Hacker News new | comments | show | ask | jobs | submit login
House Votes to Renew Surveillance Law, Rejecting New Privacy Limits (nytimes.com)
312 points by aaronbrethorst 12 days ago | hide | past | web | favorite | 172 comments

As Wyden[1] points out, Congress has nearly no information on what impact the FISA program has. How many Americans are targeted already? The military refuses to answer Congress. How many emails & other collections are swept up? The military refuses to answer to Congress.

This bill explicitly allows it's use directly against Americans and declares which circumstances the FBI & other agencies need to use warrants and where these agencies will now be permitted warrantless access to FISA collections.

"Abouts" collection has a direct means to being permitted again. Ever use the word Benghazi in an email? Ok, all your communication might be wiretapped from now on. If the FBI ever wants to investigate you for something non terrorism related, something totally unrelated to Benghazi? No problem. Maybe- in some cases- they MIGHT need a warrant.

Just Security had a great writeup[2]. This bill is a travesty, especially given that Congress has again and again asked for some information to inform them about how FISA is being used already, and the military has stonewalled and stonewalled and stonewalled. That congress would radically expand these powers, let them now directly target Americans, and would allow the FBI & others access to this program, after being continually rebuffed, AND would make this program unable to be challenged in court- it's the pinnacle of madness. It's complete dereliction of duty by congress, and one of the saddest moments of cowardice in the US Governments history that we'd stoop so low.

[1] https://www.thecipherbrief.com/column_article/dont-pass-surv...

[2] https://www.justsecurity.org/50801/house-intelligence-commit...

> The military refuses to answer Congress.

Pedantically the NSA, FBI and CIA are not 'military'

The DIA, NRO and NIMA are.

That's not quite right, the NSA is a DoD agency and the highest ranking civilian in it is the Deputy Director. The Director of the NSA is a military officer also in charge of USCYBERCOM.

The FBI and the CIA are indeed civilian agencies (though the CIA has some caveats there).

It might be semantics but NSA being a national defence organization, under the same parent umbrella which forks to Army/Navy/Airforce/Marines, I believe it's fair to lump them in with the 'military':


The NSA play(ed) a very large role in modern military deployments overseas, especially in the middle east and africa with their targeting systems.

The best counterpoint is the bill Obama passed before leaving office, expanding the data sharing between agencies and the more general significant expansion of scope of the NSAs activities in recent years to involve plenty of domestic and civilian issues (beyond politics) including supporting the efforts on the War on Drugs, DHS, and FBI activities.

Correct on the FBI and CIA; NSA, though is a DoD agency headed by a general and conjoined at the head with both the military Cyber Command and the military Central Security Service.

Continuing the pedantry, DirNSA is currently an admiral (Rogers, specifically).

> Congress has nearly no information on what impact the FISA program has

Apparently it has the impact that a big majority of congress will never vote against it. I wonder why that is?

Voting against it now would look a little like admitting it shouldn't have been voted for in the first place.


> The military refuses to answer Congress

My understanding is that properly cleared representatives and their staff can absolutely get information on what they need and speak candidly about all the sensitive details in a SCIF.

This recurring narrative that intelligence agencies are holding back is not good, because it makes it seem like representatives are being misled and are tricked into voting for these authorities, deflecting accountability, which is far more convenient than the truth of them being well-informed and still choosing to support it.

If a senior Senator from the Select Committee on Intelligence says he has been unable to get even preliminary, basic information on the impact of this program from the military, I for one believe him.

The recurring narrative sounds completely correct & shocking & egregious. It sounds like the military is operating completely out of control, with no oversight, because the Senators in charge of oversight say they can't get even basic preliminary information.

Your statement seems dangerous and misleading @willstrafach. If the Senate Select Committee on Intelligence gets nothing, not even basics, something is deeply awry. Who are the cleared representatives? Who has gone and asked serious questions? What does Wyden, who cares deeply, need to do to get whatever clearances you wishfully suggest as magic remedy here? This is fradulent bad misdirection @willstrafachs. It's all suggestion, with not a shred of backing to it.

It's an unacceptably bad and insubstantial reply to one of the most serious, can-kicked-down-the-road the longest issues, a terrible spectre still haunting us from Bush II years. This issue seems never to have been at all handled at all properly, since it's inception, and things are still fast & loose, the basic measures of oversight & responsibility seem deeply obstructed. That's a threat to Democracy, and it constantly throws into peril American trustworthiness under essential programs like EU Privacy Shield.

The purpose of the SSCI and HPSCI is intelligence oversight, so if there was "no oversight" it would be a much bigger deal. You are assuming that as the default, which is equally as dangerous and misleading without substantiation. It is a huge accusation.

I can understand that you don't like ambiguity in my reply, that is fully understandable, but it is not very reasonable to discard it wholesale. I am happy to elaborate.

First, "preliminary, basic information on the impact of this program" is your interpretation, and is a generalization. There are very specific and valid questions Wyden has. Not only that, but he might know the answers to some, as you can see that some in the linked source are "The public doesn't know" whereas others are "No one knows" the answer. For the record, I do agree that the public (beyond cleared reps) should have a whole lot more information to review on these matters for the sake of transparency, but that is not relevant to this current claim of cleared representatives allegedly not getting information.

Now the precise issues at hand:

> Who can be targeted by 702 spying?

> A: The public doesn’t know. If you listen to intelligence agency leaders, you would think only foreign terrorists could be targeted for spying under Section 702. But when Sen. Mike Lee, R-Utah, and I asked Director of National Intelligence Dan Coats what broad categories of people could be targeted by this program, he refused to answer the question publicly.

The Snowden leaks additionally showed that beyond counter-terrorism, 702 is used for counter-proliferation, counter-intelligence and tracing cyber attacks as well. Additionally, due to the nature of how every intel agency in every country in the world operates, one can reasonably assume it is probably also used to assess the intentions of foreign government/military leaders, as that is a very basic reason for nation-state level spying.

His use of "the public" implies there is a classified answer given in closed session, in the same manner I described in my previous comment. I agree with him, there is probably little reason to keep this list classified. I am also personally curious if it has changed since the Snowden leaks (Worth noting, if it didn't, the leaks did not de-classify this list so answer would still be "classified" thus the uncertainty).

> How many emails and other communications from Americans are collected by the government under Section 702?

> A: No one knows, because the government refuses to count.

I think it would be great to have the answer to this one as well, but I cannot think of any non-invasive manner this could be achieved technically.

