

U.S. Opposes Tech Companies’ Requests to Disclose Surveillance - inselkampf
http://allthingsd.com/20131002/u-s-opposes-tech-companies-requests-to-disclose-surveillance/

======
brudgers
So this week I've been reading _Battle of Wits: The Complete Story of
Codebreaking in World War II_ by Stephen Budiansky.

The US intelligence community has a long history of going right to the
communication source and obtaining raw data from public companies. In the
1920's Herbert Yardley's "American Black Chamber" worked with Western Union
and other cable companies who turned over interesting cablegrams and
radiograms.

In 1940 [before the US entered the second world war], the military assigned Lt
Earl F. Cook to read and copy cable messages that passed through RCA's office
with the consent of RCA's president, David Sarnoff.

After the war, there was of course project Shamrock.

[http://en.wikipedia.org/wiki/Herbert_O._Yardley#The_American...](http://en.wikipedia.org/wiki/Herbert_O._Yardley#The_American_Black_Chamber)

[http://en.wikipedia.org/wiki/Project_SHAMROCK](http://en.wikipedia.org/wiki/Project_SHAMROCK)

~~~
ThomPete
So if anything. What we are seing might be an improvement of the situation
rather than a worsening. People can and do speak up and for each generation we
will move toward a more liberal approach perhaps.

~~~
dmix
There seems to be a pattern in society over the last century, towards social
liberalism/acceptance among people (sex, drugs, race etc). This of course
happens very slowly and takes decades.

The big question is how this will affect the intelligence community long-term,
who are becoming simultaneously more important, and simultaneously more
threatened by technology and the openness of the internet.

Will they be forced to become more transparent or succeed in their fight to
keep growing in power/secrecy?

Having an extremely large and powerful government, now even more obsessed with
aggressive enforcement of law, is almost always going to be continually at
odds with the peoples trends towards social liberalism.

The internet seems to have accelerated liberalization and terrorism seems to
have accelerated state totalitarianism. So it seem's we're witnessing an
acceleration in the battle between the two (especially if you live in the HN
bubble).

The counter argument of course could be, and often is, dismissed by those who
see the state as a representation of the people and total secrecy in the
intelligence community as necessary for a healthy country/national security.

~~~
dTal
>terrorism seems to have accelerated totalitarianism

How do you figure? I weakly dispute that totalitarianism is accelerating
(there are some worrying trends at various stages of development in the US,
UK, Canada, and Australia, but _accelerating_ is a strong word - we may just
be more aware of power abuses because of the internet), but I strongly dispute
that, if true, "terrorism" is the cause. There has always been terrorism.
There will always be terrorism. Terrorism is merely the enemy du jour. The
idea that terrorism represents a new and uniquely dangerous threat is pure
propaganda. Indeed, when you look at some the shit that went down in the
latter half of the 20th century, we are living in a comparatively terrorist-
free time. Possibly governing politicians are more _afraid_ of terrorism after
9/11 (not because of its lethality as such but because of the unpredictable
political aftershocks), but equally (more likely?) they may be consciously
aware of its utility at pushing through power grabs. Either way, it's not
right to call it a _cause_.

Have a look at this:
[http://en.wikipedia.org/wiki/Terrorism_in_the_United_States](http://en.wikipedia.org/wiki/Terrorism_in_the_United_States)

It's rather interesting how much longer the 2000s section is - rather
misleadingly, as each entry is 2-3 lines of text while the earlier entries are
generally a single line. Also, there's a lot of fluff in the 2000s entries.
Search for where the word "bomb" appears and you'll see what I mean. I wonder
if this is the result of terrorism hype, or one of those instances of subtle
Wiki bias we've all been hearing about?

~~~
dmix
Measuring terrorism in number of historical attacks or body counts shows a
lack of understanding of the goal of terrorism. I'm not saying terrorism
attacks itself is the source, but the fear of terrorism (which is still
essentially terrorism).

Terrorists attacks probably aren't accelerating (domestically). But
politically in the last decade, it has been the source of the accelerated
militarization of police [1], extreme border policies such as the TSA follies
and the elimination of judicial check on executive power [1].

All signs of increased totalitarianism and all directly connected to
terrorism.

[1] [http://www.theatlantic.com/national/archive/2011/11/how-
the-...](http://www.theatlantic.com/national/archive/2011/11/how-the-war-on-
terror-has-militarized-the-police/248047/)

[2]
[https://en.wikipedia.org/wiki/State_Secrets_Privilege#Elimin...](https://en.wikipedia.org/wiki/State_Secrets_Privilege#Elimination_of_judicial_check_on_executive_power)

------
algorias
Nothing surprising here. They're fighting tooth and nail to keep their
activities under a veil not of secrecy (that's impossible at this point) but
of vagueness, which in the end achieves the same purpose: preventing people
from caring.

The worst part is that the argument brought against transparency actually
makes sense on the surface level, but as usual completely ignores the factor
of bad actors within the system, which need to be kept in check as much as any
hypothetical group of terrorists.

------
smsm42
I think by now the situation has come to a point where nobody believes a word
of denials coming from any US company when it comes to surveillance and user
data. Anybody would just assume they're denying it because NSA tells them to
do so and they don't have a choice. Understandably, big companies don't like
feeling like ventriloquist's puppets. Maybe they should spend some of those
lobbying dollars on putting collar, leash and muzzle on NSA.

~~~
sixothree
And maybe we should punish these companies until they do.

------
CurtMonash
There was a time when the trade-off was:

1\. The government lied and pretends not to engage in domestic espionage.

2\. To support that lie, the government didn't do much bad stuff with the
results of its domestic spying.

3\. Thus, the domestic spying wasn't a big deal.

I think we're past that point now.

~~~
jamesaguilar
What bad stuff has the government done with the current batch of domestic
spying?

~~~
drjesusphd
Secretly and unconstitutionally feeding evidence to local law enforcement for
petty crimes. Blackmailing judges and politicians. Giving (selling?)
information about US citizens to foreign countries. Spying on significant
others. Industrial espionage.

That's just what we've heard about.

~~~
knowaveragejoe
Aside from the first one, is there any hard evidence of these? "Industrial
Espionage" != spying on foreign companies with no commercial benefit, for
example.

------
lettergram
If those tech companies decided to release all of their information nothing
would stop them (not even the U.S. government).

If the U.S. decided to take down every one of those companies or indite their
CEOs/Boards the would have an uproar from the populous that would likely be
comparable to the 60's (or worse).

Essentially, the populous would be more loyal to a company who's honest than a
government which is dishonest.

------
mrt0mat0
I honestly didn't expect much from this. The part that scares me about all of
this is this: if the government can't read our emails, listen to our phone
calls, or see our web traffic but they have the ability to... what stops them
from outsourcing the work to another country, where there is no constitutional
restraint. we outsource everything else, why not our domestic spying?

~~~
nostrademons
The intelligence community works on the principle that it's valuable to have
information that other people do not. If they outsource the spying, then other
people have that information, right?

~~~
minor_nitwit
Australia, UK, New Zealand, Canada, and the US are all part of the 5-eyes,
which have a broad agreement on sharing intelligence.
[http://en.wikipedia.org/wiki/Five_Eyes](http://en.wikipedia.org/wiki/Five_Eyes)

While they may not share information with say - China - they will share it
with one of the other eyes, who could also lend a helping hand in domestic
spying.

------
ihsw
And now the tech companies can give up their vaunted crusade for user's
rights. "Oops! We tried!"

Plausible deniability and so forth.

~~~
aspensmonster
You can't expect me to actually go to jail for what I believe in, can you?
Clearly, I can do more from the outside _asking_ for _permission!_ And I get
to keep all my money too.

~~~
jamesaguilar
This comment feels really cheap to me. Two big issues:

1\. Most people probably are not huge fans of this, but don't consider it a
big enough deal to go to jail over it. I'm in that category (double
disclaimer: not speaking in any official capacity for my company).

2\. Even if someone DID think it a big enough deal, it's not easy to be a
martyr. If it were, then presumably _you_ would have already found yourself a
job at one of these companies then spilled the beans. Considering you're
commenting on HN, not languishing in prison, I can only guess that you find
the prospect of such martyrdom much less appealing than your comment seems to
indicate.

~~~
aspensmonster
I'm not languishing in prison (yet). I certainly don't find such prospects
appealing in the least. But my values are not hobbies. If push came to shove,
prison is where I'd go. Granted, having a publicly stated policy of
whistleblowing will likely put me on the bottom of a very long list of
candidates for employment at these companies. (Well, it seems not to be the
case with Google yet. I get prodded by one of their recruiters every semester,
asking if I'm graduating yet or not. I'm unsure of whether I have the kind of
technical chops they're looking for, but I suspect that even if I do, my
personal convictions would leave the deal dead in the water.)

