Hacker News new | past | comments | ask | show | jobs | submit login
Why It’s Easy for a Bounty Hunter to Find People (nytimes.com)
152 points by pseudolus on April 2, 2019 | hide | past | favorite | 83 comments



I think the comments in this thread are somewhat missing the point. Its not so much an issue that bounty hunters can track you anywhere, its that anyone with a little money can access the same databases. Given the actions of the US/foreign intelligence agencies over the last couple decades, it would be foolish to think that they wouldnt be keeping their own copy of all this data. Even if you're OK with your own government having access to your current location at all times, would you also be OK with the Saudies or the Russian FSB knowing this? I think we're all past the point where the idea of individually targeted misinformation campaigns are out of the realm of scifi and are very much a real thing. Location data alone is enough to create an extremely accurate demographic/psychological profile for a person.


> Even if you're OK with your own government having access to your current location at all times, would you also be OK with the Saudies or the Russian FSB knowing this?

I see this sentiment a lot, and I've never understood the thought process that leads to it. Your own government is the worst possible party to have information on you, because they have a lot of power to do things to you. They are also much more likely to care about your activities or other things that concern you.

By contrast, the Saudis are way the hell over in Saudi Arabia, have very little power over Americans in America, and don't care what Americans in America do. In the immortal words of Achilles:

> I came not warring here for any ill the Trojans had done me. I have no quarrel with them. They have not raided my cattle nor my horses, nor cut down my harvests on the rich plains of Phthia; for between me and them there is a great space, both mountain and sounding sea.

You can change whether the Saudis care about what you're doing, if you try hard. But you can't bring them up to the level where they care more or have more power than your native government already does.


> By contrast, the Saudis are way the hell over in Saudi Arabia, have very little power over Americans in America, and don't care what Americans in America do.

I dont believe this is true, the Saudi's very much care about Americans in America. See their extensive lobbying efforts to effect American policy, and the possible hacking of Jeff Bezos (no way to know if this is real or not). I also think its somewhat of a red harring to say, "since country X doesnt care about us, we're safe from all countries." The difference between a foreign country and my own government is that in some respect I have the ability to change my own countries policy, I can vote people out of office and email my senators (who are supposed to have my well being in mind when making laws), however I have no control whatsoever over a foreign governments decision making and they probably dont care about my well being.


Sorry, but it just doesn't gel. You are not important. Jeff Bezos might be important, but I really couldn't give two shits if the Saudis know where Jeff Bezos is at all times. They're not going to expend real or political capital to worry about Joe Whomever.

Certainly, if you're Jeff Bezos, you may have something to worry about from foreign governments, but you are also only .000000000167~% of people. Forgive me if I don't have the concern to expend on that proportion of people, especially when they are rich enough to buy a country.

Contrarily, I am terrified that in the event I am somehow wrongly charged of a crime, or rightly charged of a wrong crime in the United States, that my entire history of movement will be used to exploit me. The FBI and CIA have run many discrediting campaigns in their histories, to speak nothing of the McCarthy era.


The main reason to worry about a foreign government knowing too much about you is if they might use it against you. When they're far away, that's extremely unlikely, however if you travel there, it suddenly becomes a real possibility. Bad things have happened to Americans who visited Iran and North Korea, for instance.

However, if you don't plan to visit countries like this, this isn't something you should probably worry about. I have no plans to visit either of those countries until they have completely different governments, so I really don't care if they don't like me.


> They're not going to expend real or political capital to worry about Joe Whomever.

Except we know that's not entirely accurate. The Russian propaganda effort in 2016 really needed to know a lot about a few hundred thousand or million Joe Whomevers, they did, and they were able to use that information fairly effectively. I think it's arguably easier to get a decent amount of information on a lot of random people which is actionable as opposed to a lot of information on one person that is actionable, regardless of their relative wealth and power.

Jeff Bezos actually, recently, makes a good case for this. If you had, for example, a compromising picture on Joe Whomever, it could be useful, used correctly. Jeff Bezos on the other hand, can likely go toe to toe with you.

