This article is part of EFF’s investigation of location data brokers and Fog Data Science. Be sure to check out our issue page on Location Data Brokers.

In Chino, CA, police used Fog Data Science’s geolocation service to do massive sweeps revealing who was near minor theft and burglary scenes. In a rural Missouri murder investigation, Fog’s service was used to track a babysitter who was never a suspect. In Greensboro, NC, a crime analysis supervisor raised red flags about its constitutionality and later quit after his warnings were ignored. And in all these places and many more, police never seemed to set any rules for when and how this massive digital dragnet should or shouldn’t be used.

EFF filed over 100 public records requests to law enforcement agencies across the country. We discovered that at least 18 agencies have past or ongoing contractual relationships with Fog. Other agencies received trials of Fog’s service free of charge. Our investigation has been extensive, but not exhaustive; it’s possible that many more agencies are currently using Fog’s services.

In our first post about Fog Data Science, we described how Fog’s Reveal service works, where its data comes from, and why it is so dangerous. In this post, we will examine the records received by EFF to better understand how Fog Data Science’s service is actually used. We will also dive deeper into the legal issues at stake and discuss how lawmakers and platform developers can shut down Fog’s business model once and for all.

Which agencies use Fog?

Records obtained by EFF indicate past or ongoing contractual relationships with at least 18 local, state, and federal law enforcement clients, and several other agencies have accepted free trials of Fog’s service. Notes from one agency’s meeting with Fog state that the company works with “50-60” agencies nationwide.

A map of some agencies that have paid for access to Fog’s software, according to purchase orders and other records received by EFF. Green are state-level agencies, yellow are local, and purple are fusion centers.

State-level law enforcement is a major contingent of Fog’s customer base. State police in Maryland, Indiana, and New Jersey, the highway patrols in California and Missouri, and the Tennessee Bureau of Investigation have all had contracts with Fog lasting at least one year.

Some of the largest local agencies in the country have also worked with Fog, including NYPD, the Houston Police Department, and the Broward County Sheriff’s Office. But Fog has also sold its service to much smaller agencies, like the police in Lawrence, Kansas (population 97,000) and the sheriff of Washington County, OH (population 60,000).



License start

License end (est.)

California Highway Patrol




Chino Police Department




El Dorado County District Attorney 




Fremont Police Department




Orange County Information and Analysis Center (OCIAC)




Delaware Information and Analysis Center (DIAC)




Broward County Sheriff’s Office 




Iowa Division of Intelligence and Fusion Center 




Indiana State Police




Lawrence Police Department 




Maryland State Police




Missouri State Highway Patrol 




Greensboro Police Department 




Rockingham County Sheriff 




New Jersey State Police




New York Police Department 




Washington County Sheriff 




Tennessee Bureau of Investigation 




Houston Police Department 




U.S. Marshals




This table summarizes the law enforcement licenses to Fog that EFF was able to verify

Fog officials told law enforcement agencies that its first client was the Delaware Department of Public Safety’s Information and Analysis Center (DIAC). The DIAC is a fusion center, an entity designated by the U.S. Department of Homeland Security (DHS) to serve as an information gathering and sharing hub for local, state, tribal, and federal law enforcement. Fusion centers in Iowa and southern California also worked with Fog.

Fusion centers are a local arm of the so-called intelligence community. Much of their stated purpose involves breaking down barriers between the various government agencies that collect and maintain criminal intelligence information, including facilitating data sharing between local law enforcement and federal intelligence agencies. Fusion centers are staffed by local police, sheriff’s deputies, and other local government employees, as well as DHS personnel; however, fusion centers are not federal entities. Fusion centers also serve as hubs for processing “suspicious activity reports,” or SARs, which can subject people to law enforcement investigation on the basis of evidence that does not necessarily rise to the level of probable cause or reasonable suspicion.

Fog has also worked with federal law enforcement. In 2018 Fog signed a 2-year, $120,000 contract with the U.S. Marshals, a division of the Department of Justice. In addition, an official with Homeland Security Investigations presented “Strategies on Human Trafficking Investigations” to local law enforcement including multiple slides which mentioned Fog.

