The problem now is that there is JUST SO MUCH metadata that it is losing that distinction. If someone calls a known pot dealer once a week, then it doesn't matter whether you hear the call or not, you can still infer that the caller picks up every week.
A DOJ lawyer once said to me that "when survellience is ubiquitous, the role of law enforcement becomes the role of a prison warden, where everyone is an infraction waiting to happen."
Advancement in the social code is only possible because people can get away with violating it.
There is another good point as we move towards more perfect surveillance and enforcement of laws; so many of our laws are designed with the idea that you will only catch x% of infractions. If we knew we would catch 100% of the violators when we created these laws, we might have chose different thresholds and punishments.
For example, take speeding - if we knew that we would catch 100% of people driving faster than the speed limit, we might set a higher speed limit and a lower penalty. We set the current penalty based on the idea that it needs to be high enough to offset all the times that we speed and don't get caught. For example, if we get caught 1% of the time we speed, then we can expect a $500 fine for speeding to cost us about 5 dollars per time we speed. If we are caught 100% of the time, that jumps to $500 per time we speed.
Also, the speed limit is lower because we can't enforce it perfectly - we need a little bit of a buffer, so that a cop can be sure the person is speeding before issuing a ticket. This means speeds are lower than they should be with perfect enforcement.
We really need an overhaul of our laws if we are going to allow automated and perfect enforcement.
In fact, one of the reason I dislike anti-discrimination laws are because enforcement using things like statistical analysis was really only designed for unskilled labor and the like.
I don't think the court would have a problem with the police discovering you buy weed because you call a weed dealer every week.
But this URL isn't just telling them who you are "calling" / httping with, but what exactly it was about.
I think the internet equivalent to phone number is the IP address.
The only reason its not a bigger issue right now isn't because "nobody cares, privacy is dead!". It's because people for the most part do not understand the mechanism.
Explain exactly how ads track you to common people, just how many do you suppose will approve and be comfortable with the arrangement?
The entire industry is built on sand.
"In their ruling, the panel of three appellate judges found that Google and its co-defendants hadn’t violated the Wiretap Act because they were a “party” to the communications rather than a third-party eavesdropper—"
This is consistent with the ruling, but buries the part that is important for most folks:
http://www2.ca3.uscourts.gov/opinarch/134300p.pdf (page 35).
Because they were the intended party of the communication, they will never be liable under the wiretap act. Ever.
So yeah, if some third party you aren't communicating with grabs your cookies (cough cough), that may be an issue.
So it's rather unclear if they're saying that if you go to eg: plus.google.com, google is party to the communication, or if they're saying that if you go to example.com, and example.com has installed google's analytics tracking, then google is also "party to the communication"?
The latter might make sense from the perspective that any party to an organization could invite any other party to secretly record it? (Eg: You might be on the phone with a person, and without telling that person, invite your lawyer to listen in on the call. As the person you're talking to doesn't have any expectation of privacy from you AFAIK that'd be legal (in many jurisdictions, anyway)).
So, it would seem that tracking someone visiting example.com via cookies at a third-party site, might be legal wrt. wire-tapping, but may violate requirements to alert the user of tracking/cookie use?
The website author apparently intended for facebook to visit, but I was not privy to that information. That's like me attending a meetup. I wanted to go to the meetup, but if my ex was there, and I knew that ahead of time, I wouldn't have gone. Now my ex has information about me I didn't intend for said ex to have.
I'm not sure if I've convinced myself that the 'like' button is legal or illegal now.