I will use X-Keyscore an example here. According to the Snowden leaks, X-Keyscore is a unified search interface for a 5 day rolling content buffer (30 days for metadata) containing traffic from different points of accesses around the world (Whether it be a dish pointed at a satellite used as a data link used for embassy comms, "CNE"/hacked router in a middle eastern ISP, a tapped cable connecting traffic between countries, or otherwise). Lots of traffic is going to be "collected" and is subsequently purged. Based on my understanding of how traditional firewalls work, I don't see how any sort of deep packet inspection could be used on the subnets/IPs "selected" for collection without maintaining a large internal buffer or choking on all the intake, so that is likely why there is no decision logic at this point and thus there will be incidental collection of US Person Information if you are communicating via e-mail with someone in a target country, for example.

The fix for this now is prohibition of queries on US Person selectors. This is not hard to impose for US IP addresses and US phone numbers. However, e-mails are murkier, as the originator's location is not going to be clear based on the e-mail address alone. In order to try to identify a communicant, they would need to read the message content in order to try making a determination on this.

I am aware that, again according to the Snowden leaks, this can happen when pursuing legit targets, requiring US identities to be "masked" when found and I believe all such incidents are reported. However, I am personally far less comfortable with the idea of that determination being done at scale in order to get a proper count of US Person communications which have been collected on. Right now, the majority of incidentally collected communications will be discarded. If the IC was required to produce this count though, it means each communication would actually need to be analyzed to make the USPI determination, thereby ensuring US Person communications would actually be read. Again, to me, this seems far more invasive.

I don't see a better way to solve this issue. I am looking forward to your feedback on this aspect, because perhaps there is a non-invasive way to determine which comms are US/non-US that I have not thought about.

Based on the above logic, I think it would be better for him to push the IC to publicly release counts of incidentally collected US Person communications which have actually been viewed, because (again to my understanding - based on Snowden leaks), the USP determination has to be made anyway when analyzing traffic as they wade through to write their reports and such. So such counts must informally exist in some manner due to the need to make this foregin-ness determination, there should be no technical or personnel issues in producing an answer to this question, nor should there be classification issues due to the fact that it is just a number.

> How many times does the government search for Americans’ communications without warrants?

> A: No one knows, because only some government agencies count. The National Security Agency and the CIA both conduct warrantless backdoor searches of communications collected under Section 702. There are thousands of such searches for the content of communications and tens of thousands for communications records. But the FBI searches Americans’ information so frequently, it does not bother to count.

Not keeping a count is a logical answer for the question, and is different from a refusal to answer.

That said, at least in my view, the count is not relevant. It does not make sense for a domestic law enforcement agency such as the FBI to have any sort of access to American data without a warrant, full-stop. Even if the specific details of their access to 702 data made it technically in compliance with the law, the optics of the blurred foreign/domestic separation are very problematic.

> Can the government use Section 702 to collect communications it knows are entirely domestic?

> A: The public doesn’t know the answer to this fundamental question. When I asked the DNI at a hearing, he first replied no, which was reassuring. Later, he said he was answering a different question. Then he said it was classified.

I'm glad he gave Wyden a classified answer to this, and I would very much be interested in that answer being declassified. However, again, the point in question was keeping cleared representatives in the dark (The non-cleared public being kept in the dark is a very different discussion, one which I assume we would probably both be more agreeable).

One more thing to address:

> If the Senate Select Committee on Intelligence gets nothing

What do you think they discuss, then, if the allegation is that no information is given to them? As shown with the above "public" versus "no one" phrasing, is it your belief that Wyden was lying about receiving classified answers of which he would like the public to know?

As if that matters...time for a new "law", big brother is inevitable, just a matter of time and a matter of justification

I see it as the Intelligence-Industrial complex flipside to the “Information wants to be free” adage: “FULL OUTER JOIN allTheThings AS you”.

Please don't post unsubstantive comments here.

55 House Democrats, including Pelosi, voted against the USA Rights Act amendment that would have substantially limited the surveillance against US citizens. 65 House Democrats ultimately voted in favor of this bill and giving the Trump admin more unchecked surveillance powers.

https://twitter.com/gzornick/status/951501089047764992 http://clerk.house.gov/evs/2018/roll016.xml

From what I've seen, Pelosi pretty consistently votes for expansion of state surveillance and other aspects of the security apparatus. So this vote is entirely in line with her general voting record...

Pelosi and Feinstein are the worst when it comes to privacy law.

Which is something I find interesting since they are both Democrats from San Francisco - Pelosi(represents S.F, the 12th district) and Feinstein represents California but is born and bread S.F. and served as its' Mayor for a bit.

Personally I think both of them have been in office too long, what was progressive when they first took office is probably different from what it is now and the last town halls for both Feinstein and Pelosi were striking for how ossified and tone deaf they sounded.

I completely agree. They are career politicians and both completely out touch. There are 79 members of the US Congress who have been there for at least 20 years[1]

And if they weren't enough, the age average of them is fairly close to retirement age:

"The average age of Members of the House at the beginning of the 114th Congress was 57.0 years; of Senators, 61.0 years."[2]

[1] https://www.zerohedge.com/news/2015-05-18/79-members-congres...

[2] https://fas.org/sgp/crs/misc/R43869.pdf

Feinstein was not a liberal (or a particularly) mayor. She profited handsomely from the assassinations of Milk and Moscone though. Then again, San Francisco is not a particularly liberal place even by Bay Area standards.

I think she was always seen as centrist. I agree the Milk/Moscone tragedy helped her career but she was also elected Mayor after that in 80's. And S.F in the 1980s was very much a liberal place.

> And S.F in the 1980s was very much a liberal place.

Ehhh. Richmond and Oakland, yes. Berkeley? No. San Francisco? No.

But they are all big-government statists and they all walk the same way when it comes to invading citizens' privacy. It was a bad law from the start, it will always be a bad law, and it tells you everything you need to know about our current government that they keep renewing this bad law.

And no, it's not a question of "if you have nothing to hide.." it's simple, basic reality--you are not free in any sense of the word if you have East-German type surveillance up your ass 24/7.

Every time this comes up, I'm again surprised how many people expect that Democrats will somehow have better policy for privacy.

Folks, it ain't so. The Democrats won't protect us in this regard any more than the Republicans will.

The parent comment literally shows that Democrats protect us for privacy more than Republicans do.

125 Democrats voted to add privacy protections, 55 did not.

By Contrast

58 Republicans voted to add privacy protections, 178 did not.

By definition, that means Democrats were better about privacy protections.

Stop peddling this both-parties-are-the-same nonsense. Its amazing this can even be said with a straight face during the Trump administration.

The last President was a Democrat and he sure didn't care about American's Privacy even though he used it on his campaign trail to get elected... Please don't act like _only_ Republicans do this...