Fog’s marketing pitch

At the end of March 2020, Mark Massop was trying to close a deal to sell Fog Reveal to the Orange County Intelligence Assessment Center (OCIAC), a fusion center directed by staff from the Orange County Sheriff’s Department. As COVID-19 swept through the country, Fog saw an opportunity. New York City experienced high infection rates during the first few weeks of the pandemic, and it made leaders of nearby states nervous about NYC residents traveling and spreading the virus. The governor of Rhode Island had recently proposed banning all travelers from New York. Fog put together a demo for Orange County illustrating how its data could be used to help enforce such a ban.

Fog ran a dragnet query on its dataset, looking for anyone who had traveled between Port Chester, NY and Newport, RI between March 5 and March 22. It found 52 devices. Fog then narrowed in on one of those devices and ran a “pattern of life” analysis on it, querying for every GPS ping associated with that device for the previous 90 days. It found over 24,000 pings—more than 266 per day—locating the device across Rhode Island, Massachusetts, New York, and Connecticut. It showed how the device had taken multiple trips across New England, stopping in the New York metropolitan area and near Rochester at different times. And it revealed the device owner’s likely home, near Providence, and several of their common destinations nearby. 

The results of that one query were likely more than enough to identify the device owner, or at the very least their home address. The person identified by that information had not previously been under any suspicion. No subpoenas or warrants had been issued by law enforcement asking for their data. They were not even suspected of breaking any laws, since the Rhode Island travel ban was still hypothetical. But with a few keystrokes, a Fog employee was able to access an exhaustively detailed account of their life over the past several weeks.

This penetrating foray into a stranger’s private life was performed on a whim, apparently for the purpose of showing Fog’s capabilities to a potential law enforcement customer. The showcase demonstrated how, for a small fee, this Web-based panopticon could be available to anyone at the Orange County Sheriff’s Department and its fusion center affiliate.

This was not the only time the team at Fog used its data to track people for the sake of a demonstration. In a presentation shared with Chino, CA — a city of about 90,000 in San Bernardino County — Fog described and investigated a “sample case” in detail. The case involved the murder of a family of four in upstate New York. It does not appear that Fog was involved with the actual investigation; rather, Fog analysts used their data to simulate an investigation based on details of the case that were public. 

First, Fog used an “area search” to identify all devices present near the crime scene during a 15-hour window. This identified three distinct devices. Next, the analyst performed a “device search” on each one for the previous 90 days, revealing the daily habits of the device owners. One device owner was determined to be a neighbor, and another was deemed likely to be a victim. The third device was spotted several thousand times, allowing the analyst to identify a likely residence (elsewhere in the city) and several recent out-of-state travel destinations. Its owner was identified in the sales pitch as a possible suspect or witness. The analysis halted there, and the presenter suggested next steps for the hypothetical investigation.

In these demonstrations, Fog tracked real people using its access to trillions of private data points in order to show potential customers what their service could do. While these examples were cherry-picked by Fog to portray itself to law enforcement in the best possible light, they also accurately demonstrate its chilling privacy implications.

Theory vs. Practice

EFF sent records requests to state and local agencies asking for all emails and attachments mentioning Fog Data Science, and all records sent to or from Fog employees. Most states allow police to redact records concerning ongoing investigations, so we do not have a comprehensive account of how Fog Reveal has been used. However, the records do describe several instances in which Fog’s product was used to investigate real people.

A few trends emerge. First, Fog and its sales agent Mark Massop often act as direct partners on active criminal investigations. Several times, law enforcement agencies shared privileged details about an ongoing investigation with Fog and Massop then ran queries about locations or devices of interest and told officers what he found.

Second, Fog would help agencies translate between advertising IDs pulled from mobile phones and Fog’s proprietary device IDs (sometimes referred to as its “FOG ID” or “VID”). To explain why this is significant, it’s worth expanding on how Fog’s data is structured. 