This doesn't discount your argument, but I think we do have something to fear with the complete loss of privacy we now have from both domestic and foreign powers.

Note: I'm not interested in having a discussion here about Comey, collusion or any of that, just noting that Joe Whomever does matter, in aggregate.


> in some respect I have the ability to change my own countries policy, I can vote people out of office and email my senators (who are supposed to have my well being in mind when making laws), however I have no control whatsoever over a foreign governments decision making and they probably dont care about my well being.

But, again, it doesn't matter that they don't care about your well-being and you can't influence them, because they can't influence you either. Between you and them there is a great space.

(The capacity of your government to harm you) minus (your ability to influence your government not to harm you) is much greater than (the capacity of the Saudi government to harm you) minus (your ability to influence the Saudi government not to harm you). The last three quantities are all small.


1) A government collects and stores all location data about the citizens of another country. 2) Citizen of another country attains a powerful position in business, politics, etc. 3) Use data from years ago to extort, blackmail, influence, etc.

The internet and smartphones have been around for long enough for this to be a reality for today's leaders.

Adversarial foreign governments could choose to exercise surveillance and storage power over citizens of another country. That's one of many reasons why access to location data should be locked up tightly.

The analogy with Achilles doesn't hold up because it is possible to act at a distance in today's connected world.


Blackmail over what? I'm deeply curious what non-public information you think could be used to blackmail someone that wouldn't be actual evidence of wrongdoing which due to the nature of the position would in fact be public interest?


Some examples off the top of my head:

- Going to a gay bar

- Going to an STD clinic

- Going to a therapist’s office (mental health unfortunately has stigma attached to it)

- Going to a legal cannabis store (I’m Canadian)

- Going in a date with someone who, years later, does something terrible

These are all completely innocent things that someone may still want to keep to themselves, and which could be used to put together a negative campaign against someone in the public eye.


Affairs? Sexual orientation?


>1) A government collects and stores all location data about the citizens of another country. 2) Citizen of another country attains a powerful position in business, politics, etc. 3) Use data from years ago to extort, blackmail, influence, etc.

So if you're Jeff Bezos, you might have a problem. For the rest of us who aren't Jeff Bezos, it isn't a problem. Tell me why I should care about security threats to the richest person in the world? There's far more pressing things to worry about than protecting the ultra-rich.


You don't have to be Jeff Bezos. What if you're an SRE at a company with access to sensitive data (pretty much any internet company)?

Imagine if a significant part of the leadership class of a society is under this sort of a threat. It can turn into a systemic issue.


Your analogy to Achilles and the Trojan war is a bit silly. The whole premise of that war was that the Trojans went to Greece and abducted an important citizen.


That's not a great way to state the premise of the war. "The Trojans" had no intention to do anything. Paris went to Sparta, but not Phthia, and committed a crime there. How did the Trojans feel about that?

> the son of Atreus strode among the throng, looking everywhere for Alexander, and no man, neither of the Trojans nor of the allies, could find him. If they had seen him they were in no mind to hide him, for they all of them hated him as they did death itself.

Achilles is totally correct that, as far as he's concerned, Troy hasn't aggrieved him in any way, and would have a hard time doing it if it wanted to.


On your opinion, Jeff Bezos and his security consultant Gavin de Becker would significantly differ.

Just because a country is apparently remote, does not mean that they have no agency here, and vice versa.

Globalization extends far beyond mere transnational corporations & supply chains. Even when there is not reason for specific revenge as in Saudi & Trump vs Bezos, govt/corporate espionage has a very broad array of useful targets, going well beyond military contractors & subcontractors.

With a casual attitude like that, it'll be far too late by the time you realize that it has gone too far.


I'm more worried about stalkers, psychotic exes or angry twitter mobs being able to buy this data.


This is a good point. The parents of Children killed at Sandy Hook have been persistently harassed online by Alex Jones listeners including death threats and doxing. Imagine how much worse it would be if they could just publish their exact GPS coordinates.


