led the police to conclude that the perpetrator likely carried out the same search, in order to find the photo in the first place.

The warrant, which was approved by Minnesota Judge Gary Larson in early February, calls on Google to hand over data on all searches for the victim’s name that took place between 1 December 2016 and 7 January 2017. That data includes names, addresses, phone numbers, birthdays, IP addresses and account information of all the people who carried out the search, according to the warrant.

Any Google user in the world could potentially be covered by the warrant, which doesn’t contain any restriction as to whose data should be handed over. Webster told Ars Technica that despite pro forma language limiting the search to the town of Edina, the warrant’s demands aren’t limited to just the immediate physical environment.

Whether the warrant is legally sound is a matter of some contention. Webster argues that “search warrants require supporting probable cause, not just mere suspicion or theory.

“For that reason, ‘anyone-who-accessed’ search warrants… can be risky to execute, as evidence could potentially be thrown out in a pretrial motion,” he adds. “Moreover, it’s possible that such a wide net could catch completely routine and non-criminal searches of the victim’s name by neighbours, prospective employers or business associates, journalists, or friends.”

Andrew Crocker, an attorney at the Electronic Frontiers Foundation, joked that the case should be renamed: “Case name should be in re Minnesota Unconstitutional General Warrant.”

A Google spokesperson said “We aren’t able to comment on specific cases, but we will always push back when we receive excessively broad requests for data about our users.”

Guardian

Google Required To Pass Foreign Emails To FBI:

Tim Berners-Lee’s Web - Things to Change:

Law to Imprison Journalists for Publishing Leaks:

 

 

« Cybersecurity’s Human Side Is A Problem
Drones For Rail & Road Tunnel Inspections »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Synopsys

Synopsys

Synopsys delivers trusted and comprehensive silicon to systems design solutions, from electronic design automation to silicon IP and system verification and validation.

Xcitium

Xcitium

Xcitium (formerly Comodo) is and industry leading provider of state-of-the-art endpoint protection solutions. Our Zero threat platform isolates and removes all ransomware & malware infectictions.

Guidewire

Guidewire

Guidewire Cyence™ Risk Analytics is a cloud-native economic cyber risk modeling solution built to help the insurance industry quantify cyber risk exposures.

Sentropi

Sentropi

Sentropi is an online protection solution against charge backs, account takeovers, identity thefts and online scams.

Cyberra Legal Services (CLS)

Cyberra Legal Services (CLS)

Cyberra Legal Services provides cyber law advisory, cyber crime consultancy, cyber law compliance audit, cyber security, cyber forensics and cyber training services.

Halon

Halon

Halon is a flexible security and operations platform for in-transit email.

Agesic

Agesic

Agesic is an institution that leads the development of the Digital Government and the Information and Knowledge Society in Uruguay.

Wayra

Wayra

Wayra connects Telefónica and technological disruptors around the world. As their preferred strategic partner, we scale them up to accelerate their business and ours.

Navisite

Navisite

Navisite is a combination of eight respected IT consulting and managed service providers that were brought together under the Navisite brand.

Digital Security by Design (DSbD)

Digital Security by Design (DSbD)

Digital Security by Design is an initiative supported by the UK government to transform digital technology and create a more resilient, and secure foundation for a safer future.

Chainguard

Chainguard

Founded by the industry's leading experts on open source software, security and cloud native development, Chainguard are on a mission to make the software supply chain secure by default.

Esprinet

Esprinet

The Esprinet Group is an enabler of the technology ecosystem: a team of people who promote access to technology through an extensive network of professional resellers.

Entro Security

Entro Security

Entro is the first holistic secrets security platform that detects, safeguards, and enriches with context your secrets across code, vaults, chats, and platforms.

RAD Security

RAD Security

RAD Security (formerly KSOC) is a cloud native security company that empowers engineering and security teams to drive innovation so they can focus on growth versus security problems.

Vonahi Security

Vonahi Security

Vonahi Security is a cybersecurity SaaS company that pioneered automated network penetration testing.

Transcendental Technologies

Transcendental Technologies

Transcendental is a consulting organization which specializes in customized assurance services in the fields of Localization, Mobile Software Solutions, Web Design, Cyber Security & Cyber Forensics.