
DOJ: We don't need warrants for e-mail, Facebook chats - declan
http://news.cnet.com/8301-13578_3-57583395-38/doj-we-dont-need-warrants-for-e-mail-facebook-chats/
======
josh2600
I might be too late for anyone to see this, but I think it's an important
point.

A lot of people assume the origin of wiretapping laws has to do with
protecting citizens from the police. This isn't the case, at least not
originally. Wiretapping laws were about protecting citizens from each other.
Let me explain:

Once upon a time, it was too expensive to run a phone line to each house. AT&T
had the brilliant idea of running one phone line and having many people on a
street share the line (the rich, of course, enjoyed private communications).
So if there were seven houses, and you were in house number 5, you would only
answer calls that rang 5 times. The problem is that since all the houses on
the block shared one phone line, any one nosy enough to but in could eavesdrop
just by taking their phone off hook. The original wiretapping laws were setup
to protect citizens from this, not the Government.

As a side note: before the North American Numbering plan, phone numbers were
names followed by numbers. An example might be Oxford7 or OX7 on the number
pad, which would ring the 7th house in the Oxford area (Oxford is a
placeholder and doesn't refer to Oxford proper.)

~~~
mrexroad
interesting. i assume you're referring to legislation at a state level? got
any links? i haven't read much about that era, but from what i have, it sounds
like things were awesomely crazy back then w/ PIs tapping for clients,
corporations tapping each other, etc.

at least at the federal level, everything i'd read places the catalyst for
modern wiretapping laws as the conviction appeal of seattle bootlegger Roy
Olmstead's arrest based on evidence gathered by a warrantless wiretap by
"rogue federal law enforcement officers." his appeal reached the supreme court
in 1928 and was upheld 5-4 on 18th century trespass laws. in 1934, congress
passed The Communications Act of 1934, which made wiretapping a federal
criminal offense and any evidence obtained from such would be inadmissible. it
wasn't until the The Omnibus Crime Control Act of 1968 that the
constitutionality of wiretapping was articulated for investigative purposes.

this gives a better overview/detail compared wikipedia:
[http://www.americanbar.org/content/dam/aba/administrative/li...](http://www.americanbar.org/content/dam/aba/administrative/litigation/materials/sac_2012/29-1_history_and_law_of_wiretapping.authcheckdam.pdf)

~~~
josh2600
Alright so digging a bit:

At common law, “eavesdroppers, or such as listen under walls or windows, or
the eaves of a house, to hearken after discourse, and thereupon to frame
slanderous and mischievous tales, are a common nuisance and presentable at the
court-leet; or are indictable at the sessions, and punishable by fine and
finding of sureties for [their] good behavior.” [1] Very Early Eavesdropping
law.

but it wasn't prosecuted very often and faded from the common parlance:

“Eavesdropping is indictable at the common law, not only in England but in our
states. It is seldom brought to the attention of the courts, and our books
contain too few decisions upon it to enable an author to define it with
confidence.... It never occupied much space in the law, and it has nearly
faded from the legal horizon.”[2]

The first wiretapping laws were enacted by congress during world war 1:

40 Stat.1017-18 (1918)(“whoever during the period of governmental operation of
the telephone and telegraph systems of the United States ... shall, without
authority and without the knowledge and consent of the other users thereof,
except as may be necessary for operation of the service, tap any telegraph or
telephone line ... or whoever being employed in any such telephone or
telegraph service shall divulge the contents of any such telephone or
telegraph message to any person not duly authorized or entitled the receive
the same, shall be fined not exceeding $1,000 or imprisoned for not more than
one year or both”); 56 Cong.Rec. 10761-765 (1918).

And you're right, that wiretaps weren't constitutional until 1968, but this
doesn't discuss neighbors spying on neighbors.

I think we found the same document:
<http://www.fas.org/sgp/crs/intel/98-326.pdf>

I'll ping my buddy to see if he can shed a little more light, but this is
related to wiretaps, which is slightly different from eavesdropping.

[1] 4 BLACKSTONE,COMMENTARIES ON THE LAWS OF ENGLAND, 169 (1769). [2]1 BISHOP,
COMMENTARIES ON THE CRIMINAL LAW, 670 (1882)."