Fog claims that Reveal associates location data with “hashed, anonymized” device IDs which are based on advertising IDs. In other words, the device IDs returned by Fog Reveal are not the same as the advertising IDs for those devices. Fog has used this disconnect between the VIDs in its customer-facing system and the ad IDs on our phones as evidence that its data contains “no PII” (personally identifiable information). But records from Iowa and elsewhere show that Fog was happy to translate between ad IDs and VIDs upon request. This is important because mobile ad IDs are extremely easy to link to real identities. The ease with which Fog translated their proprietary IDs into advertising IDs undermines Fog’s claim that it does not sell personally-identifiable information.

Third, Fog’s service was sometimes used to investigate violent crimes and murders, but it was also deployed to investigate property crimes like petty theft and burglary of chain stores. For example, police in Chino used Fog to track the location of an individual suspected in a series of water valve thefts.

Finally, although EFF requested “guiding documents and policies” or equivalent records from every agency that we contacted, we did not receive any such documents. It’s possible that agencies withheld these training and guideline documents or simply did not search for them. But their glaring absence is troubling, as it could mean that police agencies using Fog do not have written policies for when or how to use Fog’s service, nor any kind of training program beyond the short demo sessions that Fog employees hosted. EFF’s impression based on the public records is that it seems as though state and local police across the nation were given access to a service capable of tracking the precise movements of millions of people without any guidance on what they should or should not do with it. 

Chino, CA

The Chino police department is one of several California agencies which has contracted with Fog Data Science. The department first got in touch with the company in early 2019, and it began a two-week trial of Fog Reveal that March. After the trial, the department wrote a memo describing three cases in which it used Fog’s data.

In all three cases, Chino PD used Fog’s “area search” function to sweep multiple crime scenes for common device identifiers. Two of the three cases were successes for the police, either leading to a suspect or providing supporting evidence for a suspect’s guilt. In the third case, the police identified a device at multiple locations of interest and tracked it over several days—only to realize that the device belonged to a Chino PD officer. Still, the memo recounts that incident as “an excellent example of [Fog’s] capabilities.” One case involved a violent crime, but the other two—investigations into a series of backflow valve thefts and a pair of linked burglaries—were property crimes.

After the trial, Chino police were enthusiastic about acquiring a license to Fog Reveal, but they needed City Council approval for the purchase. It took more than a year before the funds were approved, and the invoice was not processed until September 2020. In the meantime, police stayed in touch with Mark Massop to report on the approval process; it also appears that they were able to use Fog’s service in the months after the trial ended and before the license was officially purchased. In one email exchange on July 21, 2020, a Chino officer emailed Massop to lament the delay in acquiring Fog’s service. “With our hands tied financially by city council until September, we would like to use it prior to the yearly purchase if you can accommodate it,” the officer wrote. “My LT is asking what we can do for the next couple of months. My LT is more than willing to throw down a credit card for the next couple of months.”

It appears that Chino did have access to Fog before it received official City approval. Later in the July 21 exchange, Massop wrote about the results he got for running an area-search query on a “whole neighborhood,” and advised the officer “I would suggest taking the fence very broad to capture all egress routes and surrounding streets… you may find a bunch of devices that don’t lead anywhere, but it never hurts.” The next day, the officer responded that he “just pulled up an entire city block for the 19th of July at 0900,” presumably using Fog’s data.

Chino eventually finalized the purchase of a one-year license to Fog Reveal, with 100 queries per month, for $7,500. The money came from asset forfeiture funds provided by the Department of Justice in exchange for Chino’s prior participation in investigations that resulted in federal forfeiture. The funds were earmarked for law enforcement use, and could only be used to “increase or supplement” the agency’s resources. 

The department chose not to renew the license in the fall of 2021, citing a lack of utility. In response to an inquiry related to EFF’s October 2021 public records request, an officer wrote that “we do not currently use the technology… I don’t know if we were ever successful in solving a case.”

