Note that this alludes to the latest technique being used to erode privacy: the idea that "metadata" is somehow distinct and less deserving of protection than [other stuff]. The implication is "metadata" (like phone logs) is not really "data", which is absurd and dangerous.
Without going anywhere near how "absurd" or "dangerous" treating phone traffic metadata differently than the phone traffic itself may or may not be, it's certainly not new. In the US, at least, who you called, when, and for how long is subject to much less legal safeguard than the content of the conversation had, and has been for a very long time.
Of all the things to take from this article, to my mind, that's not the first.
This is far from a new thing. In 1979 the Supreme Court decided (Smith v. Maryland) that pen registers and tap and trace devices did not require a warrant. The basis is that you have no expectation of privacy because a reasonable person knows that the phone company itself is privilege to details such as calling party, receiving party, time, and duration.
The 2001 PATRIOT ACT clarified the Pen Register Act, extending this privilege to internet communications.
No. Whether it's new depends on the specific meta data being captured.
Also, what is new is the scale of meta data capture and analysis capabilities enabled by current technology. It is silly to say that authorities have historically looked at postal addresses on envelopes, so that makes it also OK to sniff virtually all forms of meta data for all forms of electronic communications. You can extrapolate that point into inanity, such that virtually anything is fair game.
Here, you are literally using what was permissible with Pony Express technology to make the case that it should still be permissible (or is at least no different) in today's hyper-connected world.
But, at some point, technical capabilities render safeguards in old laws obsolete, and we must take a fresh look at long relied upon precedents. Some of those precedents are based on capabilities available at the time, long before many of those available today could even be imagined. When that happens, there is a material difference in implication and meaning.
So let me get this straight. In evaluating where the boundaries should lie, we shouldn't consider how new technologies might allow criminals to coordinate in new ways, perhaps rendering existing privacy protections obsolete, but we should consider how new technologies that allow more effective policing might render existing exceptions to the privacy protections obsolete.
Privacy advocates do not have a principled approach to the problem of how to reconcile the legitimate needs of the police with privacy rights in the context of modern communications. Their approach boils down to "do whatever makes it the hardest for the police to do their work." Which goes wholly against what the founders intended when they wrote that limitations on the power of police to search must be "reasonable."
> Privacy advocates do not have a principled approach to the problem of how to reconcile the legitimate needs of the police with privacy rights in the context of modern communications.
Yes, we do. If you're trying to get information not accessible to the public, get a warrant. If you're not prepared to defend your request to a judge, you have no business making it in the first place.
>In evaluating where the boundaries should lie, we shouldn't consider how new technologies might allow criminals to coordinate in new ways
No one said that. The converse of that is actually what you're doing, and I simply called you on it. That is, you are not accounting for new technology when you make such silly comparisons between addresses scrawled on postal mail envelopes 100+ years ago and today's sophisticated electronic communications intercept and analysis capabilities. Your argument rests on "oh, nothing new about that. Nothing to see here. Let's keep it moving."
>Privacy advocates do not have a principled approach to the problem of how to reconcile the legitimate needs of the police with privacy rights in the context of modern communications
What is this term "privacy advocate"? I don't consider myself one, because I reject it on its face. There should be no such term in this "debate", because per the Constitution, privacy should be the default. That people like you so casually bandy about the term, as if your fellow citizens are asking for something foreign or not already a guaranteed right, is testament to how far we've gone astray. If anything, we should instead call you a "privacy-destruction advocate" or perhaps "anti-Constitution". Yours is the outlying position.
In any event, there is a simple test for the balance you suggest and that is whether, in keeping up with modern communications, we are affording law enforcement with more capabilities or eroding privacy. I think it's pretty clear that especially since 9/11, that balance you reference has tipped much more heavily in law enforcement's favor. So, as much as you may sympathize with the government, they are doing just fine. The question is, where would you have them stop?
>Their approach boils down to "do whatever makes it the hardest for the police to do their work."
It's ridiculous to suggest that's the intent. That you feel the need to re-characterize our position in such a silly manner reveals your insecurity in defending your argument against the very real and significantly weightier actual arguments made by people like myself.
People say it all the time. It's the go-to retort whenever anyone brings up the fact that new technologies allow criminals to coordinate and plot in new ways. "Why do we need new laws to fight Al Qaeda?"
> That is, you are not accounting for new technology when you make such silly comparisons between addresses scrawled on postal mail envelopes 100+ years ago and today's sophisticated electronic communications intercept and analysis capabilities.
It's not a silly comparison. The internet may not have existed 100+ years ago, but people did, and the mechanics of people are remarkably stable. The underlying dynamic: certain information not falling within the scope of privacy rights because its made plainly visible, is mechanically similar whether you're talking about addresses scrolled on postal envelopes or e-mail addresses in an SMTP header.
> here should be no such term in this "debate", because per the Constitution, privacy should be the default.
The word "privacy" does not appear in the Constitution. The word "private" appears just once (in the phrase "private property"). The 4th amendment has certain guarantees that protect certain kinds of privacy,[1] but not the broad guarantee of "privacy" that you imply. Specifically, the 4th amendment protects your house and your person from unreasonable searches. It's not a blanket right of privacy that protects your communications, even in contexts where those communications are disclosed to numerous third parties.
[1] But the 4th amendment need not be interpreted in terms of a broader concept of "privacy" at all.
Perhaps you can stick to what the real people to whom you are replying here are actually saying vs. what those imaginary people are saying somewhere in the universe. That was probably the most obvious straw man I have ever seen on HN and definitely the first admission of having constructed one.
>The mechanics of peope are remarkably stable...the underlying dynamic...mechanically similar...
No. None of that. I mean those words really sound great when strung together that way, but you've just repeated yourself and it is no more true now than before. You have already acknowledged that technology has changed, but you don't want to acknowledge that so called "keeping pace" by the government can and does amount to additional privacy intrusions. You just offer up a blanket, "oh, it's all the same", as if sniffing every packet of every electronic communication would be the same as human beings reading addresses on postal envelopes. Sorry. Still silly, no matter how many action-packed adverbs you throw in.
Of course, your tutorial on how infrequently the actual word "privacy" appears in the Constitution is silly as well. Obviously, much of what the Constitution expresses in so many ways with regard to protection from the government rolls up under "privacy". That you are arguing the privacy word count is spurious. Citizens simply cannot have protection from the government or liberty itself without privacy, including the right to communicate with other private citizens without having virtually any or all such communications intercepted and analyzed by the government. How you can divorce such basic, common sense tenets from the very spirit of the Constitution is remarkable.
But, I guess when it became clear that enhanced capabilities do amount to a further intrusion on privacy, your only recourse was to redefine privacy and the Constitution itself. It is amazing watching you contort and move the goal posts, as much as it is a frank admission that your position is not tenable.
I seldom agree with the usual rayiner posts, but at least the arguments are somewhat cogent. The rayiner posts on this thread, however, make me wonder if the "regular" rayiner is on vacation and someone else is running the "privacy-destruction advocate" account.
We don't. That's just more crazy rhetoric. It's almost as if he doesn't actually have anything compelling to say and has to try to misrepresent what everyone else is saying.
It goes to show who we're talking to, and the level of discussion we can have with those who wish to control us.
The choice is starker than that. Phone "lines" are no longer tied to houses, addresses, and the identities of the people living there. It is possible to have communications devices that are pseudonymous and hard to trace to an individual, and communications payload that is completely opaque to police, and all this is cheap enough that every person could have communication that is completely opaque to inspection.
No, but all that still goes through a highly centralized infrastructure (att, google, etc). I think there should be provisions for reasonable police access to that data, with appropriate safeguards.
But that's the rub: You can buy and use a device fairly anonymously. Although systems like Thin Thread, as they are described, seem to be able to attack this kind of anonymity, and there are a variety of other attacks possible, that's not the same as a pen register or wiretap, and it takes significant resources to make it work in practice.
4G voice is just data, so that it can be end-to-end encrypted such that, as far as is known, calls can be made secure against any attack. There is no "man in the middle" with access to clear data.
So you say that should not be illegal. Good, so far. But that also means that it is out of reach of law enforcement, and can even be made safe from "rubber hose" code-breaking.
That's what I mean by a stark choice. There is no middle ground. The algorithms exist and that can't be undone. If you put your documents in a safe strong enough to keep a mafia or foreign spy agency out, you can keep anyone out.
Should that be illegal? This isn't just a hypothetical. Any businessman or government worker traveling to places that are corrupt or have repressive governments would be a fool not to guard important documents and communications this well, and the tools are readily available.
Would you expect, then, that a list of phone numbers someone called or sent text messages to would be the kind of information that are not considered private? A list of addresses to which someone sent email? A list of URLs visited or books checked out of the library?
There are certain protections that apply to libraries as public institutions. I wouldn't expect any of the others to be private. The rationale for why the postal "metadata" is not private is simple: no one can reasonably expect anything they write on the outside of an envelope and then drop in a box for potentially dozens of people to handle to be private. That same reasoning can be applied to phone numbers, text messages, e-mail addresses, and URL's. If I'm disclosing to Google what URL's I'm visiting by typing them into Chrome, I can't complain if the government can access them too.
There is this idea among hackers that you should be able to trust Google, etc, to keep information private from the government. But that's not what privacy means in the context of the 4th amendment.
The 4th amendment starts with: "The right of the people to be secure in their persons, houses, papers, and effects..."
It's clearly referring to things that are truly private: things you keep in your house or on your person, not things you voluntarily share with potentially hundreds of people at AT&T, Google, Apple, Akamai, etc.
Absurd. If I have a contractual relationship with another party to keep information shared with them private, law enforcement should not be able to force disclosure without a court order.
By your rationale, there is no warrant necessary to search the secured offices of a corporation that employs an outside cleaning staff.
Reminds me of a Cory Doctorow short story that takes place in the near future. In it, US Customs can't view your Google search history, but they can view the ads served to you as a result of your searches.
> There is this idea among hackers that you should be able to trust Google, etc, to keep information private from the government. But that's not what privacy means in the context of the 4th amendment.
Do you think it's appropriate to evaluate the meaning of "privacy" through what a 200-year-old document says? Or do you think we might need to take the Internet into account too? Does privacy have anything to do with what laws say?
Metadata can be very valuable for all sorts of operations though. Should we really reject its use out of hand? Can we not simply establish guidelines for how it must be obfuscated?
"DC-based author Tim Shorrock revealed ThinThread was sent to New Zealand for testing in 2000-2001"
This is news? It happened 12 years ago.
I would also note to whoever posts these NZHerald links, they are basically like the Fox News of New Zealand.
None of the reports have a clue what the talking about when it comes to technology subjects, and they are known for writing about complete garbage which half the time isn't true at all.
Stuff.co.nz (Fairfax Media) is a more credible news source IMO.
>Stuff.co.nz (Fairfax Media) is a more credible news source IMO.
I find just about everything published under the Fairfax banner is of pretty poor quality, not necessarily factually incorrect or even politically biased, but presented in a overly sensationalist manner and with a populist and oversimplified analysis where any is provided at all.
Both Mediaworks and TVNZ have similar problems as well.
Radio NZ seems to have more freedom to ignore certain demographics (the lowest common denominator), and IMO has better quality news and opinion than other sources.
This isn't a new problem. Lindsay Perigo quit TVNZ in the early 90s, accusing it of being 'brain dead':
"I sometimes ask myself what would life be like if I had just stayed at TVNZ, and there is no doubt that materially life would be a lot richer. But I do not regret for a second the fact that I forsook that career. I was dying within at TVNZ. The dumbing down that was going on. Plus the fact that for twenty years I had made a career of listening to other people spouting mainly nonsense. I had also become aware of what scumbags they were."
I know it was just a typo (of which you will find lots every day, some crucial to the meaning of the story) but I have saved a screen grab of a headline from a Christmas past where the Herald wrote "Elf diagnosis causing alarm" on a story about Internet self diagnosis.
It's news because we only just found out about it. If we'd known about it for the last 12 years, sure, it would be silly to report it as news. But I'm not comfortable with the implication that if something can be swept under the carpet for a couple of years, then meh, it's no longer interesting or important when it comes to light.
The Herald is in no way the "Fox News of New Zealand." It's Auckland's major newspaper. I don't find the reporting more or less dense than most other msm tech coverage frankly. I lived in NZ for 20 years, and don't remember any news sources there being quite as ridiculous as Fox.
Sure maybe 20 years ago it might of been alright, but you can tell APN is going down the drain as no one is buying newspapers anymore, hence they post utter garbage articles that gain peoples attention for 2 seconds in hope that someone will actually buy it.
A good example is a friend of mine got mentioned on a headline of sharing naked pictures of some celebrity in a Facebook group. They mentioned all the companies he worked/associated as well to make it more juicy.
The article was complete BS as it was actually someone else and the picture itself wasn't even that bad (no naked bits). He basically got sacked from all his employers since they mentioned them.
He got his lawyer to send down a takedown notice, and they removed the article off their website and had to post a following article in the paper saying that the article was a load of BS.
Thin on details, but it just sounds like traffic analysis applied to the cell network and/or Internet, which would obviously require multiple taps into the networks (for wired communication) and multiple listenting posts (for wireless communication).
Note, I'm not commenting on the legality or wisdom of this, just that the underlying analysis technique isn't anything new.
Nobody, that's not how modern governments work. They play every once on a while in the theater called "democracy" and later on they do as they, their friends and their sponsors please.
Well at least until the point some of those people you refer to decide that they want to run things another way, and muster up enough resources and support for such.
This tends to happen from time to time outside of the current constructs of the government at the time.
Unfortunately in America power is way too concentrated in current times for this to be true, it haves more military power than all other countries in the world -minus China- combined. The damage-power of the weapons that America haves now are also beyond any historical precedent.
Also, America controls all the communication channels including Internet (domain assignment is done in USA, see ICANN), there is still no direct filtering and content control but politicians are slowly pushing laws to get us there.