What's stopping them? You can buy this information right now.


Fortunately for our collective sanity InfoWars listeners ~arent famously bright people.~ havent yet learned of this harassment technique.


I will refrain from commenting on the particulars as they relate to this InfoWars of which you speak, but in general it is one of the facts upon which our society's relative safety rests, that those who wish to do harm, to deceive and to pursue malice are frequently not those amongst us most blessed with the gifts of intellect.


Or perhaps the smart ones that wish to do harm don't intend to do it on such a small scale as publishing the location data of a couple of individuals who are of relatively little consequence. It's a dangerous idea to assume that all those who are malicious are not intelligent.


> It's a dangerous idea to assume that all those who are malicious are not intelligent.

I agree on this point - there is an important distinction here between "frequently" and "always". We should be vigilant indeed and seek to uncover the true purpose of those who are malicious and deceitful. The previous remark should perhaps be taken more as a statement of relief, that fortunately there is often an inverse relation between maliciousness and intelligence.


I'm new here. Doesn't this sort of comment violate the guidelines?


Not if it is intended purely as a question. It is true that the phrase "what's stopping them?" could be interpreted as an incitement, but this is Hacker News not one of the grubbier corners of the internet, and the first interpretation is surely the correct one.


Yes, it does.


And yet, that comment is upvoted and your comment is downvoted.

Maybe I don't want to become a part of this community after all.

edit: then again, every single comment of yours appears to be dead?

edit2: what's with the lack of transparency?


>would you also be OK with the Saudies or the Russian FSB knowing this

I think almost everyone has more to fear from someone they know (who is out to get them) than foreign governments. There's not a lot of Edward Snowdens in the general public.


There are a whole lot of US government employees with access to sensitive information who dont want their real time location available to a hostile foreign intelligence agency. I was lucky enough to start my current job about two months after the entire database of cleared employee personal information (name, DOB, SSN, home address, background check investigation report) was stolen by the Chinese, so this kind of thing is near and dear to my heart.

Additionally the FSB could very well use this data in their persistent campaign of psychological warfare against the entire country. They're smart people, and if they're not using this resource already they probably will by the time the 2020 election heats up.


"their persistent campaign of psychological warfare against the entire country"

Lol

The Russians are coming!


Nobody is expecting the Russians to invade. I think the concern is that they could easily cause widespread unrest here by pitting special interest groups against each other.


See the recent Worldwide Threat Assessment Report [0] page 7, titled "ONLINE INFLUENCE OPERATIONS AND ELECTION INTERFERENCE."

  Our adversaries and strategic competitors probably already
  are looking to the 2020 US elections as an opportunity to 
  advance their interests. More broadly, US adversaries and 
  strategic competitors almost certainly will use online 
  influence operations to try to weaken democratic 
  institutions, undermine US alliances and partnerships, and 
  shape policy outcomes in the United States and elsewhere.
[0] https://www.dni.gov/files/ODNI/documents/2019-ATA-SFR---SSCI...


And then they can "save" Alaska.


And California!


They have already done it. Just look at the cable news coverage for the past two years. Non-stop Trump is a traitor news.


Whatever trump is, he is not a physical military invasion force from Russia.


  Even if you're OK with your own government having access to your current location at all times
I'd say most Americans have voluntarily installed multiple apps on their devices that leak location far and wide.


There is a really interesting podcast about this subject. It's called the Privacy and Security Podcast. They talk about how you can get actual privacy in the modern world. Hint, it's a PITA and is really not worth it for most people.

https://inteltechniques.com/podcast.html


Thanks for the suggestion, I'm interested in checking it out!

For anyone else searching for it in your podcast app, it's actually called "The Privacy, Security, & OSINT Show".


Not that I condone the wireless companies selling this kind of data, but if you're in a situation where a bounty hunter is after you, step one is don't carry a mobile phone.


Replace "bounty hunter" with "random jerk who is aware of these channels and how to use them," as the person who's after you. That group is small, but non-zero.

