
Tech firms push back against White House efforts to divert NSA meeting - wrongc0ntinent
http://www.theguardian.com/world/2013/dec/17/tech-firms-obama-meeting-nsa-surveillance
======
Kapura
I find it hilarious that the Obama White House doesn't seem to be taking the
tech companies' position seriously. In fact, the White Houses's almost
complete non-response to the NSA revelations has damaged their credibility in
my mind much moreso than the Healthcare.gov debacle. Me and other tech-
industry-type people I talk to understand why code projects fail and break,
so, while we shake our heads at the poor management and deployment of this
website, we "get it." It doesn't really concern us.

This Snowden thing is really getting out of hand, though. I initially was
anti-Snowden when the first leaks came out; I was unconcerned that the
government might be storing metadata. But I am certain that the NSA has been
lying about the scope of their collection and it's legality. As more documents
leak, I become increasingly concerned with the apparently blank cheque for
surveillance that the NSA has been issued. It has personally shaken my trust
not only in specific channels of communication, but the entire internet in
general. It's troubling the steps one must now go through to have a semblance
of secure communication: I have trouble trusting ANY software for security
because I have no idea what the NSA is allowed to do (I suspect its almost
anything if it's en masse). The one percent doctrine is the scariest thing to
come out of the Bush White House, which wasn't exactly a beacon of freedom.

The wheels of law and government turn slowly, which is, generally, a good
thing, but I believe that the gov'ts policies regarding information collection
need to be addressed ASAP. They're hurting the United States' already shaky
foreign credibility, and they're hurting American companies' interests as
well. Somebody needs to light a fire under Congress's or the White House's
seat to get the ball rolling. Judge Leon's ruling is a good step, but I'm
disappointed and ashamed that the first president I cast a ballot towards is
stonewalling on such an important issue.

~~~
forgottenpass
_I find it hilarious that the Obama White House doesn 't seem to be taking the
tech companies' position seriously._

They're lobbying because the government surveillance revelations hurt their
business model, not on principle. Even I'm having a hard time taking their
positions seriously. I mean, they're right, I'm fine with the means they're
lobby for change and I share their desired ends. But in light of their
motivations I don't take them seriously.

~~~
ihsw
One of the key points in their push for new legislation is establishing a
universal framework for handling cross-jurisdictional legal conflicts -- one
in particular is Google being indicted in the UK on privacy violations and
them subsequently requesting to move the avenue of debate to an American
court. These kinds of legal uncertainties are troublesome for large
multinational corporations, especially with regards to patents and whatnot.

They're piggy-backing on the surveillance issue to push their idea of
universal jurisdiction, a concept unheard of until WWII during the Nuremburg
trials where German war criminals were charged with violating American laws
even though they weren't Americans, the victims weren't Americans, and the
crimes hadn't occurred on American soil. The very basis of state sovereignty
is being challenged.

"Because it hurts their business model" simplifies things a bit too much.

~~~
magicalist
This is completely made up legal theory. Please don't push it as anything
approaching truth. Not only is Google not being "indicted" (it's a civil
suit), it has nothing to do with NSA reform (it's about the Safari third-party
cookies workaround), and jurisdictional challenges, even wrong ones, are as
old as the hills.

~~~
w_t_payne
Matters of jurisdiction in international law are a pretty hot topic at the
moment -- have been for a few years, and will probably continue to be for the
next decade or two.

~~~
001sky
_Matters of jurisdiction in international law_

They are as old as questions of sovereignty, that's why it s a problem and not
only likely to be remedied soon.

~~~
w_t_payne
Quite.

------
spinchange
I am reminded of something I once read the President of France had said to
someone after meeting President Obama for the first time. "He's a show horse,
not a workhorse."

That's _exactly_ how I feel reading about a WH meeting with Tech CEOs who want
to discuss this NSA ridiculousness while the White House handlers spin that
it's about asking their advice on healthcare.gov or some nonsense. It's just
unserious and totally not confidence inspiring.

~~~
narrator
Sounds a bit like:

[http://newsflavor.com/politics/us-politics/wall-street-
insid...](http://newsflavor.com/politics/us-politics/wall-street-insider-the-
complete-interview/)

Search down to the part of the article that starts out "explain what was odd".

