Google Search For A Fraud Victim

Uploaded on 2017-03-29 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Law

Google has been served with a search warrant by a US judge which requires the firm to hand over personally identifiable information on anyone who has searched for a particular name.

The warrant requires Google to provide a wealth of information on any internet user who was found to have searched for one of four variations of a fraud victim’s name.

The rationale for the records request is to do with the specifics of the fraud case: the perpetrator attempted to initiate a $28,500 wire transfer from the victim’s account, using a fake passport as ID. That passport, according to police, was illustrated with a picture of someone with the same name as the victim.

A Google image search of the victim’s name brings up that same image, the warrant says, while comparable searches using Bing and Yahoo do not. That led the police to conclude that the perpetrator likely carried out the same search, in order to find the photo in the first place.

The warrant, which was approved by Minnesota Judge Gary Larson in early February, calls on Google to hand over data on all searches for the victim’s name that took place between 1 December 2016 and 7 January 2017. That data includes names, addresses, phone numbers, birthdays, IP addresses and account information of all the people who carried out the search, according to the warrant.

Any Google user in the world could potentially be covered by the warrant, which doesn’t contain any restriction as to whose data should be handed over. Webster told Ars Technica that despite pro forma language limiting the search to the town of Edina, the warrant’s demands aren’t limited to just the immediate physical environment.

Whether the warrant is legally sound is a matter of some contention. Webster argues that “search warrants require supporting probable cause, not just mere suspicion or theory.

“For that reason, ‘anyone-who-accessed’ search warrants… can be risky to execute, as evidence could potentially be thrown out in a pretrial motion,” he adds. “Moreover, it’s possible that such a wide net could catch completely routine and non-criminal searches of the victim’s name by neighbours, prospective employers or business associates, journalists, or friends.”

Andrew Crocker, an attorney at the Electronic Frontiers Foundation, joked that the case should be renamed: “Case name should be in re Minnesota Unconstitutional General Warrant.”

A Google spokesperson said “We aren’t able to comment on specific cases, but we will always push back when we receive excessively broad requests for data about our users.”

Guardian

Google Required To Pass Foreign Emails To FBI:

Tim Berners-Lee’s Web - Things to Change:

Law to Imprison Journalists for Publishing Leaks:

 

 

« Cybersecurity’s Human Side Is A Problem
Drones For Rail & Road Tunnel Inspections »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Social-Engineer

Social-Engineer

Social-Engineer is a team of outside–the–box thinkers that share a common focus on human-to-human social engineering.

ManTech International

ManTech International

ManTech provides comprehensive, integrated cyber security support, which includes computer and network design, implementation, and operations.

Certus Software

Certus Software

Our Secure Data Erasure solutions protect customer data confidentiality by completely erasing it from data storage devices.

4N6

4N6

4N6 is a privately-owned firm founded with the goal of providing expert knowledge of computer forensics.

Zanasi & Partners

Zanasi & Partners

Zanasi & Partners is a security research and advisory company active in the EU and MENA areas. Services focus on technology solutions.

Cybersecurity Credentials Collaborative (C3)

Cybersecurity Credentials Collaborative (C3)

C3 provides a forum for collaboration among vendor-neutral information security and privacy and related IT disciplines certification bodies.

Perception Point

Perception Point

Perception Point is a Prevention-as-a-Service company, built to enable digital transformation. Our platform offers 360-degree protection against any type of content-based attack.

Sopher Networks

Sopher Networks

Sopher is a secure communication and collaboration platform for business and personal use.

SensorHound

SensorHound

SensorHound’s mission is to improve the security and reliability of the Internet of Things (IoT).

RealCISO

RealCISO

RealCISO is a CISO grade cloud platform to help companies understand, manage, and mitigate their cyber risk.

Venustech

Venustech

Venustech is a leading provider of network security products, trusted security management platforms, specialized security services and solutions.

Trusted Cyber Solutions

Trusted Cyber Solutions

Trusted Cyber Solutions is an independent Cyber Security and Risk Management consultancy.

Strivacity

Strivacity

Strivacity lets brands quickly add secure login and identity management capabilities to their customer-facing applications without tying up an army of developers or consultants to do it.

Protecto

Protecto

Make privacy and governance effortless. Brakes allow you to drive faster. Stronger data privacy and security enable companies to unlock the full potential of the data.

Actelis Networks

Actelis Networks

Actelis Networks is a market leader in cyber-hardened, rapid deployment networking solutions for wide-area IoT applications.

Spirit Technology Solutions

Spirit Technology Solutions

Spirit Technology Solutions is a modern workplace services provider committed to delivering solutions that embody our core principles of security, sustainability, and scalability.