------
ComputerGuru
Guys, when will it sink through? The technology to protect yourself from
wiretapping _is in your hands_. End-to-end asymmetric encryption has never
been more accessible. Explain to your friends and family what PGP is _and
start using it_.

Maybe the NSA has it cracked, maybe not. But the IRS sure doesn't, nor do the
FDA, DEA, FCC, FBI, Google, Apple, Facebook, Microsoft for that matter.

EDIT:

Here's how it works: I run PGP/GPG (GPG is the open source/free version of
PGP, they're the same protocol) locally and the first time I use it, it
creates two files, a "public key" and a "private key". I post/share my "public
key" online (and you assume it's really me sharing it with you - this is
important).

    
    
       gnupg --gen-key
       gpg --armor --output Desktop/mqudsi.asc --export "Mahmoud Al-Qudsi"
    

For example, here is my public key:
<http://neosmart.net/downloads/miscellania/mqudsi.asc>

Anyone can now use this key to send me a text message encrypted only for me.
They just need this file and their own pgp/gpg private key; they tell it to
encrypt message X for user with public key Y.

The result of that command (gpg --encrypt --recipient 'Mahmoud Al-Qudsi
<mqudsi@neosmart.net>' toencrypt.txt) will be encrypted text that no one but
the holder of the private key (me) (which should never be shared) will be able
to decode.

The result is plaintext. You can send it via email, text message, snail mail,
whatever. There are apps that automate the encryption procedure as part of the
sending process.

~~~
Groxx
The problem I've had is not so much explaining what PGP is, or why to use it.
It's the software.

Sending an encrypted or signed message to someone who doesn't have your keys
throws all kinds of scary messages in most email clients. Maybe not a problem
for _us_ ™, but a huge problem for most people who find they can't send
messages to their friends without remembering to do step X for people A, B,
and D, but not C or Q. And even if you explained this to them, will they
remember a month down the line when their friend calls them because they think
their computer got hacked? (true story. nobody reads error messages, and
encryption-related ones are among the most cryptic and scary looking.)

Then try convince them to keep using encryption / signatures for you, when it
breaks for other people and makes sending an email more complicated, and they
have to keep track of who C and Q are. Then try to convince them that, even
though they have nothing to hide, encryption is still useful.

Then do this all over again when they get a new computer and forget to install
PGP and have already lost their entire keychain.

\--

The crypto is here, and yes, it has never been more accessible. The software
_using_ it is still garbage.

~~~
AnthonyMouse
>Sending an encrypted or signed message to someone who doesn't have your keys
throws all kinds of scary messages in most email clients.

Seriously. The way PGP should work is: Whenever you send an email, it puts a
header in the outgoing message with your public key. The header is not
normally shown to the user and is ignored as unknown by non-compliant email
clients. Then, whenever you send a message _to_ anyone you've ever received an
email _from_ , you already have their public key, so your email client
automatically encrypts the message before sending it, and their client
decrypts any message it receives encrypted.

This is obviously ignoring a whole bunch of problems. What happens if your
public key changes? What happens if the attacker sends an email from your
address to the user? (Presumably in both cases the recipient will get a
message complaining that the key has changed, and DKIM and the fact that your
email server authenticates you will help with the second.) But here's the
thing: Those problems don't happen _normally_. The average user doesn't
encounter them in the first six months of using the software. They just
install a client that supports the protocol and automatically get encryption
for messages exchanged with anyone else using a supported client, without
having to do anything special.

I think this is one of those "the perfect is the enemy of the good" scenarios.
The people who want encrypted email want it to be secure against the NSA
coordinating with AT&T and your email provider. Which would be great, if it
didn't make the UX so terrible that no one uses it and causes everyone to
default to no encryption. Do the above and you still have good security if you
verify public key fingerprints manually, but it makes the process of
encrypting your email as simple as installing the software, and if you don't
verify keys then you're still safer against a large variety of attacks than
the primary alternative of not using any encryption at all.

~~~
kbenson
You forgot the most important part, validating that the public key you've
received is actually for that person. That may be as simple as automatically
checking public servers for a match and providing some confidence percentage
based on how many people signed it or better yet how many people signed based
on whether you trust them or not.

Without that, it's not just useless, it's detrimental to the system, as there
could be lots of bogus keys accepted by people (imagine a virus that
automatically generates and adds a PGP key to mail clients before sending to
everyone in the address book, just to make it more likely to pass spam
filters). Bogus keys in the web of trust would be a big problem.

In fact, if PGP/GPG were more popular, I imagine there would be the
accompanying glut of horrible passwords used (or duplication from easily
gleaned passwords), and pretty soon some virus would start automatically
signing things it shouldn't on infected systems, and then the web of trust
that the system relies on for third party verification wouldn't be so
trustworthy.