~~~
redthrowaway
I'm sorry, but that's an absolutely terrible article/interview.

------
chernevik
Interesting that they were willing to be seen forcing the agenda here, contra
the WH's preferred positioning. They think the downsides of complicity with
the NSA program are worse than those of pissing of the White House. But there
is a long way to go here.

Someone will eventually have to confront the NSA's rhetoric "we can't stop
terrorism / people will be killed if we constrain surveillance". I wouldn't
expect that from this White House, or many in Congress. You can push on and
even piss off the President, but if he won't push the NSA you have to generate
political pressure to force him to do just that.

I'm not sure that pressure is available under the argument that tech giant
business models require transparency. That frames the issue as commerce vs
security, I don't think that's a big vote getter. The truth is that real
privacy will in fact get more people killed, in the short run, because yes it
makes operations easier for the Bad Guys. I'm okay with that, because I'm more
worried about a tyrannical government, and We are bigger than the Bad Guys.
But I'm not sure the electorate sees it my way.

I suppose the likeliest solution is some tacit recognition that proper privacy
does allow more terrorism / drug traffic / child porn. I worry that thus we
won't get really proper privacy, or a real political commitment to it.

I'm glad these CEOs carried this to the President, but I don't think they're
going to be the whole solution to this.

~~~
nathan_long
>> The truth is that real privacy will in fact get more people killed, in the
short run, because yes it makes operations easier for the Bad Guys. I'm okay
with that, because I'm more worried about a tyrannical government, and We are
bigger than the Bad Guys. But I'm not sure the electorate sees it my way.

Yep. It's no different than regular crime. We could prevent all crime if the
state handcuffed every single citizen. Done! Yay! Whoops, except we destroyed
what we meant to protect: life and liberty.

That's what surveillance is doing now. It destroys freedom of speech, freedom
to gather peacefully, freedom to petition the government for a redress of
grievances (how can you investigate government wrongdoing if they're tapping
your phone?), all to (possibly) mitigate the already-small risk of being blown
up by loonies.

------
MichaelGG
Mentioning Healthcare.gov seems bizarre. In what possible way does Yahoo,
Netflix, or AT&T have anything useful to discuss about a large integration
product with the head of state?

------
vikas5678
I appreciate the fact that the companies are focusing on this. However, its
unclear to me why they didn't try any of this before Snowden leaked all this
information? So if no one knew about it, these tech companies were OK sharing
with the government?

~~~
diminoten
They didn't know about all of it either.[0]

[0] - [http://www.washingtonpost.com/world/national-security/nsa-
in...](http://www.washingtonpost.com/world/national-security/nsa-infiltrates-
links-to-yahoo-google-data-centers-worldwide-snowden-documents-
say/2013/10/30/e51d661e-4166-11e3-8b74-d89d714ca4dd_story.html)

------
IanDrake
>despite the White House declaring in advance that it would focus on ways of
improving the functionality of the troubled health insurance website,
healthcare.gov, among other matters.

I'm sure a bunch of tech CEOs and politicians are going to come up with a
fantastic scaling solution for the beleaguered website. Let's see, how would
that go?

Obama: "I was thinking about migrating to Mango and getting in on some of that
sharting I keep hearing about".

Mayer: "No Mr. President, you need more nginx servers to do SSL termination,
your Apache servers _can 't handle the load_".

Then Biden: "That's what she said..."

At which point every one stops and looks at him.

------
jcrites
Interesting to see the way that change is playing out:

1) Person blows whistle / leaks information about government surveillance

2) World trust in US firms is damaged, especially internationally. Foreign
firms and governments hesitate to trust US firms with their data. US firms
lose contracts and relationships sour.

3) US firms whose interests are hurt lobby for surveillance reform

Personally, I think the crux of the issue is the doctrine that, if a company
is a party to handling my data, whether privately or as part of delivery to
another person, that company may voluntarily share information with the
government. I think it's a failing of our constitutional law against
unreasonable search and seizure that this precedent was set. (I'm not a lawyer
but that is my understanding - please correct me if I'm wrong.)

In the modern world, virtually all of our communication involves other
companies, and so if those companies can voluntarily act as effectively agents
of the government in providing the government data, then from my perspective
this dodges the intent of the Fourth Amendment. Especially given modern
adoption of cloud computing - my papers and personal effects are rarely
present solely on my property. Technological progress in cloud computing
should not erode fundamental constitutional protections. With that precedent,
it has.

As all data increasingly goes digital, it is wrong for our society to present
a conflict of interest: either keep my data myself, and lose out on modern
technology; or use modern technology and be subject to omnipresent
surveillance. The better option is to reform our laws so that constitutional
protections extend to digital information, wherever it is kept, as well as
"papers".

Would it be reasonable to change the laws of our society such that no person
may share another person's digital information with the government [1], except
as required by law, or unless they specifically believe that person guilty of
wrongdoing? Perhaps such an approach could form the basis for much more
effective protection against unreasonable search.

[1] I realize getting this right is going to be tough. Perhaps it's "no
digital information created by the person, or metadata about that
information". What I'd be looking for is a reasonable digital equivalent of
"papers and effects".

Perhaps such a relationship could be negotiated through private contract today
(e.g. terms of service). The asymmetrical relationship makes this difficult to
achieve as a consumer. (This leads me to wonder: do the terms of service of
major Internet firms permit them to share your information with the
government?)

Maybe the first place to start is pushing Internet companies to adopt terms of
service that prohibit sharing your information with government agencies (or
with any other firm who does not have such a clause in its relationship with
the first company), except as required by law.

If the tech companies who met with the President want to lead reform in this
space, they could begin by changing their terms of service to explicitly
prohibit voluntarily sharing your data with governments or firms who may
voluntarily share that data with governments. Of course, that might strain
their relationships with those governments, and harm their business in a
different way, so it will be interesting to see how this plays out.

I'm not saying that business reasons are the only reasons. I do believe that
plenty of people and firms want to change the situation on its merits. It's
just also interesting to me to look at this issue from the perspective of
business impact.

~~~
jmillikin

      > I think the crux of the issue is the doctrine that, if a
      > company is a party to handling my data, whether
      > privately or as part of delivery to another person,
      > that company may voluntarily share information with the
      > government. I think it's a failing of our
      > constitutional law against unreasonable search and
      > seizure that this precedent was set.
    

Voluntarily supplying information to the government is not a violation of the
constitution. There are many reasonable cases where private companies should
share information with the government (e.g. for handling illegal content); if
I hear gunshots and screaming coming from the house next door, I am allowed to
call the police. Such voluntary sharing is typically limited by the privacy
policies of the companies involved.

But the whole NSA debate isn't about voluntary data sharing at all, it's about
the government demanding access (or simply breaking in) without a warrant. The
NSA's tapping of fiber lines is equivalent to the local SWAT team walking into
my bank and rifling through everyone's deposit boxes. There's not much the
bank can do about that except lobby against warrantless searches.

    
    
      > Would it be reasonable to change the laws of our
      > society such that no person may share another person's
      > digital information with the government [1], except as
      > required by law
    

What do you do when the law says "NSA gets to demand whatever it wants for any
reason?"

~~~
jjoonathan
> the whole NSA debate isn't about voluntary data sharing at all, it's about
> the government demanding access (or simply breaking in) without a warrant.

Why not both? The NSA "breaking in" is certainly a problem, but I don't
understand why the third party doctrine isn't.

> There are many reasonable cases where private companies should share
> information with the government

Yes, but the third party doctrine goes far beyond what I would consider
"reasonable."

> Voluntarily supplying information to the government is not a violation of
> the constitution.

That's up for interpretation. The extent to which single companies held large
swaths of information about our lives has changed dramatically in the last
decade. Do you seriously believe that, if the constitution were written in the
present day, personal information (of some description) would not be included
in the 4th? Alternatively

> The right of the people to be secure in their persons, houses, papers, and
> effects, against unreasonable searches and seizures, shall not be violated,
> and no Warrants shall issue, but upon probable cause

I'd consider anything in gmail/gdocs to be "papers and effects" of mine. I
understand that the US government has a different interpretation, but that
doesn't mean I have to agree with it.

~~~
rayiner
The root question in the 4th amendment is whether the belief that certain
information is private is _objectively_ reasonable. The premise of the third
party doctrine is that it's not objectively reasonable to consider information
private when you've given up control of that information to a third party. How
can something be private when it's at the total discretion of someone else to
disseminate that information?

Whether you agree with this or not, you have to admit: your gmail/gdocs isn't
exactly "papers and effects" in the same way as the "papers and effects" in
your desk drawer. Not because they are digital, but because the contents of
your desk drawer aren't routinely rummaged through by other people, or data
mined for targeted advertising, or anything like that. When the question is:
is it reasonable to expect these documents to remain private, those things
must certainly factor into the equation.

It's very relevant that "single companies [hold] large swaths of information
about our lives" but that doesn't mean it's automatically protected by the 4th
amendment, or that how that information is handled today justifies expecting a
privacy interest to exist in that data. The 4th amendment must accommodate the
transition from paper to digital, sure, but you can't erase the word "private"
from "reasonable expectation of privacy."

There are certainly ways Google could make a clearer case for extending 4th
amendment protection to gmail/gdocs. Essentially, make it more reasonable to
expect that information to be private. Stop data-mining it for targeted
advertising, encrypt it client-side, institute rigorous procedures for who has
access to that information, perhaps lobby for laws to create enforceable
penalties for cloud companies who allow employees to access the data without
absolute need. These are essentially the analogues of what protects bank safe
deposit boxes despite the third party doctrine: banks don't routinely look in
safe deposit boxes, they don't ask what's inside, they have extensive
protocols to prevent employee access, etc. They are "private" both legally and
factually.

In order to make a convincing case that information in the cloud is "private"
for the purposes of the 4th amendment, cloud companies have to move in a
direction of ensuring that the information is actually "private" as a matter
of fact.

~~~
darkarmani
> The premise of the third party doctrine is that it's not objectively
> reasonable to consider information private when you've given up control of
> that information to a third party. How can something be private when it's at
> the total discretion of someone else to disseminate that information?

In that case, why doesn't it cut both ways? The Gov't gave access to Snowden,
so does that suddenly make it reasonable that he should be able to share that
data with the world?

The fact that most people expect their telephone, email, etc records to be
private should say that the 3rd party doctrine is fundamentally flawed.

------
alan_cx
Interesting to me that US tech firms are more bothered about US international
reputation that the government.

Anyway, I have said a few times these tech companies should step up to the
plate and it looks like they are. Good.

People might criticize their motivation, suggesting that its all about money,
but from at least my non US POV, the US _is_ all about money, its as pure
capitalist as it gets. There for the US its self is all about money. So, what
else is going to motivate US people or bushiness? It was always going to be
about money.

What I think is needed now is for these tech companies to use some of their
immense wealth to put up some sort of political opposition, campaign,
candidates or what ever. Talking and finger wagging is good, but they need to
put their money where their mouths are.

But over all, positive. Lets see what happens.

Edit: Just to add, Im not making a moral judgement about the US being all
about money. That is another conversation.

------
znowi
Those tech companies possess immense power and influence, both in lobbying and
even more so on the internet with the people. If they really wanted to "push
back", this story would be over in the summer. One Google could turn the tides
completely if stood up for what it once believed. I see this sudden "reform"
as no more than a show for the public.

~~~
vinkelhake
How do you propose they really "push back"?

What is it that you want Google to do to turn the tides completely?

------
joering2
What is Pincus doing there? [1]

Does anyone know if there are any backdoors built into Zynga games?? Their
userbase is still impressive.

[http://static.guim.co.uk/sys-
images/Guardian/Pix/pictures/20...](http://static.guim.co.uk/sys-
images/Guardian/Pix/pictures/2013/12/17/1387299724323/29753ebb-6edd-4350-addf-183ab233fdaa-460x276.jpeg)

------
wpietri
Given then the number of CEOs attending whose business model is surveillance
[1], a cynical person would suggest that they're just upset about the
competition.

[1]
[https://www.schneier.com/blog/archives/2013/11/surveillance_...](https://www.schneier.com/blog/archives/2013/11/surveillance_as_1.html)

------
j1z0
I for one don't really care about the motivations of these companies. Im just
glad they are doing something about it.

This NSA debacle is just one more nail In the coffin of American Emperialism.
And America better wake up and change her ways if she wants to continue to
enjoyed the privllaged global position she has had for so many years.