~~~
jamesaguilar
Let me make sure I understand. You'd disclose your views to a potential
employer, thereby letting yourself off the hook for implementing them?

~~~
aspensmonster
Hardly. I'd disclose that I will not carry out immoral or unethical behaviour
on behalf of my employer, and will follow all protocol in pursuit of stamping
it out, up to and including whistleblowing. That sort of attitude used to be a
plus, dare I say something that was implicitly understood between the two
parties. It's the sort of thing that you'd think people would want to _ensure_
wound up in the contract all new hires signed when brought on board. I find it
remarkable that such a policy would make anyone unfit for employment with
anyone else. I'd like to think a company like Google would agree with such a
policy. Their executive chairman seems to think as much:

 _" If you have something that you don't want anyone to know, maybe you
shouldn't be doing it in the first place."_

~~~
jamesaguilar
OK, to me this reads, "No, I'd not disclose anything that jeopardizes my
chances to be that whistleblower. I'd just disclose the main thing that
jeopardizes my chances to be that whistleblower." I'm not trying to be
(overly) confrontational, but I can't spot the difference between what I asked
and what you said you'd do. It just seems like you've constructed a scenario
where you will never be called upon to do what you seem to think is such an
obviously good choice, and therefore I have trouble seeing how you came to the
conclusion that the choice is easy or obvious.

No comment re: anything after "It's the sort of thing . . ." I don't know the
company's employment policies in this area and wouldn't talk about them even
if I did.

~~~
aspensmonster
You asked me if I would let myself off the hook for blowing the whistle
because I told my employer in advance that I would do so. I wouldn't
characterize it as letting myself off the hook, because there shouldn't be a
"hook" in my clavicle mandating unethical behaviour in the first place. I'd
characterize it as doing the right thing if for no other reason than being
ethically obligated to do so. Blowing the whistle should never be a "letting
myself off the hook" gesture. It should be the expected default choice of
action when the protocols put in place to address bad behaviour are being
subverted.

>"No, I'd not disclose anything that jeopardizes my chances to be that
whistleblower. _I 'd just disclose the main thing that jeopardizes my chances
to be that whistleblower._"

>It just seems like you've constructed a scenario where _you will never be
called upon to do_ what you seem to think is such an obviously good choice...

It seems the nail has met the head. Now, I don't know if you are indeed a
software engineer for Google or not --and perhaps I'm torpedoing my own
opportunity to join the ranks a year or so from now-- but Hacker News does
seem to have quite a number of folks online that are genuinely involved in the
thick of the industry. Of course, I understand that you cannot, will not,
confirm or deny, comment or speculate. But you've brought about the very point
I'm raising: Why on earth would asserting that I would behave ethically,
affirming that I would blow the whistle if the protocols in place to address
such issues failed, constitute "[disclosing] the main thing that jeopardizes
my chances to be that whistleblower"? Why would such a statement constitute
"[constructing] a scenario where [I] will never be called upon to do" the
right thing? What is it about stating "my loyalty is to the company up until
I'm expected to behave immorally, unethically, or illegally" that makes every
last employer want to run for the hills?

>...and therefore I have trouble seeing how you came to the conclusion that
the choice is easy or obvious.

I didn't come to either conclusion. Whistleblowing is neither easy nor the
obvious answer. But when it becomes clear that it is the only viable answer,
when every other avenue of objection is exhausted, it most certainly does
become the right thing to do. Everyone has their own excuse for staying
silent. They can be perfectly valid excuses. I wouldn't expect someone to blow
the whistle if their dependents would be ruined by it. I wouldn't expect them
to blow the whistle if they genuinely felt that it would make absolutely no
difference and leave them forever destitute. But that doesn't make it _right._
Just excusable. And in the tech industry, a knowledge industry dominated by
single, unattached, 20 somethings, I find it hard to believe that every last
soul could have a valid excuse.

~~~
jamesaguilar
> Why on earth would asserting that I would behave ethically

Let me construct a parallel scenario that might make it obvious to you. Let's
suppose you're hiring a nanny to care for your children while you are away at
work (not that you or I could necessarily afford such a thing). You tell the
candidates your requirements for how the children should be treated while you
are away, including what food they may eat, what shows they may watch, the
ways, if any, they might be disciplined etc.

One of the candidates, upon hearing these requirements, declares that he will
follow them up to the point he feels they violate his ethics or morals.

Do you hire this candidate? If no, why not?

~~~
aspensmonster
Seems like a very interesting example to choose. Hiring a nanny for your child
is one of those cases where you would absolutely want to fully vet each
candidate. Are you suggesting you'd sooner leave the nanny's ethical and moral
compass as a question mark than fully investigate what his or her ethics and
morals are? This seems like a case where someone's ethics and morals are
absolutely required to be known, not left as an exercise. Of course, most
people rely on friends and family for such jobs for precisely these reasons.
And if I had to hire a stranger, I'd absolutely be interested in knowing about
their ethics and morals. Given my limited ability to get to know every last
person, I'd prefer to hire from a reputable agency (so much as you can trust
their reputation, in any case).

The reality of course is that _every_ candidate will follow your orders up
until he or she feels they violate his or her ethics/morals. Whether they're
open about it or not is irrelevant. If you ordered them to abuse your own
children (of course you wouldn't, but we're both being good-heartedly
facetious here) you could reasonably expect them to turn you in, whether they
were up front about it during an interview or not. Playing coy about the
matter during an interview is a recipe for disaster on both ends.

~~~
jamesaguilar
That is a fair point. But I take it you understood what it is that makes it
hard to hire a candidate when their ethics go against what a company believes
is ethical, and/or what a company is legally bound to do.

Also, don't worry about what you say to _me_. I'm nowhere near important
enough for that to matter.

------
sinemetu11
Probably naive, but what would happen if Google, Facebook, MS just started
disclosing everything? What are they going to do shut them down? Seems silly
to me that these huge companies can't just give them the middle finger and
show them that they're not going to be bullied any longer.

~~~
pjc50
The individuals responsible for disclosing go to jail?

------
mpyne
I'll note that the U.S. justification is essentially the same justification
made by the "metadata is data" piece by der Spiegel a couple of months ago; if
you have enough data _about_ something, it doesn't matter that you don't
disclose the contents of that data directly, the harm is already done.

Oddly enough, this time it's the tech companies arguing the opposite (that
disclosing specific metadata only is OK and not hazardous).

Weird world we live in, sometimes...

------
jlgreco
It would be nice to see a proper corporate backed "tech lobby" with some teeth
emerge from this, but I'm probably hoping for too much.

~~~
Zigurd
Be careful what you wish for. A big slice of the tech industry builds
surveillance technology and sells it to anyone globally. Would you trust such
a lobby not to lobby for protectionism if US companies were losing business to
overseas providers of verifiable secure services?

~~~
jlgreco
There are already people lobbying heavily for all the shitty things I could
see a tech lobby lobbying for. MPAA/RIAA, protectionist labor unions,
'military-industrial complex', etc.

Tech lacks representation though, particularly compared with how much lobbying
much less affluent industries manage to do.

~~~
eliasmacpherson
I think specific parts of tech, lobby specifically, for their specific
interests - and those specifics aren't aligned with other players.

Far be it from me to understand the finer points - but to my mind, youtube
isn't a whole lot different from megaupload - but you can bet Google has top
class lobbyists and lawyers, whereas megaupload did not.

~~~
nly
Everything on Youtube is publicly indexed. It's therefore accessible to
copyright holders and authorities. Megaupload (and all file lockers) were set-
up as if your uploads are personal and private, but to still allow files to be
shared by passing around direct URLs. This is why Rapidshare (who were once
one of the biggest of them all) ditched their sharing capability and are now
left alone. It's the cliques that are the problem to vested interests, not the
frivolous sharing.

~~~
jlgreco
> _Everything on Youtube is publicly indexed._

That is not actually the case. Youtube has a concept of both private and
unlisted videos. Unlisted videos work similarly to how you describe
Megaupload:

 _" Unlisted videos

Making a video unlisted means that only people who have the link to the video
can view it. To share an unlisted video, just share the link with the people
who you’d like to have access to it, and they’ll then be able to see it.
Unlike private videos, the people you share the video with do not need to have
a Google account to see the video, and they can share with more people simply
by forwarding the link to them.

Unlisted videos won’t appear in any of YouTube's public spaces, like your
channel page or search results."_

[https://support.google.com/youtube/answer/157177?hl=en](https://support.google.com/youtube/answer/157177?hl=en)

~~~
nly
Ok, put another way... all videos on Youtube are videos and relatively
transparent, easy to view and inspect. On a file locker your files are opaque
mysterious entities that the site can't hope to inspect.

~~~
jlgreco
So like Google Drive?

Not to incriminate myself or anything, but I have been given copyrighted
documents with Google Drive. (Though I've ingested many orders of magnitude
more copyrighted documents through youtube...)

------
anovikov
For those companies that are already public (so not dependent on ability to
raise capital), why don't just move all operations overseas and get immune to
U.S. government? Prohibitive costs of bandwidth?

You can't fight things like that in court, it's as hopeless as Khodorkovsky's
attempts to defend himself. Only things that work for businesses is moving
out, for people - using strong encryption on personal level.

I don't say that legal way should not be taken, it is still good but just to
show how far the government is willing to go to defend it's violations of
human rights - which should make things clear to those who are still in doubt.

------
coldcode
In the end the only thing that matter is what the Supreme Court says. The
issue is getting this to them with standing.

~~~
smsm42
SC has a lot of deference to the Congress, and will go out of the way to find
some convoluted legal language to justify something if it can be justified. So
if the Congress and US public will be OK with mass surveillance, SC would not
ride in on the white horse and save them from themselves. It would say "it's
constitutional because of the precedent in 1834 that says blah blah blah and
decision in 1928 that says foo bar bar foo, and you can't really expect
privacy when you sending data out anyway, if you want it private, don't send
it to nobody".

------
aspensmonster
How about they stop requesting and start spilling the beans? Or at least
ensure that the relevant evidence winds up in the relevant laps of the
relevant journalists. The White House can selectively leak whatever it feels
is beneficial to them with impunity. I find it hard to believe that there
isn't a single person in any of these companies that hasn't already taken
action. Just wait and see I suppose.

~~~
betterunix
Part of the problem is that these companies have a lot of incentive to remain
on friendly terms with the government. Suppose you are a telecom company and
you want to lay some new fiber -- do you really want to be the company that
rebelled against the government? Would Microsoft, which was supposed to be
broken up for antitrust law violations, really want to be a company that
rebels against the government?

Sure, individual employees might leak the information, but they would being
taking a great personal risk by doing so. Ed Snowden was not the only person
who was aware of these programs and had a problem with them; yet he was the
only one ready to give up his livelihood to leak the information.

~~~
nickff
Qwest simply refused NSA surveillance requests, and were rewarded with the
cancellation of a government contract and having their CEO charged with
securities fraud.

[http://en.wikipedia.org/wiki/Qwest#Refusal_of_NSA_surveillan...](http://en.wikipedia.org/wiki/Qwest#Refusal_of_NSA_surveillance_requests)

~~~
jamesaguilar
Is there evidence that the securities fraud charges were actually caused by
their refusal? Or were they caused by the fact that the guy said Qwest was
doing well and sold ahead of a huge downturn in prices? As far as I can tell
from Wikipedia, the charges would have stuck irrespective of the NSA stuff.

~~~
wavefunction
The downturn in the stock came after the government dismissed the contract.
"Induced" insider trading by the government manipulating the stock to tank,
then prosecuting in some people's opinions.

~~~
001sky
The stock went for 40 to 2 and had nothing to do with the NSA.

------
frank_boyd
Sounds like a nice PR walk-in-the-park.

If these companies were serious about protecting their customers, they'd band
together and block government mandated mass surveillance _entirely, from A to
Z_. Given their size of the market, the government can't and wouldn't shut
them down.

------
avty
US tech companies have begun to lose oversea businesses, this will only get
worse.

------
camus
or said another way , the government officialy wipes its a __with the
constitution.