Iowa’s Fusion Center

The Iowa Division of Intelligence and Fusion Center purchased its first Fog license in December 2020. In the months that followed, records show that Iowa used Fog to track individual devices in over a dozen different instances.

In one notable example, Iowa worked with an FBI official to try to track a suspect who was allegedly at the U.S. Capitol during the January 6, 2021 riot. It appears that the FBI obtained device information from Apple, and analysts tried to extract an ad ID from that data to run through Fog’s system. Iowa analysts also used Fog to see if devices present at a particular Iowa residence also had been present at the Capitol on Jan. 6. The records do not indicate whether Fog’s data was useful in that case, but they do reveal how the fusion center used its Fog license in conjunction with federal law enforcement.

Iowa also regularly used Fog Reveal to look up the location histories of devices based on their advertising ID. In at least 15 separate email threads, Iowa officers asked Fog representatives to check whether one or more ad IDs were in its system. Fog then responded with the corresponding VIDs, if available. This allowed officers to plug the VIDs into Fog Reveal and perform “device searches,” bringing up weeks or months of location history for each device. 

This way of using Fog is significant because advertising IDs are available to police in a variety of ways. First, the ad ID is stored on its device without any special security—so anyone who has access to an unlocked phone can see its ad ID. Second, police may be able to obtain ad IDs from companies who have access to that data, including Apple and Google, without a warrant. As we will discuss, subpoenas don’t require law enforcement to establish probable cause before demanding information, and are thus easier for police to serve. Finally, ad IDs can, in theory, be purchased on the open market from other data brokers, though the records EFF received did not indicate whether any agencies do this in practice.

These records show that after an agency has acquired a user’s ad ID, either by looking through their phone or by making a legal request for “metadata,” it can use Fog Reveal to learn where that person was in the weeks, months, or years prior.

Missouri State Highway Patrol

In Missouri, the State Highway Patrol (MSHP) began working with Fog by January 2018 and purchased a license to Fog Reveal that August. Emails obtained from the agency show that it used Fog in several cases over the following few years, and it commonly worked directly with Mark Massop to make queries and analyze the resulting data.

MSHP first asked Massop to help investigate the June 2017 murder of Ben Renick in New Florence, a tiny town an hour outside of St. Louis. On January 10, 2018, MSHP was already in touch with Fog, and an officer reached out to Massop with the following request:

An excerpt from an email sent by a member of the Missouri State Highway Patrol to Mark Massop of Fog Data Science asking if it would be possible to query data for a particular address within a two-day timespan

Massop requested more information, and MSHP obliged, sharing GPS coordinates and satellite photos of the crime scene. Without further prompting, Massop “was able to get some data from the location” and sent over two files: one contained signals from 3 devices which were seen around the crime scene on the day of the murder, and the other contained a pattern-of-life analysis with 30 days of data for one of the three devices. These files were CSVs (comma-separated values text files) containing a timestamp, device identifier, and latitude/longitude coordinates for each signal. The device singled out for analysis was later determined to belong to the family’s babysitter, who was not a suspect in the case.

In another case in 2020, Massop again ran queries based on information shared by MSHP and sent the agency CSV files of raw GPS coordinates for two devices. Device A was tracked from August 1, 2019 to January 10, 2020, during which its location was recorded more than 47,000 times. Device B was tracked over 18,000 times from December 25, 2019 to March 22, 2020. This staggering volume of data included an average of 263 measurements per day for each device, or nearly one every 5 minutes. The records do not indicate whether either device belonged to a suspect or whether the data was otherwise useful to the investigation.

Anaheim, CA

In June 2020, the Anaheim city council received a request to authorize the purchase of six Fog licenses on behalf of the Orange County Intelligence Assessment Center, its local DHS fusion center. Though OCIAC and the Orange County Sheriff would be using the product, they needed Anaheim to approve the funds.