The issue is that these tools 1- exist 2- aren't kept under the tightest lock and key possible. Because any schmuck can get access to them for the right price, nobody should have a cell phone if we put the onus on the victims.


> Replace "bounty hunter" with "random jerk who is aware of these channels and how to use them," as the person who's after you. That group is small, but non-zero.

Or an abusive partner..


That is terrifying


Step 2 is to never sign up for utilities under your real name or fill in product registration cards.


Most important step, don’t put yourself in a situation, where a bounty hunter is after you to begin with.


You can do nothing wrong and still end up in this situation.

For example, get involved in a messy divorce, get out-lawyered, end up on the hook for astronomical amounts of retroactive child support. If you're not careful you might be dealing with a lot more than just the repo man.

Plus the way the legal system is in the US, a single unpaid parking ticket could spiral completely out of control into tens of thousands in late payment fees, fines, and jail time.


If you think privacy is unimportant for you because you have nothing to hide, you might as well say free speech is unimportant for you because you have nothing useful to say.


Law enforcement depends on the fact that no individual can reliably evade the power of the state for very long.

The existence of bounty hunters is in some ways just a bizzare commercialisation of what should be a government function.


step one is don't carry a mobile phone

You can carry one if you don't use it to contact people you know. But of course you will, ignoring the advice from the tough guy that's trying to save you, according to every movie ever touching the subject.

More sophisticated attacks would identify your usage pattern, the date you bought the new phone, the train that sounds in the background or even the fact that you log in in your favourite cat videos site.


Or at least keep it in a Faraday pouch/bag.


Doesn't a Faraday cage need to be grounded therefore limiting your movements?


Couldn't you carry one as long as it was a burner you bought with cash? Is that still possible?


Article is quite US-centric (not a criticism, it is after all the NY Times) - can anyone comment on similarities or not around the world?


Speaking for India, this kind of data is even more easily available. The general concept of privacy is nonexistent. You can get massive amounts of data for nothing at all and just some targeted Google searches. For example, searching "PAN card filetype:xlsx" will get you files from financial companies having addresses, taxpayer ID, phone numbers and more.


I highly doubt anything similar is happening in Europe, since GDPR requires freely given consent, and is rather specific about what does and does not count as freely given. (Remember this the next time you find those GDPR popups obnoxious.)

In Germany specifically, it's likely that operating such a database wouldn't just involve fines for the company, but also criminal penalties for the people involved. Especially if they continued after the data protection authorities became aware of this and told them to stop.


Is there a source? Where can I pay a few hundred dollars to get someones exactly location?


You have to sign up for one of the several data subscription services that provide this. There are special ones for private investigators or bounty hunters which have contracts with the telco companies. Once you subscribe to the service its a fee per lookup, but getting the subscription is somewhat involved.


I guess you could probably sign up online somewhere. Any idea where that is?


Would a person have any legal standing to sue their cell phone company for violating their right to privacy, assuming that the Bill of Rights could trump whatever license agreement we all agree to without reading?


It feels like that'd really boil down to whether identifying a fugitive's location based on signal from the location-broadcaster they're carrying voluntarily on their person, connected to a distributed service network shared by customers of a private company, could be considered "unreasonable search and seizure."

To a first approximation, my guess would be "probably not." No more so than, say, a train station dropping a dime on you if you try and buy a ticket on a train and your name comes up as wanted.


The Bill of Rights applies only to the government (and its agents), not to all private entities. It (particularly the 4th amendment) doesn't generally allow you to sue people, but to have illegally obtained evidence excluded.


In the case of a bounty hunter, they are typically pursuing bail jumpers who have signed away such rights to the bail bondholder.


Does anyone know how to actually get this data yourself? Where do you buy it?

asking for a friend :-)


This guy works for the FCC. Seems like he's risking his career by writing this.


He's an FCC Commissioner, whose term lasts until June 30th, 2022, and can only be removed before then via impeachment, and making public statements on policy matters is perfectly normal for FCC Commissioner, even if those statements disagree with the policy positions of whatever party controls the FCC.

Indeed, the structure of the Commission is designed for that. Although Commissioners are appointed by the President and approved by the Senate, by law no more than 3 of the 5 can be from the same party. Traditionally for the two Commissioners not of his party the President nominates whoever the Senate leader of the other party recommends, and traditionally if that party is the minority party in the Senate the senators from the majority party pretty much rubber stamp it, so in practice the party that controls the White House gets a pretty free choice for three of the seats, and the other party gets a pretty free choice for the other two seats.


Thank you for the edification!


> The FCC is directed by five commissioners appointed by the President of the United States and confirmed by the United States Senate for five-year terms, except when filling an unexpired term. The U.S. President designates one of the commissioners to serve as chairman. Only three commissioners may be members of the same political party. None of them may have a financial interest in any FCC-related business.

He doesn't "work for" the FCC, he's a commissioner [1], which is a political position for which he was nominated. The role is inherently political and he's there to provide leadership. He's a Democrat, if anything this means he's more likely to find a higher role in the future.

1. https://www.fcc.gov/about/leadership/geoffrey-starks#bio


Thanks you for the edification!


wow, bold move on his part.


May be off topic, but is this the reason why BoFA does not need us to issue a travel advisory? Because they are getting our location data and can flag fraud?


Surely the first thing you do while trying to hide is ditch the GPS enable microphone and camera you carry everywhere?


That does seem to rather miss the point.

What if you substitute "bounty hunter" for "the private investigator your ex-wife hired". "The stalker who's willing to put a couple of hundred dollars into an internet grudge", etc. At some point you have to realistic that perfectly innocent people can care about their privacy too.


Correct. Though if that's the point one is trying to make, one should probably make it via stories of those scenarios and not "This technology makes it easier for the justice system to find people trying to dodge the justice system."


And those are still the harmless examples. Look at it from the female perspective: Got a violent ex-husband? A stalker? Are you a teenager who’s walking home alone after school? You have done nothing wrong, but you have a lot to hide.


Sex/gender doesn't really come into it.

A male with a violent ex wife should be just as afraid.

Or indeed anyone of any gender with a violent ex of any gender.


As others have stated, ANYONE can get this data with the money.

I used to work for a company in the mobile phone space, we had access to triangulation APIs and my ex-boss, often requested we track people who owed him money, just because we could.


The set of people who consistently make good life decisions rarely intersect with the set of people who are wanted by bounty hunters. (The vast majority of "bounty hunters" are bail bondsmen, or agents of bail bondsmen, trying to recapture someone who skipped bail. Skipping bail is rarely a good life decision, nor are the set of decisions that typically lead one to get arrested in the first place.)


The intersection of people who are familiar with maintaining operational security, have sufficient cash on hand to go on the lam for an extended period of time with some fake ID, etc. with those that Dog the Bounty Hunter is looking for is likely pretty small.


This assumes criminals are thinking their actions through.

Most probably haven't, yet we treat them as though they have when we apply a punishment..


Are you saying that punishments should be lighter because some criminals don't think things through?

In some cases they already are, e.g., killing someone by accident or in a fit of passion vs a premeditated murder are usually charged differently.

Beyond that, it seems not unreasonable to apply the maxim that "maybe you should stay in jail here as if you'd thought it through, so you might actually think it through next time...".


Maybe the entire concept of punishment is a mistake?

I don't have a solution or a better alternative, just saying that punishment only really makes sense if agents in the system are rational.


Well, that's a whole different discussion.

Assume that the criminals are 100% irrational, random, and not influenced by external inputs; even then, inprisonment has a value to society of containing the possibility of bad actions by those bad actors during the prison term.

The fact that the recidivism rate is far less than 100% also tells us that criminals are not 100% random, irrational, and unresponsive to external inputs. A significant number do actually rehabilitate, whether by taking advantage of counseling, rethinking their choices, or simple fear of re-inprisonment.

So yes, it seems that until we come up with something better, making the system more accurate is the way to go.


You didn't have to read TFA very far at all to see it's not about GPS.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: