Today, the Colorado Supreme Court became the first state supreme court in the country to address the constitutionality of a keyword warrant—a digital dragnet tool that allows law enforcement to identify everyone who searched the internet for a specific term or phrase. In a weak and ultimately confusing opinion, the court upheld the warrant, finding the police relied on it in good faith. EFF filed two amicus briefs and was heavily involved in the case.
…
Keyword warrants rely on the fact that it is virtually impossible to navigate the modern Internet without entering search queries into a search engine. By some accounts, there are over 1.15 billion websites, and tens of billions of webpages. Google Search processes as many as 100,000 queries every second. Many users have come to rely on search engines to such a degree that they routinely search for the answers to sensitive or unflattering questions that they might never feel comfortable asking a human confidant, even friends, family members, doctors, or clergy. Over the course of months and years, there is little about a user’s life that will not be reflected in their search keywords, from the mundane to the most intimate. The result is a vast record of some of users’ most private and personal thoughts, opinions, and associations.
I wonder if there are any states using this to find out who is searching for information on abortions now that Roe v. Wade was flipped.
Wasn’t there a law suite against a girl, where Google Searches where used to convict her?
Edit: Found it https://www.washingtonpost.com/technology/2022/07/03/abortion-data-privacy-prosecution/
The solution → use Tor (theoretically)
I simply did a search for Moroccan couscous recipes. Results:
- 6 results blocked by #Cloudflare (default config; naïve admins)
- 2 results blocked Error 462 Not allowed (proactively anti-tor admins)
- 1 result blocked by #Imunify360 (naïve admin)
Only TWO out of 11 results on the 1st page were usable and they were at the bottom of the page. It’s as if cyber criminals are all out to take down recipe sites. Most people are pro-Cloudflare & anti-robot, which enables tor-hostility to happen on such a large scale, ultimately neutering people from sensible self-defense.
I can’t help but run through the #DuckDuckGo scenario.
#DDG is a Microsoft syndicate which means Bing sees everyone’s search query. MS also doubles as DDG’s hosting provider, so MS sees everyone’s IP address too. If MS wants to pair IP address to search queries, they need to do a bit of timing analysis (assuming they don’t simply snoop on DDG’s jobs).
Is the data worth it for MS to make the extra effort of matching query to IP & ultimately identity? Suppose it is. Or suppose DDG collects that info themselves anyway (since all we have is trust & DDG keeps getting caught violating their own privacy policy). The info gets to spooks. Then what? They know that people still think DDG is safe & so they would not want to destroy that false sense of security by using it as evidence in court. They would only use the information for parallel construction. That’s still better than the Google situation where they can directly bluntly use the data against people.