The council was set to vote on the measure at a June 9, 2020 meeting. Just days earlier, George Floyd had been murdered by Minneapolis police officer Derek Chauvin, setting off massive nationwide demonstrations against police violence. Anaheim was no different. Protestors flooded the streets and hundreds submitted comments to the city to demand that it reduce police spending, which took up 42% of the city’s unrestricted general fund in 2019-2020.

When the budget authorization for Fog Data Science came up at the meeting, Councilman Jose Moreno pushed for more information. A recording of the meeting shows that Moreno expressed clear concern about the potential impact of new surveillance technology on the people of Anaheim. “I think what raises eyebrows on this is the Orange County Intelligence Analysis Center and the growing concern about surveillance on our own citizens.” Moreno asked about protocols governing the software, and about when and on whom the surveillance would be deployed.

Anaheim Police Chief Jorge Cisneros, who was at the meeting, demurred on specific questions and said that he could not “speak on behalf of OCIAC” about how the service would be used. Moreno called for a “motion to continue” that would delay the approval until an OCIAC representative was able to answer questions about the technology. “The public must be assured that this technology will not be used on citizens or residents who may not be doing anything but living their lives,” he said.

The motion to continue went up for a vote, and failed. Moments later, the council voted to approve the purchase, with six votes for and none against. Councilman Moreno did not vote. “Because you cannot assure me that these instruments will not be used in a way that will violate our civil liberties, I will abstain,” he said. As a result of the vote, the city was authorized to spend just over $40,000 on six one-year licenses for Fog Reveal, all of which would be used by law enforcement working at OCIAC. The funds came from the Department of Homeland Security’s Urban Areas Security Initiative (UASI) Grant Program, which is commonly used by California agencies to fund invasive and unnecessary new surveillance technology.

Emails EFF received from the Orange County Sheriff’s Department show that about a week after the council meeting, OCIAC director Alberto Martinez contacted Fog to schedule a demo for an “Anaheim councilman.” Fog CEO Robert Liscouski was set to lead a “conversation” with the councilman, but the meeting never materialized. According to OCIAC, the councilman “never responded” to the meeting invitation. Martinez told Fog that the demo was off, and the purchase was finalized a few days later.

Greensboro, NC

In the summer of 2019, the Greensboro, NC Police Department began a free trial of Fog Reveal. The agency purchased a basic license to the service beginning in February 2020. Davin Hall was the Crime Analysis Supervisor with the Greensboro Police when the department first started using Fog. Hall left the department at the end of 2020. He spoke with EFF about his experience related to the software.

Shortly after the department began working with Fog, Hall says an analyst gave a presentation demonstrating Fog’s capabilities. According to emails obtained by EFF, a crime analyst shared two powerpoints about mobile ad ID (MAID) tracking with the department in July 2019. One presentation gave “an overview of MAIDs and an example case of their use for LE investigations,” and the other covered “the operational security concern surrounding MAIDs.”

Hall said that as part of the demonstration, the analyst used Fog’s data to track a device that was seen in the area of a “government building” in Greensboro. According to Hall, the presenter tracked the device back to a likely residence, at which point some people in the room recognized that it belonged to a “fairly high-ranking federal employee.” 

Hall wasn’t at the presentation, but he said that word about what Fog could do made its way around the agency. Attendees were instructed to disable the ad ID on their own devices to avoid being tracked via services like Fog’s and to tell their friends to do the same. It was also made clear that Fog Reveal should be kept secret from the public.

“I got the impression that they were very concerned about the public hearing about it and then turning off the Ad ID numbers on their phones,” Hall said.“The more people who turn those off, the less valuable that software becomes.”

According to Hall, there was no indication that Greensboro PD put any policies or procedures in place to govern its use of Fog Reveal. He said that the use of new technologies is usually covered by department “standard operating procedures,” or SOPs. But he was not aware of anything in the SOPs that might create oversight or accountability for the use of Fog Reveal. “To the best of my knowledge, none exists.”

Hall repeatedly expressed his concerns about Fog Reveal to superiors in the department and in city government. In an email dated September 3, 2020, he wrote that he was “concerned” about the department’s use of Fog Reveal in the context of recent court cases on geofence warrants. “If we’re conducting warrantless searches of data that we would otherwise not be able to obtain a warrant for, I would definitely be worried about that.” He expressed similar concerns about Fog’s legality during his exit interview with the department, and followed up again weeks after he left the police. Finally, he sent an email to the city council and the mayor that was more blunt: “Please stop the use of this software.” Each time, city officials assured him that the department’s use of Fog without obtaining warrants was legal.

When EFF asked about the issues with technology like Fog, Hall said it’s part of a pattern of police incursion on our rights. He also worried that Fog could be used to target people who already face disproportionate police surveillance and violence. “The police don't have a great track record of policing equitably,” he told EFF. He singled out Fog’s ability to perform geofence searches — “area searches,” in its lingo — as especially capable of undermining civil liberties. In a time when people around the country are organizing in the streets, Fog could make it easy for police to surveil protesters en masse. “It can be used to negatively impact the people who are taking part in those protests — against police violence, for abortion rights,” he explained.

According to Hall, Greensboro’s police have a history of using data from third-party vendors in similar ways. Years before, he said the department tried software from a company called Twitcident (now known as PublicSonar), which monitored Twitter and processed geotagged tweets into police intelligence. Hall says that Greensboro used Twitcident data to monitor a city music festival for “illegal activity” — as well as to keep tabs on protesters.

Hall’s concerns about Fog went unheeded. The department continued to use Fog Reveal — without obtaining warrants, according to Hall — and although he tried to raise the issue with the city council, nobody outside the department seemed to care. Hall believes that Greensboro’s use of Fog Reveal violates the Fourth Amendment. But more importantly, he doesn’t believe that the police should be trying to encroach on our civil liberties in the first place.

“I feel like public safety also involves protecting the constitutional rights that we all have, and I feel like pushing up as much as you can, going deep into this gray area, doing as much as you think you can get away with, is not public safety.

That's kind of indicative of the antagonistic relationship that the police have created with the public. That's not a system of public safety, that's something else entirely.”

That’s part of why he left the department, he says. 

“I want to work in public safety.”

What can we do?

As we wrote in our previous post, a company like Fog Data Science can only exist because of a series of failures by the companies, laws, and institutions that are supposed to serve us. But that also means that ending Fog’s invasive business model is relatively simple: several different actors have the power to shut it down.

Legislators can pass laws to prohibit law enforcement from purchasing sensitive data that police could not get themselves without a warrant or other legal process. They can also shut down the vast supply of personal data exploited by data brokers by passing strong, comprehensive privacy laws. Those laws should require specific, opt-in consent before the collection and use of any personal data; they should minimize the use and sharing of data to what we specifically ask for; they should provide for strong enforcement with a private right of action; and any federal bill should not preempt stronger state privacy protections. In addition to a general privacy law, legislators should ban the online behavioral advertising business model outright.

Mobile platforms can also shut off Fog’s data collection at its source. They can start by killing the advertising identifier, the universal key that allows data brokers to link location traces gathered from different apps to a single device. Apple took a big step towards this goal when it made the ad identifier on iOS, called “IDFA,” opt-in instead of opt-out. Before the change, many users didn’t know that IDFA existed, and the vast majority of them didn’t opt out of its tracking. On Android, the ad ID is still enabled by default, meaning most of its 2.5 billion worldwide users are still vulnerable to tracking by companies like Fog.

Finally, judges should rule that under the Fourth Amendment, police surveillance via data brokers like Fog is no different from surveillance via cellular carriers and companies like Google. If police need a warrant to access geolocation data directly from a cell phone company, they need a warrant to access similarly sensitive data from Fog or any other company that has it. The Fourth Amendment analysis shouldn’t change depending on where the data comes from: Fog’s data is just as revealing of the privacies of people’s lives as CSLI data from cell phone carriers. Any other result creates a loophole that threatens to swallow the Fourth Amendment’s protections.

Read more about Fog Data Science: 

Related Issues