From my comment down thread

>Unfortunately Obama almost quadrupled funding to these agencies[1]. Throughout his administration he allowed the Alphabet boys to try and steal more american's data without warrants (See FBI v Apple and the FBI attempting to get access to your browser history with out warrants)[2][3]. Obama even EXPANDED surveillance on his way out of office[4]. Obama also said he was pro whistle blowers we all know what happened to Chelsea.

[1] https://www.wsj.com/articles/surveillance-in-the-obama-era-1... [2] https://www.cnbc.com/2016/03/29/apple-vs-fbi-all-you-need-to... [3] https://www.washingtonpost.com/world/national-security/fbi-w... [4] https://www.eff.org/deeplinks/2017/01/obama-expands-surveill...

>Please don't act like _only_ Republicans do this...

Parent didn't say _only_ Republicans do this. Parent said Republicans do it more. They backed it up with proof (Congress voting record).

The FBI did not need a warrant to search that phone. The owner (the shooter's employer) gave them permission.

Obama didn't expand surveillance on his way out (several surveillance programs stopped under his watch, including both email and phone metadata collection). You're confusing an authorization to share information, which allowed a more thorough investigation into Russian meddling, with authorization to collect new data.

Your first link doesn't support your claim that Obama quadrupled funding because that didn't happen. https://fas.org/irp/budget/

And we all know that Obama released Manning over the objections of our current President.

You're confusing an excuse with a reason.

    Obama also said he was pro whistle blowers
    we all know what happened to Chelsea.
Obama commuted her sentence.


Do you remember how she was treated during her 7 year stay in prison?

I am sure it will be easy for her to explain "Violating the Espionage Act, stealing government property, violation of the Computer Fraud and Abuse Act, multiple counts of disobeying orders" on her job application.


There is a nuance here.

The Dems are better. They are better than republicans on this, but they certainly aren't good enough. That is the unfortunate part. But if you definitely want a better chance for civil liberties, voting for R's will hurt you worse than if you vote for D's, significantly so.

But if you definitely want a better chance for civil liberties, voting for R's will hurt you worse than if you vote for D's

I suppose that depends which civil liberties are more important to you. You'll find that Democrats are pretty awful if you value your right to self-defense, or if you don't think the government should be able to use eminent domain to take your property and give it to a wealthy supporter.

Some of the details may be different, but they're both different sides of the same coin. I don't see that one side is significantly better than the other overall.

Chelsea Manning seems to agree that the Democrats are better, too. Otherwise, I don't think she'd be running for Senate as one: https://talkingpointsmemo.com/news/chelsea-manning-files-us-...

I think you're missing the bigger picture. I think that for most of these politicians, it's really not about the issue itself (privacy in this case). It's about gaining power for your own party and removing power from the opposing party. Of course the Democrats are likely to vote against a bill that gives a Republican administration more power. And of course the Republicans are likely to vote for a bill that gives a Republican administration more power. That's what I see happening here.

Democrats had plenty of opportunity to strengthen privacy laws during the previous administration, but they didn't. Instead they strengthened the surveillance powers of the government. Now that a Republican controls the executive branch and all of these agencies, they want those powers weakened.

The US is experiencing the terrible pitfalls of a two-party system, just as the founding fathers warned. Instead of making progress, the parties mostly just fight each other, at our expense.

This is really true. How many times have you seen a party vote against an issue, only to turn around and vote for it it's their own party leadership leading the charge?

Oh please. Nitpick much? The party line in both parties was anti-privacy. Yes, there are more good apples in the bunch on the left side of the fence. The GP’s point still stands. Your reply comes across as very defensive and in denial. While technically correct, it is absolutely dishonest to try and portray the Democratic Party as a whole as actually giving a damn about this issue.

Both parties are the same in that in neither case should "party" be taken as sufficient evidence of someone being worthy of office. It would improve the quality of your votes if you ignored party entirely and forced yourself to find out what your representatives actually believed.

It doesn't matter what they believe. What matters is the power structure and incentives/disincentives to which they are subject once they have the job.

Regardless of what they believe, a politician's first priority is reelection, and it is partisan campaign committees that hold the reigns to the resources required for that. Even if you are independently wealthy and can finance your own campaign, you can't accomplish anything in office if you get ostracized by everyone who doesn't have that luxury.

Cooperate with the cartel leadership, or you'll be denied funding, voter data, and committee seats.

Doesn't matter. US political system only has 2 parties.

If you don't like blacks, browns and gays but DO like privacy were do you go? Exactly. There is no alternative to the Republicans.

If the US had 15 parties in Congress the game would be a LOT more interesting. Half of America has no choice to support Trump because the alternative is literally Satan.

So here we are: the endless stalemate.

> US political system only has 2 parties.

More accurately, the US electoral system supports only two competitive parties at a time; the US political system has several dozen political parties.

Neither the Democratic party nor the Republican party are monolithic. This is an issue where party affiliation isn't as predictive of behavior as some others, but there clearly are a lot of politicians who have strong opinions about surveillance. Just because those differences don't exactly fall along party lines doesn't mean that Democrats and Republicans are all the same.

I don't have much faith in the Democratic party as an institution to protect privacy, but many Democrats are trying to do so.

Sure democrats are not perfect on this, but they are still as good/slightly better than republicans which are a shitshow on more or less every issue.

One of the reasons democrats feel able to be horrible here is that there is just no alternative.

Not sure why this is downvoted.

What was the post-Obama efforts to dismantle the wire tapping program that Bush had put in place w/ the perceived powers of the executive? That's a serious question, since I don't really know history behind it.

There was no effort to dismantle the wiretapping...

* Bush implemented surveillance of citizens in response to 9/11

* Obama continued to support this program after it was revealed by Edward Snowden

* Now there's Trump

Personally, this was one of my biggest disappointments from the Obama administration. Before he became president, he was critical of the Patriot Act and seemed legitimately concerned[0]. After election he signed a four year renewal[1].

[0]: http://obamaspeeches.com/041-The-PATRIOT-Act-Obama-Speech.ht...

[1] https://en.wikipedia.org/wiki/Barack_Obama_on_mass_surveilla...

This has to be my number one gripe with Obama. I was so for him repealing the Bush Era Surveillance. I wanted more checks and balances. I wanted the secret courts to be dismantled.

Unfortunately Obama almost quadrupled funding to these agencies[1]. Throughout his administration he allowed the Alphabet boys to try and steal more american's data without warrants (See FBI v Apple and the FBI attempting to get access to your browser history with out warrants)[2][3]. Obama even EXPANDED surevellience on his way out of office[4]. Obama also said he was pro whistle blowers we all know what happened to Chelsea.