~~~
AnthonyMouse
>You forgot the most important part, validating that the public key you've
received is actually for that person.

It's not that I forgot that part, it's that that's the hard part. That's the
reason PGP is hard to use: They try to make sure you do it securely. And you
_can't_ have some third party do that part for you without trusting them, and
the whole idea is not to have to trust any third parties. What public servers
are you going to use here? Does each email user have to run their own server?
Unless you have a single central server, how do you know which server
corresponds to which user?

Automating web of trust could be interesting though. Imagine you get an email
from a new user that you've never received any email from before. There is
some new P2P network where if you have someone's public key, you ask _that
user_ whether they know the new user's public key, and they send back a signed
response (either "this is the key I have" or "I don't have a key", signed
either way with the known user's public key). Then if all your friends who
have the new user's key agree on what it is, it's probably right. If nobody
has it, you get encouraged to verify it manually (i.e. in person). And if they
don't all agree you get the nasty warnings about something fishy going on.

>imagine a virus that automatically generates and adds a PGP key to mail
clients before sending to everyone in the address book, just to make it more
likely to pass spam filters

That seems like a low-effectiveness method of sending spam, given that the
public key is uniquely identifying and tied to a sender address, so once the
spam filter realizes everyone is marking all those messages as spam it can
just blacklist everything sent using that key. Also, how is it different from
existing PGP other than that more people would be using it? If you've infected
a machine with a virus you can do whatever you want to it. You could just
write the spam directly to the user's inbox, or send it out from their own
address and sign it with their actual key. Compromised machine = you're
screwed.

>the accompanying glut of horrible passwords used (or duplication from easily
gleaned passwords)

This isn't even necessary for a virus. The problem with viruses is that they
can stay resident until you type your password and then it doesn't matter how
hard the password was.

~~~
kbenson
> It's not that I forgot that part, it's that that's the hard part. That's the
> reason PGP is hard to use: They try to make sure you do it securely. And you
> can't have some third party do that part for you without trusting them, and
> the whole idea is not to have to trust any third parties. What public
> servers are you going to use here? Does each email user have to run their
> own server? Unless you have a single central server, how do you know which
> server corresponds to which user?

I'm certainly not going to argue with this, it's the basic gist of my original
reply. :)

> Automating web of trust could be interesting though. Imagine you get an
> email from a new user that you've never received any email from before.
> There is some new P2P network where if you have someone's public key, you
> ask that user whether they know the new user's public key, and they send
> back a signed response (either "this is the key I have" or "I don't have a
> key", signed either way with the known user's public key). Then if all your
> friends who have the new user's key agree on what it is, it's probably
> right. If nobody has it, you get encouraged to verify it manually (i.e. in
> person). And if they don't all agree you get the nasty warnings about
> something fishy going on.

Exactly. This is similar to what I was envisioning when I was talking about
confidence levels. Having different levels such as "I have personally verified
(signed)" and "I know of and reasonably trust this key based on people I
trust" and making that public in some manner would allow a slew of interesting
techniques to verifying public keys to different assurance levels.

Come to think or it, it sounds like what we need is for a social network to
adopt this. Google+ with it's real name requirements might make a good fit,
but maybe real name isn't what we care about, maybe we just care about email.
Alternatively, some alterations to diaspora might work out well (I know little
about it other than it's a roll your own social network that I think can work
as a node of a larger network).

> That seems like a low-effectiveness method of sending spam, given that the
> public key is uniquely identifying and tied to a sender address, so once the
> spam filter realizes everyone is marking all those messages as spam it can
> just blacklist everything sent using that key. Also, how is it different
> from existing PGP other than that more people would be using it? If you've
> infected a machine with a virus you can do whatever you want to it. You
> could just write the spam directly to the user's inbox, or send it out from
> their own address and sign it with their actual key. Compromised machine =
> you're screwed.

I'm imagining a virus that generates one on the infected system for the
address the mail client is configured for. That could be a LOT of new keys.

The problem is the thousands or millions of bogus keys that start being sent
from addresses that previously didn't have ANY key associated with them (or
did, but not through that machine), clog the web of trust if they make it on
there. If they are automatically added to mail client/PGP systems on the
recipients end, that's a lot of bogus keys in users mail clients (even if it's
just the 10% that arrive before spam filters react). If clients end up syncing
their known keys to some central repo at some point, that's a LOT of bad data.
I can imagine a case where someone generates a legitimate key and gets it
personally signed by a few people, only to find that it's verified by hundreds
of people on some public servers.

As for low-effectiveness, if it evades more filters by just a few percent, at
the scales spam is sent that's a BIG deal.

> This isn't even necessary for a virus. The problem with viruses is that they
> can stay resident until you type your password and then it doesn't matter
> how hard the password was.

True. I imagine the really fast spreading and pervasive virus's need to be
quicker than that though, but I have nothing other than a hunch to base that
on.

------
diminoten
There is a certain logic to what they're saying, after all. You shared this
information with Facebook or Twitter or Google. It's no longer in your private
possession, because of that sharing, so if those companies feel like giving
your messages to the DOJ, it's not really a "violation" of your 4th amendment
rights, because you gave those up when you gave your "private" communications
to those companies.

I'm not saying anything about how good or bad that is for American society,
but I can absolutely see an interpretation of the 4th amendment where
information you share with a third party doesn't get protected as if it were
private. There may be other laws that protect your emails and tweets and
whatnot, but the 4th amendment specifically may not be the best place to look
for that protection.

