Some relevant quotes to summarize:

But the videos weren’t clear enough to identify the exact make or model of the dark four-door sedan. The detectives quickly obtained what are known as tower dump warrants, which required the major phone networks to provide the numbers of all cellular devices in the vicinity of 5312 Truckee during the arson. And they slung a series of so-called geofence warrants at Google, asking the company to identify all devices within a defined area just before the fire. (At the time, Google collected and retained location data if someone had an Android device or any Google applications on their cell phone.)

…

There were 1,471 devices registered to T-Mobile within a mile of the house when it ignited. Using software that visualizes how long it takes a signal to bounce from a cell tower to a phone and back again, Sonnendecker narrowed the list down to the 100 devices nearest to the house. One evening toward the end of August, detectives roamed the area around 5312 Truckee with a cell-phone-tower simulator that captured the IDs of all devices within range. That night, there were 723. Sonnendecker cross-referenced these with the 100 from earlier, eliminating the 67 that showed up on both lists and likely belonged to neighborhood residents who could be ruled out. That left 33 T-Mobile subscribers whose presence in Green Valley Ranch in the early hours of August 5 couldn’t easily be explained.

…

That’s when another detective wondered if the perpetrators had Googled the address before heading there. Perhaps Google had a record of that search?

… birth dates, and physical addresses for all users who’d searched variations of 5312 Truckee Street in the 15 days before the fire.

Google denied the request. According to court documents, the company uses a staged process when responding to reverse keyword warrants to protect user privacy: First, it provides an anonymized list of matching searches, and if law enforcement concludes that any of those results are relevant, Google will identify the users’ IP addresses if prompted by the warrant to do so. DPD’s warrant had gone too far in asking for protected user information right away, and it took another failed warrant 20 days later and two calls with Google’s outside legal counsel before the detectives came up with language the search giant would accept.

Finally, the day before Thanksgiving 2020, Sonnendecker received a list of 61 devices and associated IP addresses that had searched for the house in the weeks before the fire. Five of those IP addresses were in Colorado, and three of them had searched for the Truckee Street house multiple times, including for details of its interior. “It was like the heavens opened up,” says Baker.

In early December, DPD served another warrant to Google for those five users’ subscriber information, including their names and email addresses. One turned out to be a relative of the Diols; another belonged to a delivery service. But there was one surname they recognized—a name that also appeared on the list of 33 T-Mobile subscribers they’d identified earlier in the investigation as being in the vicinity of the fire. Bui.

…

Seymour’s defense argued that, in asking Google to comb through billions of users’ private search history, investigators had cast an unconstitutional “digital dragnet.” It was, they said, the equivalent of police ransacking every home in America. The Fourth Amendment required police to show probable cause for suspecting an individual before getting a warrant to search their information. In this case, police had no reason to suspect Seymour before seeing the warrant’s results. But the judge sided with law enforcement. He likened the search to looking for a needle in a haystack: “The fact that the haystack may be big, the fact that the haystack may have a lot of misinformation in it doesn’t mean that a targeted search in that haystack somehow implicates overbreadth,” he said

…

After a five-month wait that Sandoval remembers as “gut-wrenching,” the court finally ruled in October 2023. In a majority verdict, four judges decided the reverse keyword search warrant was legal—potentially opening the door to wider use in Colorado and beyond. The judges argued that the narrow search parameters and the performance of the search by a computer rather than a human minimized any invasion of privacy. But they also agreed the warrant lacked individualized probable cause—the police had no reason to suspect Seymour before they accessed his search history—rendering it “constitutionally defective.”

Because of the ruling’s ambiguity, some agencies remain leery. The ATF’s Denver office says it would only consider using a keyword warrant again if the search terms could be sufficiently narrowed, like in this case: to an address that few would have reason to search and a highly delimited time period. The crime would also have to be serious enough to justify the level of scrutiny that would follow, the ATF says.

…

Meanwhile, another case—in which a keyword-search warrant was used to identify a serial rapist—is now before the Pennsylvania Supreme Court. If the warrant is upheld, as it was in Colorado, their use could accelerate nationwide. “Keyword warrants are dangerous tools tailor-made for political repression,” says Crocker. It’s easy to envision Immigrations and Customs Enforcement requesting a list of everyone who searched “immigration lawyer” in a given area, for instance.

Consider the people who were killed here also.

The first fire truck arrived at 2:47 am. By then, the inferno had shattered the windows and plumed the air with smoke. The stench of burning wood filled the neighborhood. When firefighters subdued the blaze enough to get in the front door, they found the small body of a child. Djiby’s daughter Khadija had been two months shy of her second birthday. Farther in sprawled Djiby himself and his 23-year-old wife, Adja.

Next to Adja lay Djiby’s 25-year-old sister, Hassan. She’d only been living in the house for three months. Like Adja, she had dreamed of going back to school to study nursing. She died with her arms still wrapped around her 7-month-old daughter, Hawa Beye. Medical examiners would later conclude that all five died of smoke inhalation, airways coated in black soot, internal organs and muscles burnished “cherry-red” from the heat.

This is frightning, google giving law enforcement a list of users who did a particular keyword search.

I am glad it helped solve the murder case but it also implies that my search history when using google services will always be stored and can be shared without my permission. Given that its almost impossible to not use google unless you want to be frustrated while trying to do basic stuff like email, searches etc. This basically mean every bit of data generated my anyone is permanently stored and its just about time until it will be searched for any useful stuff in case there is a situation like this again which there always will be.

Paywalled for me