Let's not even get into the fact that he dropped a bomb on average every 20 minutes of his presidency. The is just 2016[5]

[1] https://www.wsj.com/articles/surveillance-in-the-obama-era-1... [2] https://www.cnbc.com/2016/03/29/apple-vs-fbi-all-you-need-to... [3] https://www.washingtonpost.com/world/national-security/fbi-w... [4] https://www.eff.org/deeplinks/2017/01/obama-expands-surveill... [5] http://www.independent.co.uk/news/world/americas/us-presiden...

For better or worse, I can imagine that once you become POTUS and see all of the information it becomes very hard to stand by your privacy principles. This is by no means giving a pass to anyone, and I'd like to think I'd pick privacy every day of the week, but I'm also human. If I was POTUS I may end up doing everything in my power to avoid another attack on the US, no matter how unlikely.

Something to ponder.

I think the other part is that after lightening surveillance any terrorist attack that gets through will be used as a political cudgel no matter what to show that you were soft on terrorism. This felt kind of inevitable in the jingoistic atmosphere when the Patriot Act first passed.

Yeah. I'm so disappointed every time I watch this video of candidate Obama debating president Obama on government surveillance... https://www.youtube.com/watch?v=7BmdovYztH8

Your Twitter link shows my representative voted No and your house.gov link says my representative voted Yes. People may want to double check your work here.

Edit: your house.gov link is in fact wrong. This is the correct link. http://clerk.house.gov/evs/2018/roll014.xml

Edit: your house.gov link is in fact wrong. This is the correct link. http://clerk.house.gov/evs/2018/roll014.xml

My Twitter link shows Dems who voted against the USA Rights amendment, and my house.gov link is for the bill itself. It is possible (and in fact likely) that a rep who voted no on the amendment would support the bill without it.

Your house.gov link is for the amendment, so it should reflect the same votes as the image in the tweet.

The twitter link discusses no votes on the Amash amendment. Your house link is not the vote on the Amash amendment.

Maybe I worded my reply poorly, because that is exactly what I was trying to say. Let's try this again.

Dems who voted against the Amash/USA Rights amendment: https://twitter.com/gzornick/status/951501089047764992

All votes for the Amash/USA Rights amendment: http://clerk.house.gov/evs/2018/roll014.xml

All votes on S. 139, aka the main bill: http://clerk.house.gov/evs/2018/roll016.xml

Does anyone know if there is a place where representatives put their reasoning behind votes?

Not my representative, bu Justin Amash, an R from Michigan's 3rd District, posts the rationale for why he voted how he voted on most bills on Facebook.

To my knowledge, he's the only one that does it with any degree of regularity.

I don't agree with many of his other positions, but Congressman Amash deserves credit for consistently standing up to his party and fighting government surveillance.

You can contact them and ask. They're working for you, after all.

For the most part you'll just get a form letter with little to no information in it. It will also almost certainly be written by a staff member that has little to no experience with the policy matter in question.

Responding to a bunch of people individually doesn't scale, so that's not terribly unreasonable. Still, if you call, it does a couple of things 1) you do find out what they think about the issue 2) they know that their constituents care about the issue.

If there isn't one yet, there needs to be one. Our government needs to be made more transparent, and we deserve to know their train of thought for these incredible and large decisions.

If you somehow convince them to require it of themselves you'll just get page after page of disingenuous paffle.

And it'll be done by some intern. Same as when you write or call them now.

Is the clerk.house.gov link the right one? It has "BILL TITLE: Rapid DNA Act of 2017" on its header, doesn't sound like a surveillance law

I think so, it appears to be the primary bill that was discussed this morning: http://clerk.house.gov/floorsummary/floor.aspx?day=20180111&...

The Amash amendment was also to this bill.

Here is a pamphlet comparing S. 139 with the Amash/USA Rights Act Amendment: https://www.brennancenter.org/sites/default/files/ChartCompa...

That same document refers to S. 139 as the FISA Reauthorization Amendments Act.

More clarification from journalists who closely follow this topic: https://twitter.com/emptywheel/status/951541344274649089

As we are discussing elsewhere, this is the vote on the Amash amendment, which is what people here are talking about.


> Is the clerk.house.gov link the right one? It has "BILL TITLE: Rapid DNA Act of 2017" on its header, doesn't sound like a surveillance law?

First, it sounds like a genetic information surveillance law to me, but lots of laws have things other than their main focus (including reauths of other laws) tucked in.

Second, lots of laws have misleading titles; do “USA PATRIOT Act” and “USA FREEDOM Act” sound (other than knowing the actual content put under those titles included) like surveillance laws?

So, how do we know that it's the right one?

Also, it's quite conceivable that a government considers surveilance "patriotic" or necessary to defend "freedom", but I don't feel the same about "Rapid DNA".

This has been a can kicked for many a mile. First bush, then obama, and now trump. The undocumented and largely ignored effect of FISA is that it is quietly driving cryptography to unprecedented levels of adoption. OpenPGP is part of Yubikey now, granting the average user HSM level security for their encryption for less than $50. Google has increased their cipherstrength and offers several multifactor solutions as well as foreign agent attack warnings for journalists. GPG offers curve25519 in light of just the implication of poisoned NIST primes. Signal sidesteps bugged SMS in favour of a hardened PFS channel of OTR deniable communication in video, voice and text. Letsencrypt is working to blanket the world in affordable, quick, and easy crypto for any site desired. Finally, tor's many exploits have been patched, and the protocols weaknesses have given way to more secure tools like i2p.

The government is largely focusing on iPhone at this point, and why not. Apple is an easy target to beat on for the woes of late stage capitalism and unchecked foreign policy, however any modern consumer tech company worth their salt has seen the writing for quite some time. Encrypt, and make sure you're out of the loop entirely.

I take no solace in typical cryptography as it does nothing to hide most metadata. Who I talk to, when, how often (and the same for websites visited) is way more sensitive in the collective than the contents of any single one of those interactions.

Signal type apps hide both and are valuable, but without widespread adoption is meaningless to most people.

I'm not against any of the progress you cite, but so long as people can be targeted based on metadata they are at risk. Once targeted, it becomes child's play to bypass the encryption that most people employ, whether through social engineering or side channel attacks (beyond Spectre-type) or governmental requests/threats to cloud providers.

The thing that protects metadata is onion routing.

It's somewhat understandable why that isn't already used for everything. The latency impact is not small and it's unlikely the network could take the load if everyone actually started using it for everything.

But it's unfortunate it isn't being used more widely for messaging, where neither of those things are major problems.