~~~
pyre
The postal service, UPS, DHL, FedEx, the phone company, etc. These are all 3rd
party services that people use to send private things. People have an
expectation of privacy when they send a message to someone via (e.g.) Facebook
Chat. Some might argue that it's an _unreasonable_ expectation of privacy if
you understand the technology behind it, but _I_ would argue that the majority
of the population doesn't understand the way the technology works (which would
imply that the majority of the population expects that the communications will
remain private).

~~~
mpyne
The postal service is the _only_ one of those mail carrier which you have
listed that actually have legal standing for that privacy expectation though.

Regarding phones, those also have specific laws attempting to protect wireless
(cellular) communications from eavesdropping (with the exception of legal
wiretaps, which cellular providers are required to be able to support).

Likewise for pagers, those have specific laws making it illegal to intercept
the communications sent to pagers.

For normal phones, a specific law had to be passed to require warrants for
interception of communication (the "Wiretap Statute" from 1968, later extended
by the Electronic Communications Privacy Act of 1986).

So the point to all of this is that those privacy "rights" that you talk about
are not 4th Amendment rights at all, they are protections granted by specific
legal action on the part of Congress. Had that legal action _not_ been taken
then you'd be right back in this same "interesting 4th Amendment question"
that we're talking about for this.

The bottom line is that if you're willing to give info to a 3rd party
unencrypted you need to assume the government can be given access to the same
information unless there are specific laws forbidding it.

~~~
axus
The anti-wiretapping laws are needed to prevent non-government entities from
violating our security. The Fourth Amendment already clarifies that government
must not violate the security of ourselves and our communications (papers),
without a warrant naming the person being searched, and what is being sought.

~~~
mpyne
Yes, but before those anti-wiretapping laws the phone company could
theoretically do ad-hoc wiretapping of their own and voluntarily divulge that
to the government. The only limit would have been that the phone company
couldn't have wiretapped at the direct behest of the government since the
Supreme Court had already ruled that the 4th Amendment applied [to the
government] where the person had a reasonable expectation of privacy.

The statute fixed that privacy issue and then put requirements on when
wiretaps _could_ be used by the government. Before this law and the Supreme
Court decision the government was very... lax regarding warrants for wiretaps.

[http://www.it.ojp.gov/default.aspx?area=privacy&page=128...](http://www.it.ojp.gov/default.aspx?area=privacy&page=1284)

------
dmix
Self-defence (encryption) is the only real protection from government snooping
on communications.

You can't rely on policy. It moves too slowly and there are always loopholes.

It's a shame there's no mainstream or accessible solutions to encrypt email
while using services like gmail. Although they exist for IM.

