
NSA Boss Asks Congress For Blanket Immunity For Companies That Help NSA Spy - bconway
https://www.techdirt.com/articles/20130617/12553023511/nsa-boss-asks-congress-legal-immunity-companies-that-help-nsa-spy-everyone.shtml
======
mullingitover
This is a brilliant end-run around the fourth amendment. Sure, the government
isn't allowed to do mass warrantless surveillance, but they can order
companies to do it illegally and then pardon them.

~~~
rayiner
It might be an end-run around the 4th amendment if the government was ordering
companies to do mass surveillance (though we can argue about whether the 4th
amendment has anything to do with _surveillance_ at all). But the government
doesn't need to do that. The companies already do all the surveillance, and
people happily hand over to those companies their data. Is it an end-run
around the 4th amendment for the government to then compel companies to
provide this data? It's not like the subpoena is a new and novel legal
instrument. Even in 1790 the government could compel companies to hand over
all the information they had about a target of investigation.

~~~
frostmatthew
It doesn't matter if people are happily "handing over their data" \- the
government still needs a warrant to request the information. In United States
v. Warshak it was ruled that a person has a reasonable expectation of privacy
in his/her emails and that the government violated Warshak's Fourth Amendment
rights by compelling his internet service provider to turn over his emails
without first obtaining a warrant.

~~~
rayiner
Warshak is only binding law in the Sixth Circuit, and I don't think it's good
law in the face of the third party doctrine.

------
malandrew
I'm honestly shocked that many of these companies aren't being sued in
European courts. There is more than enough evidence now to support this. Hit
every company on their bottom line. Europeans need to present the following
dichotomous choice to every American tech company:

(1) Operate in Europe and make money here, but no spying on any EU citizen.

(2) Continue spying, but don't operate in Europe.

Alternatively, eliminate the tax evasion benefits of routing everything
through Ireland. The tax hit of forcing many US companies to pay the full
amount of US corporate taxes should be more than enough to change their tune.

~~~
criley2
If the NSA is tapping fiber at providers, a la Room 641A, then the companies
behavior is completely irrelevant to the spying, and the NSA watches all
traffic in and out of their networks anyway.

So your choice, as a European, seems to be utilize networks that don't pass
through America at all, or have the NSA spy on you. I apologize for the
inconvenience.

~~~
jtome
Wrong, if they are tapping at the wires they only see that your using gmail,
not the content of your email or who you are speaking to (Unless you turn off
ssl for some strange reason).

~~~
pvnick
How likely is it that these companies can be compelled to turn over their SSL
private keys via FISA court?

~~~
sitkack
Very likely. Even if it was for a specific case.

------
namank
The implications are more serious than immunity for NSA actions.

This law could circumvent the breaking of ALL and ANY laws by these companies.
After such a law is passed, companies may not have to be accountable to
anyone. When questioned, they can lie about it and say the NSA said so.

They don't need to release transparency reports cuz the NSA said so. Any tech
company can lie to the Privacy Commissioner cuz the NSA said so. They can do
anything cuz the NSA said so.

This is the mother of all loopholes. Good luck, world­.

~~~
anigbrowl
Except that they'd have to do so in court, and the NSA would have the option
of filing an _amicus curiae_ brief saying 'oh no we didn't.'

~~~
namank
Except that companies would want to negotiate, lets say, a contract to include
a gray area clause that serves as an incentive for the companies to keep doing
this.

Once this thing becomes legal, companies have grounds to organize this as a
trade with the NSA. The funny (maybe scary is the right word?) part is that
they can legally lie about this because it's with the NSA.

~~~
anigbrowl
Wildly implausible.

~~~
namank
I find it to be the direct consequence of institutionalization.

~~~
anigbrowl
We will continue to differ about this. I consider public institutions to be
more responsive than you do, so I suppose we are looking at it from quite
different perspectives.

~~~
namank
It's not about responsiveness as much as it is about self-interest and
bureaucratic thinking that is inherent in all institutions.

~~~
anigbrowl
That neither contradicts my point nor validates your earlier assertion. This
conversation isn't going anywhere so I'm abandoning it now.

~~~
namank
It's not about validating an assertion as much as it is about exploring the
truth.

------
pvnick
CISPA anyone? Now we know why that law was pushed so hard, and we now have
another strong reason to oppose this tactic.

But Keith usually gets what Keith wants, so I'd bet money on it passing this
time around.

~~~
jdp23
Yeah, I was talking with some other activists about applying lessons from the
SOPA/CISPA victory to the Patriot Act/FISA, and three people at the same time
three time "it's all part of the same fight ..."

------
Yaa101
As if that will help public perception of these companies, I think after these
outings of the companies in question, nothing stays the same, ever.

I personally will never ever trust any company with putting stuff into their
systems.

For me the cloud as offered by them is dead and buried forever, even though I
know that the NSA can capture anything with their split network rooms, the
companies just lost my trust by lying as first.

It would have been less worse if they said that they were forced, but no, the
arrogant adolescent nerd boys management thought it was ok to lie.

~~~
zhemao
First of all, we don't know whether they were lying. Second of all, if they
were, they may have been forced by the government to lie. The FISA requests
they were getting also came with gag orders.

~~~
emiliobumachar
I have not read the law, but I think a gag order can't force you to lie. Lie
to a directly asked question, gray area; issue a lying press release or blog
post, not mandatory.

I am not a lawyer.

------
jasonwatkinspdx
I'm disgusted to see our government still continues to operate however it
wishes, confident that if they get caught breaking the law, the law can be
promptly and retroactively nullified.

------
jholman
Argh. Important subject material, crappy article, lots of confusion, argh argh
argh.

TL;DR: everything about the WAY this story was reported is an obvious
deception.

First, methodology. This is blogspam that adds nothing to the original article
at
[http://dyn.politico.com/printstory.cfm?uuid=EF9BC1BF-34EB-41...](http://dyn.politico.com/printstory.cfm?uuid=EF9BC1BF-34EB-4168-8735-A95FE2F48D05)
(at least they link it). That article, in turn, cites no sources. So I'm
basing the following only on those articles.

Also, let me be clear that I'm anti-immunity in general, and I think that the
UsGov behaviour in Hepting vs AT&T is reprehensible, and no one should ever
vote for any lawmaker who voted in favour of FISA, for that reason alone.

Okay, let's take it apart.

If you read TOA, it _specifically_ says Alexander _specifically_ claims he's
not asking for blanket immunity. So the title is linkbait. Fuck you techdirt,
for sabotaging the cause of freedom; now if/when Alexander/NSA replies to this
article, he can avoid the issue by denying your false allegation. Don't muddy
the waters.

Next, the context is not explicitly about spying at all. Not at all. Zero
mention of spying. Oh look, the headilne is linkbait twice over. Fuck you
twice over, techdirt. I can only conclude that Mike Masnick is either
illiterate, or a liar.

ALSO, while Alexander is the head of the NSA, and while the NSA and the
USCYBERCOM are deeply in bed, they is still some distinction, and this really
sounds more like a USCYBERCOM thing than an NSA thing.

Next, listen, the only legitimate reason for cops to exist is to protect the
populace. And if there's ONE thing that I trust Alexander about, it's the fact
that at least _some_ people want to fuck with US companies and US
infrastructure (he's probably lying about the scale, and basically everything
else). If SinoGov, or crazy terrorists, or AnonSecOfTheWeek, or whatever,
attack US Companies, and private enterprise can't cope, it's reasonable for
USGov to fight on behalf of Americans and American companies, and that might
include giving them advice on cybersecurity, and that might involve giving
them the equivalent of virus definitions, and saying "block all traffic that
matches this signature and you'll be in better shape". This is legit. This is
a strong argument. He goes on to say that if companies obey the NSA and turn
out to harm someone with it, they should be immune. Okay, this part I disagree
with. But seriously, of all the horrible asshole claims the NSA has made
lately, this one is about as reasonable as it gets.

That said, I'd argue against such immunity. If the companies act in good faith
with due diligence, what do they have to lose? And if they don't do due
diligence, fuck them... what kind of moron trusts the fucking NSA?

As for counter-hacking, sooner or later the law is going to have to address
it. And it's going to be difficult. And they should fucking get started, and
proceed slowly and cautiously.

EDIT: slight touch-up on TLDR

~~~
anigbrowl
_Fuck you techdirt_

I've had that reaction so many times now that I eventually stopped clicking on
any story from there. All they ever do is pander to their readers'
preconceptions. With friends like these, we don't need enemies.

~~~
danielweber
_With friends like these, we don 't need enemies._

An online colleague once coined Japhy's Law. It says: "The facts you really
want to be true are those you should be most skeptical of." It should be
written on every blog.

------
ccarter84
I think anyone who actually cares about this stuff has two simultaneous
responses here.

1\. Do you actually care if you get it?

2\. Go f __* yourselves

------
fnordfnordfnord
I knew we'd get some action from congress over this fiasco.

------
danielsiders
Doesn't this suggest that the NSA may have broader, more illegal actions
planned for which their corporate partners want cover?

------
LoganCale
But he assured us everything was above board and legal.

~~~
rhizome
To turn a phrase, if you're operating legally you don't need immunity.

------
rcthompson
An interesting tidbit from this article is the quote of the quote of the quote
of Gen. Alexander asking for an intentionally "ill-defined" law. I've never
heard of such a strategy before. Is this a new thing, or are there documented
examples of laws that were made intentionally vague in order to give their
beneficiaries more power or latitude than anyone would rationally agree to
explicitly? Off the top of my head, Florida's "Stand Your Ground" law might
qualify.

~~~
jtome
Section 215 of the Patriot Act has a secret interpretation

~~~
rcthompson
But my question is: was it originally written with a vague wording with the
intent of later interpreting it a certain way, or was the secret
interpretation a later optimistic move given the existing wording?

------
bobwaycott
This is fucking wrong.

~~~
ihsw
What are you waiting for? Talk to your friends, talk to your co-workers, talk
to your congressional representatives.

Or are you afraid that they'll rat you out to the police for being a
'dissident?' If you are then they've already won.

~~~
antimatter
I've done exactly this and it's shocking how many people simply don't care or
don't see how wrong this is.

------
j_baker
Meh. To me this just seems like codification of what's already happening. If
there are criminal charges against an NSA contractor, what's stopping the
government from stopping it by claiming "state secrets"?

------
jroseattle
The only thing the NSA is accomplishing right now are encouraging innovations
in privacy to help people avoid detection. And, gosh, I wonder who will be the
first to seize onto that? Mmm, criminals perhaps?

~~~
mpyne
Innovations like Tor, BitCoin, PGP, and TLS?

~~~
e3pi
LPPNIOP MJDAOII CPFEGAA JOOEMEC HECPACE FALPLIC IEMLJMK BBCYNJN DFGCLGK
GDMLEKM NMLBJDD AMDNPJE KPMGMME LDHDOAA CBAOKJF OFHIALD ... BPLLPYG KNDHLNA
AFGLOIL LDIFGMO MCCCLAD ODMKNEH PMJDPJC JCAAINI JLGNBMP LEINPIP YCEHCBM
PBKFOKG EMCOPGO KBPEEAP LOOMLEK DBICPJE

plaintext: "Don't you wished everybody used Ivory(tm) soap?"

------
ellisd
A pretty clear historical prospective starts around the TIA discussion:
[http://www.npr.org/2013/06/19/192770397/the-watchers-have-
ha...](http://www.npr.org/2013/06/19/192770397/the-watchers-have-had-their-
eyes-on-us-for-years)

------
sitkack
We need (maybe not) a constitutional amendment that prevents

\- retroactive legality \- retroactive il-legality \- immunity

I don't / can't even understand how immunity can be a thing. Sounds like some
kids making up bullshit rules on the playground. To even suggest it points
directly at guilt.

------
epoxyhockey
The best thing that can come from this is that each and every company name is
published.

~~~
jtome
I don't think they will give the companies immunity by name.

~~~
jlgreco
They certainly would not, since that would add far to much administrative
overhead when they want to add new companies to the list in the future.

~~~
jtome
Right, like dropbox which was "coming soon".

------
altcognito
Again, this is nothing new, this move just extends it to more companies.

[http://www.dslreports.com/shownews/91805](http://www.dslreports.com/shownews/91805)

------
mtgx
Join the cause (protests planned for July 4th on the right):

[http://www.reddit.com/r/restorethefourth](http://www.reddit.com/r/restorethefourth)

------
scelerat
If companies are people according to the law, then wouldn't individuals be
afforded the same protection, in some sort of legal reciprocity juju?

------
bumbledraven
Why is everyone so angry at the companies for complying with these _government
orders_ instead of being angry at _the government that 's ordering them to do
these illegal things_?

~~~
skygazer
Because 1) we want as many barriers to tyranny as possible. We should not be
relying upon government self-restraint. And 2) "I was only following orders"
is not a defense against wrong doing.

------
ChrisAntaki
When are we sending this guy to jail?

~~~
krapp
Really? Probably never.

~~~
ChrisAntaki
Really. We need to send him to jail, otherwise he'll keep breaking the law.

Edit: While he's in jail, maybe he could pick up a copy of the Constitution.
:)

~~~
krapp
Let's wait until any of this has been definitively, objectively declared
illegal first.

[edit] His Wikipedia page says he's expected to retire next year. I have a
sneaking suspicion nothing touches him and he's left alone to ride off into
the sunset.

[edit edit] Actually... lying to the House is kind of illegal isn't it....

~~~
wavefunction
Under oath with penalty of perjury, it is.