Crypto does nothing to prevent rubber hose attacks. And as you note, it is very difficult to prevent traffic analysis, that being the only thing the government really needs to find what it's looking for anyways.

It wasn't kicked down the can for many years, because it wasn't known!

It was a quietly authorized program Bush signed off on & that the DoJ authorized & no one knew anything more about. Congress didn't know any more than we did about it until Wired began writing up the program in 2012, a full decade after it began, talking about the massive massive data warehouse in Utah that the NSA was building with details provided by William Binney.

And it wasn't until Snowden's 2013 leaks that the government really had to admit to what it was doing, had to fess up to the STELLAR WIND program, & that forced the creation of a more "regulated" system, supposedly protected by the as-we've-seen rubber-stamping FISA court.

The government has been unable to regulate or consider this program, because it's been concealed & shadowy for a long long time, and could well have remained that way.

Now Congress actually has some responsibility to the American people, and sadly, in spite of unbelievable stonewalling & unwillingness to disclose how many Americans, how many emails it sweeps up[1], in spite of terrifying provisions like "abouts" collection, Congress is somehow deciding that drastically expanding the program's scope & using it for non-terrorism purposes is OK. Congress is insane, completely derelict from duty.

I don't really disagree. Bush, Obama, and Trump are all kicking this can down the road. But for Congress too to be soo willing to kick this down the road is really a shock. And you're exactly right. When FBI Director Christopher Wray gets up and says- encryption is a problem- he's far far less credible & we have far less chance to meet him part way, when the government seems so happy giving itself such unlimited unaccountable spy powers. Math is the only defense we have against this catastrophic, out of control authoritarianism, and we're not very liable to abandon or dismantle that shelter, when the US government seems unwilling to develop even an iota of restraint.

I'd also point out the other tension: the US government is placing itself just as much at ends with Europe and the rest of the world as they are the technology world. The EU's Privacy Shield ongoingly takes issue with the US's seemingly ever growing 702 authorization to spy on everyone[2], and the question of revisiting the data-sharing arrangements that make much of it possible keeps coming up.

The US was running on borrowed time as it was. This radical expansion of powers in this new 702 bill are only heightening the silently growing crisis. Congress and the military seem entirely unwilling to strike any kind of balance, seem unwilling to get even basic facts on what the size, scale and impact of the program really are, while increasing it's scope and scale. This is an untennable position, and I thank you for doing a really good job highlighting a lot of the irresolvable tensions the US Government has created for itself with this unaccountable unquestionable seemingly unlimited program.

[1] https://www.thecipherbrief.com/column_article/dont-pass-surv...

[2] https://techcrunch.com/2017/10/18/eu-uses-privacy-shield-rev...

As a point of clarity, the FISA court was established by the Carter administration in 1978. Though it's popular to say it was a Bush invention.

Trump has not signed this yet. It's not even on his desk yet IIRC. And he's tweeted about, implying that he disapproves.

He also tweeted support.

he's a real genius, I'm sure he knows his mind, he claims to always be right

damn, if he were to veto it I might have to like the man.

was hoping Ryan and gang could have stuffed it but I guess its hard when bipartisan results is code for Washington vs the USA

This is bad news.

> “The Intelligence Committee’s bill disregards the Constitution and common sense by granting the government the authority to search Americans’ communications without first obtaining a warrant,” Schuman told The Intercept. “Not only does this turn the purpose of the foreign surveillance law on its head, transforming it into a domestic surveillance tool, but it places activists, minorities, and everyone else at the mercy of President Trump and Attorney General Sessions, who have made clear their disregard for legal constraints and democratic norms.”


I had a discussion with my mother regarding surveillance and privacy and how they relate to safety. I feel like she understands that surveillance when used in a nefarious manner can be detrimental to individual freedoms, but is pro surveillance regardless. This is because she believes that the benefits of keeping others safe outweighs the potential for misuse.

How can I help her understand why people fight for privacy?

When has an average American been severely and personally harmed from surveillance? If you can't answer that without caveats then you have no chance of convincing her in my opinion.

In other words, you have to prove that the harms of surveillance outweigh the nebulous sense of protection an average person already has regarding survillance.

It's trivial to come up with examples of how survillance is good for an average person in regular life - - see public camera catching criminals, dash cams, etc.

[cynic] The public camera catching a random criminal doens't really matter to me unless that criminal actually stole from me.[/cynic]

Fortunately we don't have to look to that. More than once the public road surveillance cameras have aided my decision to work from home. They have also helped me decided to take/not take an alternate route around bad traffic.

Those are real benefits to surveillance that help me. I understand your worries, and they are real. However there are also benefits that you cannot discard.


This is a big part of the difference between traffic cameras and unchecked surveillance of individuals.

How would we even know? Parallel construction, etc. The burden of proof should go the other way.

when they stomped down their own curiosity by refusing to search for more information on the internet because it'd get them on a list.

Requiring an average American is setting the bar a little too high. Ask almost any Jewish American and they're likely to have relatives who died in the Holocaust. How did the Nazis carry that out? They leveraged a large surveillance network and a central database built with census data. Was this personal harm from surveillance? I would argue yes.

Similarly, you could ask anyone who experienced life (or had a relative who did) in the Soviet Union or East Germany under the thumb of those overwhelming surveillance networks.

Finally, to prematurely head off an objection you might have: are these events (Nazi, Soviet, East Germany) outliers? Yes. Does that disqualify them? No. [0]

[0] http://slatestarcodex.com/2016/08/31/terrorists-vs-chairs-an...

Just phase it this way:

Imagine if the party in power used state surveillance to monitor their opponent and the people who support them. The whole infrastructure is turn-key authoritarian, there's literally nothing logistical stopping this, only a handshake agreement not to.

This should concern people regardless of their political affiliation or party loyalty.

No need to imagine, it literally happened this election cycle: http://www.cnn.com/2017/09/18/politics/paul-manafort-governm...

Whether the renewal to continue spying into early 2017 was (figuratively) warranted is debatable, but with the official reasoning largely classified, the public may never know.

Manafort had been under investigation since 2014. The Trump campaign hired him while he was being surveilled. That could happen from a plain old court issuing a surveillance subpoena. I think FISA should always require court approval. No blanket approvals like were going through phone companies. But court approval on an individual basis is how we've always done legal investigations.

The problem is that people don't want to give up power while they have it, even if it means their opponent gets it next, and even if there's no next-next because your opponent uses it to ensure you never take power again.

There's now substantial evidence that this is exactly what happened with the Obama administration and Trump's campaign. The former used an unverified dossier as an excuse to begin surveillance via FISA. So this isn't even a theoretical issue.