~~~
declan
Yep. SSL is now viewed as a good best practice for data in transit, to the
point that Apple was criticized for not enabling it for the App Store
(<http://news.cnet.com/8301-13579_3-57573334-37/>).

But the real issue, as you indicate, is stored data. Full Gmail encryption
would presumably be done in conjunction with the client via the browser.
Because the server wouldn't have access to the plaintext, search becomes
tricky and contextual ads problematic. One solution would be for Google to
make fully encrypted Gmail a paid service.

~~~
duaneb
Google would never add encryption to gmail. As a business decision it's pretty
atrocious.

~~~
jonknee
Why not? They already have a popular paid version that doesn't have any
advertising. It seems like encryption would be a pretty compelling add-on to
lure over businesses that are nervous about their data in the cloud.

~~~
pyre
Search is another one of their features. How would search work if all of the
data was encrypted? Pushing search to the client doesn't make sense. Only
encrypting emails in transit doesn't make sense because that doesn't get
around this issue of the government forcing them to turn over information
without a warrant.

------
leeoniya
let's say, hypothetically of course, that a colleague sent me a password to a
server via email (gmail), so that password is then retrievable without a
warrant from my email account because it was "shared" with the transmission
medium? such a broad interpretation would apply to any and all communications
where anyone delivers something on your behalf...so literally everything if
fair game, i dont see a reason to specifically exclude USPS in such a case.

that's pretty scary.

~~~
sukuriant
Or, you mean things like all those websites that send you new passwords in
plaintext because their security isn't what it should be?

~~~
leeoniya
my personal favorites are the ones that send me my _current_ password in
plaintext as a form of "recovery"

------
eyeareque
Now more than ever we need an easy to use PGP solution for the masses.

------
codex
The DoJ doesn't need warrants to produce email and chat evidence in a lawsuit
just like they don't need a warrant to produce other kinds of physical
evidence from third parties. A subpoena will suffice and always has. People
seem to be unaware of how critical subpoenas are to due process, and how long
they've been used.

See: <http://en.wikipedia.org/wiki/Stored_Communications_Act>

------
alan_cx
Fair enough. We cant stop it. Its done. It always was. Might as well stop the
"chock and horror" thing, and just accept it. In the US, both political
parties love being able to spy on us, and in the UK we see the exact same
thing. No main stream politicians or law enforcement will ever, ever give it
up.

So, have to ask, again, why the hell is any one wanting privacy from the
authorities, who we know don't have our best interests at heart, still using
electronic communications? It never was, isn't and never will be secure from
them. If nothing else, almost every "terrorist" trial features some electronic
communications evidence. Doesn't that tell us enough?

Look, just ask your self why organisations like MI6 still use old skool drop
boxes in Moscow.

Tor? Its got government finger prints all over it. I trust it as far as I can
throw it.

------
markbao
I'm confused as to why the DOJ is arguing over whether it needs a warrant or
not for emails and Facebook chats and that sort of thing. This is the DOJ that
we're talking about, and surely, even if a warrant is required for email, they
would be able to _get_ that warrant regardless.

A warrant is simply a permission by a judge to obtain or enter certain private
property, right? Wouldn't the DOJ be able to find a judge that will grant a
warrant? I don't know anything about judicial law, so I'm interested in
learning about how this all works.

~~~
DannyBee
It's about bureaucracy in a lot of cases. It may require senior agent signoff
for the warrant, etc.

------
ck2
We're back to administrations saying "stop us if you can".

------
Fuxy
A hacker could do some real damage with a little fake paperwork. Can't wait
for it to happen and believe me it will happen eventually. The hub of
information is the police and if they hand it around without any concern why
not mine them? The backlash may be a bit too much to handle though if he gets
caught.

------
mehrzad
Is IRC safe? I have a channel as my main form of communication with friends.
Some people do local logging but I know who everyone is. Ironically I plan to
use IRCcloud or IRCanywhere. Self hosting of online tools should be made much
easier. I plan to self-host email but it seems like a pain.

~~~
setrofim_
> _IRC safe?_

Definitely not. It has always been a public communications channel. I don't
think anyone ever had any privacy expectations regarding IRC.

~~~
jcrites
> Is IRC safe?

I am pretty sure it's not. One day there was a news story on Drudge Report:
[http://www.drudgereportarchives.com/data/2005/05/10/20050510...](http://www.drudgereportarchives.com/data/2005/05/10/20050510_030800.htm)
("feds investigate huge computer attack; worldwide hunt for 'stakkato'")

As a joke, my roommate at university logged into a IRC channel with the
nickname and said:

    
    
      [01:59.16] * Stakkato (tricky_t@128.42.86.9) has joined #C++
      [01:59.17] * ChanServ sets mode: +o Stakkato
      [01:59.21] <Stakkato> look i made drudgereport headlines!
      [01:59.26] <Stakkato> http://www.drudgereport.com
      [02:01.09] * Stakkato (tricky_t@128.42.86.9) Quit (Quit: )
    

It was #C++ on DALnet, a small channel of mostly regular members, in 2005.
Fast forward a while -- I don't recall how long, maybe a few weeks or months
-- and my friend is contacted by the FBI. A member of FBI Houston Cyber Task
Force (Houston being our city of residence at the time). The investigator
began asking very vague, obscure questions. Eventually my friend and I piece
together the subject of the FBI's line of inquiry: that specific IRC
conversation. My roommate was completely up front with them about the IRC
joke, and that was the end of it. I still have copies of the email
conversations from @ic.fbi.gov, where some correspondence took place.

I suppose there is a chance that an informant reported the joke to the FBI,
but due to the specifics of the situation, I think it is likely that the text
conversation above was caught in a a general FBI dragnet of some kind (IRC
server, ISP, etc.) and logged for eventual investigation. It did not seem to
be a serious line of investigation by the FBI - more of a "follow all leads"
situation. Someone had run a 'grep' for 'stakkato' and my friend's IP address
showed up.

That was the day when it became clear to me that everything in plaintext
transiting the Internet is probably available to the FBI. At the time it was
shocking; even though the conversation happened over a public network, it was
surprising to me that the conversation was actually logged and later found. I
hesitate to share this story, but I hope it illustrates in harsh relief the
probable capabilities of incentivized investigators. Keep in mind this was
2005 - investigative capabilities have surely grown since then.

------
CurtMonash
If you encrypt your email, you'll just raise "bad guy" flags at the traffic
analysis level, even before content itself is checked.

Of the top of my head, I can't think of a lever to get enough people
encrypting at once so as to overcome that disadvantage.

------
hippich
use torchat. i was surprised how easy it is to use. and actually it have best
IM user interface I've seen so far - contacts list, chat window on double
click and send/receive file. That's it - nothing else.

on cons side - it take a while to connect to tor network, but once started it
is quite fast.

i am not saying government should be allowed violate our rights, but it is
much easier to assume that anything gtalk/facebook/gmail/etc is with in reach
of government and do yourself a favor - use p2p encryption

------
edoceo
Sites like <http://flammo.com/> can send private messages which the DOJ cannot
see uses end-to-end asymmetric encryption

------
umsm
We need to come up with a way to communicate using these 3rd party services
securely, without actually allowing them to store the information in
plaintext...

------
anExcitedBeast
Don't trust policy. If you aren't good willing to handle encryption yourself,
find a medium that will responsibly handle it for you (i.e. lavabit.com)

------
GigabyteCoin
All the more reason to support projects like BitMessage:
<http://reddit.com/r/bitmessage>

~~~
ancarda
I'd use and support BitMessage but I can't figure out how to get it to run on
OS X.

------
g8oz
Reduce your attack surface by not leaving years and years of emails on your
IMAP server. I know its convenient, but there is a privacy tradeoff.

------
Qantourisc
This is one of the reason I don't have Facebook. Weird how foreign rules can
affect your privacy outside Europe.

------
a3n
"Warrants? We don' got no warrants. We don' need no steenkeen warrants!"