Before anyone grabs a pitchfork, focus on the issue at hand and not the current politics. Doesn't matter who's in the White House - friend or foe, would you want them to have this power?

Citation please, as far as I know there is zero evidence that this happened.

But for the bigger issue, yes it is a thing that needs to be controlled.

Concrete proof has not emerged. Right now it's at the "numerous senior sources say..." level of reporting. The full answer is now known by Congresspeople but it's classified [0]. We'll see if it gets leaked. It's not proven but I certainly wouldn't say zero evidence; reports at this "truth level" happen all the time, and are widely circulated and trusted.

Circumstantially, I think strong evidence that this happened is the Trump team's behavior after he was briefed by the NSA director, Admiral Rogers. The day after their confidential meeting, all relevant activities were immediately moved out of Trump Tower.

Anyway, this is off-topic and is a testy topic as it is so I apologize for the tangent. On topic I agree it shouldn't be possible for anyone to do this, no matter their politics.

[0] http://www.washingtonexaminer.com/byron-york-yes-congress-ha...

The second sentence in the linked article is this: "The Foreign Intelligence Surveillance Court issued the warrant, the official said, after investigators determined that Mr. Page was no longer part of the Trump campaign, which began distancing itself from him in early August."

It sounds like she DOES understand, you're just trying to convince her that privacy-fighters are right, which she may simply not agree with.

In other parts of society, there's a tradeoff behind what's good for society and what's good for individual freedoms.

Some people (say) don't want mandatory health insurance or helmet laws or whatever because they think freedom to choose is paramount. Others think it's insane that you'd EVER be opposed to something that might save even one life (what about the children??)

Sometimes these arguments are couched in terms of personal responsibility, the nanny state training us to rely on it and creating worse overall outcomes, etc etc.

I think a poignant explanation of the detriments of surveillance is Glen Greenwald's TED talk 'Why privacy matters'. Basically surveillance causes people to self censor, which is incredibly detrimental to society.

Agreed. We need talented sales and marketing people to help re-connect privacy to freedom. You literally cannot have the latter without the former, but that truth has been blurred and mostly lost.

It started with the war on drugs and is now the war on terror.

One big catastrophic terrorist attack perpetrated via computer networks and the internet will be all it takes to wipe out any vestige we have left of privacy and anonymity. Could easily see TOR and the like being outlawed worldwide.

> How can I help her understand why people fight for privacy?

Give her 1984 to read.

Maybe this isn't the best example for your mother, but it works for some people: https://www.wired.com/2015/04/john-oliver-edward-snowden-dic...

You can't. Most people will choose safety over freedom every single time.

I completely understand where you're coming from, and I share some of that cynicism. But there are many contrary examples. Abolitionists fought in the US Civil War to end slavery. Russian journalists and politicians are killed left and right but continue to challenge Putin's dictatorship. The Kurds, though they have never had their own state, continue to resist both Turkey and ISIS. Protesters were attacked and killed for protesting the neo-nazi rally in Charlottesville, VA just last year.

I think it's as Thomas Jefferson said: "...all experience hath shewn that mankind are more disposed to suffer, while evils are sufferable than to right themselves by abolishing the forms to which they are accustomed."

Perhaps in this case, the suffering is not great and the vision of privacy is not strongly supported. But I disagree that people will choose safety over freedom every time.

American slaves weren't safe, so there wasn't a trade-off there.

This is a common fallacy, that freedom and safety are in opposition, that increasing one decreases the other, that freedom puts you in danger and a lack of freedom saves you. In this debate people often say there is perfect safety in prison, but if I imagine myself a prisoner, versus my daily life right now, I'd feel a lot less safe in prison. I've read that some prisoners go to the bathroom with one pant-leg undone, just so their legs won't be tangled at the ankles if they get violently attacked. I can't imagine my daily life being this dangerous.

Freedom leads to the most security. If you scatter plot graph "free countries" and "safe countries" you'll find an unmistakable positive correlation. Whether the dangers are religious police kidnapping people for "virginity tests," people being disappeared for criticizing the government, or routine industrial accidents in places where expendable people aren't free to demand workers rights, a lack of freedom increases danger.

You're pretty safe in Switzerland, not so much in Iraq.

The ads for China's "big brother" systems, some of which are corporate/government partnerships, are way ahead of the US.[1] These are from QQ.

In one public demo, jaywalkers in a city intersection had their personal details appear on a giant screen.[2]

[1] https://twitter.com/RealSexyCyborg/status/947649480123285505 [2] https://www.youtube.com/watch?v=ShXKvo6xl6U

Which is why you have to help explain to her that the police state has absolutely nothing to do with keeping you safe.

In the case of 702, as it is for foreign surveillance, it is not even any freedom/security tradeoff because it is not them being surveiled.

Let her realize how monitoring and surveillance can be used to turns our private life, kinks and private stuff against ourselves to prevent is from expressing our freedom and potentially to enslave us.

One fundamental problem you may be running into is that generally the older people get the more they value "safety". So it's possible that you and your mother simply attach different utilities to "keeping others safe" and "potential for misuse" even if you agree on all the facts and conditional probabilities and whatnot...

I really wonder how much changing demographics (population aging) account for the shifts in public opinion on issues like this.

Dig something embarrassing from her computer/old emails, post it on her FB page. /s

People who never experienced large scale oppression, eastern Europe pre nineties for example, will have a hard time grasping the repercussions.

Just show her what they did to Donald Trump. Via a BS dossier, they wire tapped him and his associates.

This isn't what happened at all, and I suspect you know that. For starters, the dossier wasn't the beginning of the investigation, as we've seen in multiple articles that came out over the last few weeks. Also, Trump was NEVER "wire tapped," unless you are privy to information the rest of the world doesn't have, and the only reason his "associates" were caught up in surveillance reports is because they called criminals who were already under surveillance. It's like if the FBI is wire-tapping Al Capone, and you called Al Capone. Sure, you'd get listened to, but they aren't tapping YOU.

In reality, we don't know if Trump - or anyone else - was "wire tapped" - and we won't ever know thanks to the passage of this bill. One of the crucial elements of the Amash amendment was that those who were unconstitutionally spied upon via 702 authorization would have to be eventually notified that they were spied on - now they don't. That's one of the many things that's so awful and frightening about these police-state powers. There is no oversight and no notification.

> the dossier wasn't the beginning of the investigation, as > we've seen in multiple articles that came out over the > last few weeks.

Yes, a pile of articles, stating without proof, the same thing, all coming out at the same time .. almost as if they were coordinated. When specific facts of said articles are proven to be incorrect, small retractions that never make the news cycle are issued.

  > the only reason his "associates" were caught up in 
  > surveillance reports is because they called criminals 
  > who were already under surveillance. It's like if the 
  > FBI is wire-tapping Al Capone, and you called Al Capone. 
  > Sure, you'd get listened to, but they aren't tapping YOU.
It was the unmasking that was illegal and blatantly politically motivated. NSA has wide discretion to conduct surveillance on people outside of the US, but there are supposed to be legal barriers to snooping on US citizens. If the NSA picks up communications from a US citizen in the course of monitoring a foreign national, it is practice to "mask" the identity of the US person. Additionally, the identification of a US citizen mentioned in discussions between two foreign nationals is supposed to be masked.

>but there are supposed to be legal barriers to snooping on US citizens

There are supposed to be legal barriers, and renewing this law continues to reject what we're supposed to have in place, for everyone.

That was classic, and nobody would have ever known about it if the impossible hadn't occurred and he actually won. How many times did it happen before Obama did it and how many times in the future will it happen? Regardless of whether you're red or blue, this is not the path you should wish the country to follow.

The President actually tweeted two incompatible positions this morning. Guess they picked the one they wanted.

His opposition to this bill is based on nonsense, but it would be wonderfully ironic if he used it as the basis for veto.

He'd never veto anything, he'd have to read the bill to veto it.

You seem to have been downvoted, possibly for how quippy your comment is, but there's some indication that this reasoning isn't far off. Earlier this week Trump made clear during his televised immigration policy meeting that he would sign anything Congress actually sent him, which seems like a very odd position to take when you consider that immigration was Trump's signature campaign issue.

It's easy to say "I'll sign anything you send me" if you're certain they will be unable to send anything. It is risky, sure, because the unexpected can happen. The next day he also gave a summary of the meeting that was very different from what attendees thought. The meeting was a made-for-TV moment, so you should take it in with lots of salt.

The day Trump starts vetoing bills sent to his desk is the day 25th Amendment proceedings hit full stride.

Can you explain? (I don't mean the 25th Amendment.)

I believe parent post means that Republicans will stop protecting Trump the instant Trump decides not to pass their legislation, since they have control of Congress, and Mike Pence is an establishment dream president.

That seems facile. I don't believe it. I guess we'll see.

Paul Ryan, in his press conference this morning[1], said that the President "has concerns about the Domestic FISA law".

[1] - https://youtu.be/xUyKCpRl68E?t=3448

He met with Rand Paul last night who is the staunchest opposition to this bill.

Also, this topic was discussed today morning on Fox and Friends.

Let's say a state actor decides to cyber attack the US or allies. We want every person, gobernment or economic entity to be secure.

A state actor can do more widespread damage than what we gain by catching some terrorists.

Precisely for national security, we need good security in every entity.

FISA/702 is also used to trace/analyze cyber attacks, it is not just for counter-terrorism.

Example - A report (leaked to The Intercept) regarding Russian spearphishing: https://assets.documentcloud.org/documents/3766950/NSA-Repor...

> The vote on Thursday was a victory for the Trump administration and the intelligence community, which opposed imposing major new curbs on the program, and for Republican leadership, including House Speaker Paul D. Ryan, who had blocked the House from an opportunity to consider a less-sweeping compromise package developed by the House Judiciary Committee. They gambled that faced with an all-or-essentially-nothing choice, a majority of lawmakers would choose the status quo — and won.

Normally if you do not like what a House member does there is not much you can do unless you are in that member's district. In that case you can vote for someone other than them.

In the case of Ryan, though, you can do something even if you live in another district. The majority party decides on who will be Speaker. If Ryan's partly loses its majority Ryan goes back to being just an ordinary member of the House, one of over 400. You can indirectly vote against Ryan's speakership by voting against the candidate from his party in your district.

Except Pelosi and many Democrats voted for this as well...

So? As was mentioned in the excerpt from the article I quoted Ryan would not allow the House to consider a compromise from the House Judiciary Committee. How many of those Democrats would have gone for that compromise bill if that had been on the table?

We need both privacy and surveillance. The harm from too little privacy tends to manifest on a longer time frame than the harm from too little surveillance, so when considering a good balance between the two is off the table it is understandable one might go for the option that looks like it will be the safest short term.

Pelosi is indeed quite aligned with Republicans on surveillance issues. If she had been speaker she probably would have supported the current bill. But would she have blocked consideration of the compromise, like Ryan did?

That seems much less likely, because despite Pelosi and a few other Democrats being quite pro-surveillance the fact is that the party as a whole is quite a bit less pro-surveillance than are the Republicans as a whole. She would have had a harder time than Ryan keeping the compromise from being considered because she would be going against the majority of her own party, unlike Ryan.

Compare the ratio of support from their members, and the parties are not equivalent. Even if there is plenty of support from across the isle to pass these measures.

So, if you want to shift parties you need to get into the primary process.

One step deeper, there is a lot of popular support in the US for these measures. Nobody wants to face "Did not vote to keep you safe" attack add when that's going to resonate with people.

> Mr. Trump, who is known to watch Fox News while he is tweeting, posted his tweet shortly after a Fox News legal analyst appealed directly to the president during a Thursday morning segment about the coming House vote. The analyst, Andrew Napolitano, turned to television cameras and said, “Mr. President, this is not the way to go.” He added that Mr. Trump’s “woes” began with surveillance.


But seriously we need someone in the oval office who feels strongly about protecting the privacy of Americans (and everyone else!). Trump is just another one in the line to rubber-stamp this. Not holding my breath though...

OK, it passed the House. Now the fight moves to the Senate. Anybody have any insight on whether it will fly through there, or whether there is a chance of derailing it?

I could maybe see Sen Wyden trying to stop it, he's been pretty good on things like this lately, but I bet there are enough pro-surveillance Democrats (Feinstein, etc.) to overcome any potential filibuster.

Can someone clear it up for me. How likely is it that my google searches are being swept up and stored indefinitely, because I'm foreigner. I've disabled google search history, though I doubt it will help. Similar question - do they have a profile for every foreigner they can identify?

See https://www.eff.org/nsa-spying/wordgames#collect :

   Normally, one would think that a communication that has been 
   intercepted and stored in a government database as “collected.” 
   But the government’s definition of what it means to “collect” 
   intelligence information is quite different from its plain 

   Under Department of Defense regulations, information is 
   considered to be “collected” only after it has been “received 
   for use by an employee of a DoD intelligence component,” and 
   “data acquired by electronic means is ‘collected’ only when it 
   has been processed into intelligible form.”

   In other words, the NSA can intercept and store communications 
   in its data base and have an algorithm search them for key 
   words and analyze the meta data without ever considering the 
   communications “collected.”
TL;DR they're being swept up and stored indefinitely for everyone, all the time, right now.

> Can someone clear it up for me.

Nobody can clear it up for you, except possibly someone who has knowledge of the top secret programs run by all the U.S. government agencies, by agencies of other governments, by commercial businesses, and possibly by sophisticated criminal organizations.

Regarding only U.S. government surveillance, even the most informed citizen's knowledge is based on years-old incomplete reports of a subset of programs; nobody knows what was left out and what has changed, but we know that the NSA alone has maybe 40,000 employees and a $10 billion budget; that pays for a lot of surveillance. Remember that many other governments and businesses share their surveillance with the U.S.; if what you do is picked up by one, others may know too.

In other words, assume that anything you do online, or on a computer or phone which collects user data, is swept up.

Previously would have been incidentally picked up and retained in a 5 day rolling buffer due to lack of encryption (if your traffic transited one of the tapped backbone links), but now, such queries are encrypted and I believe Google now encrypts transit between their data centers.

Now you would need to be more specifically targeted under FISA, if they felt there was valid reason, and the timeframe for collection on that data would vary.

Google search uses HTTPS and, unless you personally is a target and/or your devices are hacked, the content of your searches is not visible to anyone except Google. Your citizenship doesn't matter.

They've tapped into google's internal networks in the past. I suspect they've already regained the access.

Another matter is whether google really deletes accounts when asked, or really doesn't store histories when asked. Because if the data is stored by Google, when the time comes and the person becomes "interesting" for the US establishment, they can rubber-stamp FISA court warrant and get this data.

1. Google engineers took the challenge personally and there is no evidence suggesting Prisma capabilities were regained. 2.I tend to agree in a sense that it is rather difficult to delete all the data. But no more difficult, than to find it later when requested by law enforcement.

Curiosity is getting the best of me, and I figured HN is a good place to scratch the itch.

Has anyone done a study or solicited information from the government that shows the impact of legislation such as FISA or better yet the Patriot ACT's post provision sunset (what's left of the act) parts? Namely - hard numbers that shows in a numerical fashion the fact based evidence to keep overt invasions of privacy in check in the name of security.

Being from New York, I always try to question politicians here - more specifically Gov. Cuomo on the quantifiable evidence that supports the SAFE ACT's passage in our state - on such things, to have a better impact on things that affect me regionally vs. worrying about broad stroke Federal things that rarely do.

Turmp should be happy about this, it will be useful in cracking down on citizens and opponents who criticize him.

> Turmp should be happy about this

To be fair, Trump is hardly the the first President to seek renewal of such laws.

> useful in cracking down on citizens and opponents who criticize him.

There were multiple reports about "Dark Side" yesterday - https://lawandcrime.com/high-profile/dark-side-federal-unit-...

What could possibly go wrong.....

He opposed it according to the article.


"For the record, Trump's administration supports full reauthorization. In fact, the White House issued a statement on Wednesday evening — hours before Trump's tweet — restating its call for members of Congress to vote for its continued use."

That's exactly what it would take to get laws passed to prevent it in the future.

The precedence has been set for using FISA against your political opponents. I agree, this will be great for him.

Thankfully the rules of math still apply and it's never been easier to use encryption just about everywhere.

The question for me is: at what point will people begin to reject this farce of a ruling elite that exists today?

This shouldn't be any surprise to anyone. Congress gives lip service to representing their constituents. In reality, the only people (and interests) they represent are THEMSELVES.

USA, the land of the monitored.

Privacy in the US is dead

Privacy in the world is dead (more precisely, dying), for all intents and purposes. The technological cat that enabled its demise can't be put back into the bag. Currently the problem is that certain classes of people have more access to "private" information than others, but once that goes away society will adapt to the new normal and look back with confusion at why we were so concerned about not being able to hide things.

Agreed. But, we're missing the point quibbling about search histories and emails... That's nothing compared to what's coming. The data already exists to track your every move. It's just a matter of consolidating and organizing it. Right now, there is money to be made selling customer data for marketing and the like. This keeps the repositories of our data from sharing with one another.

But, soon, the economics will flip. And, there will be money to be made from selling privacy. For instance, assume all credit card, phone, cable companies, etc. pool their data. For a monthly subscription, this conglomerate will keep your info (or parts of it) hidden. The default will be everything is knowable about everyone, except for those who pay a fee to erase info from their records.

Far more money to be made selling privacy than selling info. 4th amendment and all the rest is moot. Our info is held by private international companies who, eventually, will begin charging you to keep things hidden from others.

It might be even worse. I actually doubt they'll allow you to get your info deleted, even for a fee, unless forced by law: it would only be worth it for them (as in, producing revenue that is a significant fraction of that they would be getting from selling the data) if enough people bother, but in that case, deleting their information would make the data a lot less attractive for the potential buyers...

Well, it’s not that bleak. You just need to have the knowledge to control your own privacy rather than relying on the government to have your back.

Really the bad part is that most people don’t know about or how to use technology to protect their privacy :-/

If you've looked at the Shadow Brokers releases, Vault 7 etc., you will be reminded that, even as a privacy conscious technologist, you're still going up against PhDs with budgets of 10s of billions / yr.

...who work on this stuff as a day job, and likely also as passion projects. IOW, unless you dedicate your entire life to not being spied upon, you'll very likely "lose".

> rather than relying on the government to have your back

What's the purpose of having a government again?

Social Security + Medicare + Medicaid is 50% of the federal budget. Defense is another 17%. So the purpose of the government is mostly income redistribution and defense.

Those numbers confirm the stats, and actually prove GP's point better (that the gov't is mostly medicare/aid, social security, and defense; half being the former, and ~22% being spent on defense), and are similar to numbers from the CBO [0]

[0] https://www.cbo.gov/sites/default/files/cbofiles/attachments...

I was using the numbers for 2015. The years after that aren't significantly different.


someone needs to do independent audits in the form of a zero knowledge proof to say “ok I understand why the wizards and warlocks are at battle”. Used to be that we would say to ourselves, “we should consider It likely Obama flipped once in office because he saw confidential stuff that would make you sick”, which is a more cosmo view

FFS New York Times, can you not make EVERY GOD DAMN ARTICLE about Trump and distract everyone from the main issue here?

More than half of this article is about Trump's tweets. How about naming and shaming all the Republicans and Democrats that voted to extend the surveillance law instead?

Applications are open for YC Summer 2018

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact