“National security” is a sham now and has been a sham every other time it has ever been used as a blanket override for human rights. Human rights to free expression are more important than any nation.
This is just government spies trying to cover their ass whilst they continue breaking the law. They've conveniently mixed it in with "but terrorism!" to ensure that they get to continue breaking the law.
The hypothetical situation above would be an invasion of someone’s privacy, and any smart terrorist group should be using a message service that is end-to-end encrypted (I’m not sure if Twitter DMs are), but let’s acknowledge that there is at least a plausible national security reason for the US government to request things from Twitter. These requests can be abused, but any social network that has a private messaging feature could be used to coordinate national security threats.
Edit for clarification: If the US government made one request to stop a terrorist plot that they had some specific knowledge of, that would be okay in my eyes. If the US government requested access to every Twitter user’s DMs to scan for possible threats, that’s not okay. It seems like Twitter is trying to disclose the number of requests so we can see for ourselves.
How can we tell that they just didn't straight up lie about whether the one request was to stop a terrorist plot, and not to gather intel on political foes or ex girlfriends? With no oversight and no one allowed to advocate for the rights of the individuals under surveillance, I am still not okay with one request to which they claim is stop a terrorist plot that they claim to have specific knowledge of, because there's no checks and balances to prevent them from simply lying.
NSL are only for "metadata" not user content. Govt can get a list of the calls you made, but not what your said. They can get IP addresses, but not the email body.
I don't support NSLs (4th amendment + unconstitutional gag order), but a lot of the opposition is based in hysterical ignorance. If you are going to get worked up about it, do yourself a favor and at least understand what they are.
Can the FBI obtain content—like e-mails or the content of phone calls—with an NSL?
Not legally. While each type of NSL allows the FBI to obtain a different type of information, that information is limited to records—such as “subscriber information and toll billing records information” from telephone companies.
"National security" is one of those thought-ending phrases that's thrown about to make people stop thinking critically about the matter. Terrorism is extremely bad, but it's not an existential risk, by its very definition.
> let’s acknowledge that there is at least a plausible national security reason for the US government to request things from Twitter
There is already a system that permits the government, investigating crimes, to compel information disclosure from a provider. It's called a search warrant, and requires a (very cursory, heh) review by a judge.
The government is asking not only for the power to skip that step (they've already taken that - that ship has sailed), but to prevent people from disclosing just how many times that's happened.
"National security" is not an umbrella term that means "bad things happening to USians", although I'm sure that the people using it in this instance as a cover story for widespread, illegal, extrajudicial espionage activity by the government would prefer that you think of it that way.
Remember: every legitimate NSL could have been a warrant. There's already a legal framework for how to investigate and prevent crimes, including mass murder. Additionally, anyone who's ever read a US federal warrant for anything involving sequences of bytes or information technology of any kind knows that the burden is already hilariously bad/low, and that they're very close to being rubber-stamp already. I personally have never seen a federal warrant (they're written under penalty of perjury) that didn't have naked factual errors in it, and I've only seen the ones that got approved/signed by a judge. There's a 100%, easily falsifiable, perjury rate in them in my experience. AFAIK none of the federal agents who have signed these sworn statements have ever faced any negative repercussions whatsoever for the falsehoods contained therein.
So, that hilariously low/token bar to a search warrant is what they're skipping in these cases. NSLs and related FISA warrants are extremely suspect. It makes sense that they would want to hide and obfuscate their use and existence. They're basically carte blanche for the government to inspect any communications they want - no justification required. The only reason they'd use them in place of a search warrant is because they are illegitimate.
This is absolutely not about terrorism, or threats. There's already a functioning-for-them (albeit broken in the legal checks-and-balances sense) system for that in the form of search and seizure warrants; they're trying to confuse you with the terrorism card.
This is a cover-up for an illegal power grab, nothing more.
Furthermore the damage from terrorist attacks is primarily self-inflicted; the cost of political, economic, and military overreactions far exceeds loss of property and life. Truly, "the only thing we have to fear is fear itself."
Someone walking into your home when you aren’t home and stealing your things isn’t an existential threat to you, but I’ll bet you at least lock your doors when you go out. The flu isn’t an existential threat to most people, but many people get a flu shot every year. Just like individuals take reasonable actions to protect themselves from non-existential threats, the US government has a responsibility to protect its citizens from non-existential threats as well.
Weak points - like unreinforced flight deck doors - should and have been fixed. But you don't throw away a free and liberal society.
There's a mechanic to terrorism. Young people are radicalized, older people are cynical profiteers and hardened sadists. The campaign serves as its own recruitment. The harder the enemy clamps down, the more unjust they appear to be, and the easier it is to recruit.
So wars are often the wrong approach. Wars are a suspension of civilized conduct and due process. Anything short of total war, extermination and genocide, can act as a recruitment for an opposition which has a unifying identity, if harnessed.
However, it's only the human inability to grasp large numbers that would justify a 3 ("several") for 48 (US) or 330 (world) MILLION Twitter users success to failure rate. Or you use a farcical "infinite value" argument, which is basically equivalent to saying that privacy has zero value.
SARS-CoV-2 killed more US citizens than the most severe terrorist attack in US history.
Not exactly convincing.
My "there are other people who disagree" happen to have skin in the game (US people on US soil who suffered the 9/11 attacks). Look up Nassim Nicholas Taleb.
If you're gonna say that US people's opinions are also subjective personal opinions, then I'd argue that their subjective opinion still has stronger claims that 9/11 is a national security issue, because they have concrete provable injuries. Compared to someone far away who doesn't have skin in the game and didn't lose anything.
Check your biases and conflict of interests, maybe.
p.s. Plenty others here have added well laid out arguments so I didn't want to just add more of the same.
9/11 was a self-correcting bug, it became completely irrelevant to security starting on 9/12
These aren't hijackings but your statement is factually dubious:
Well, there you have what differentiates your examples from what I said.
(In rare (non-existing?) cases when warrant-based workflow is too slow, when you need access right fucking now, I think it would make sense to have self-issued warrants available as an option to federal officers, on the provision that self-issuing a warrant means you also lose your job by default, and have to apply in front of a court to ever be able to work in public services again; and abuse of that options are punished with jail time.)
As it stands now, the majority of federal search warrants contain easily falsified perjury, and yet they are still approved by judges almost without exception and the feds that wrote them suffer no consequences whatsoever.
I’m not sure why they have an issue with the current system, outside of blatant abuse.
I'd be more worried about whether judges really are independent and trying to critically reject warrants, rather than exactly when they do so. And another weakness in our current system: warrants are a pretty voluntary form of oversight. There are no reliable checks against warrant-less actions that should have required a warrant. Unless it's really egregious, police will not be held liable, defense attorneys may not be informed, and they may even be able to use the ill-gotten information for personal/legal gain, because finding a parallel construction once you know what you're looking for is obviously much, much easier.
So I'd say that the problems are more one of a too-weak audit, and the moment at which that happens is not critical, even if it is relevant.
Now I realize the client-side password could be saved and retrieved in the browser for ease of use, but I don't think that's going on.
Companies are allowed to reveal gagged legal process in ranges of 1000, starting at 0, for six-month periods. Combined FISC and NSL requests can be revealed in ranges of 250.
This just shows that Twitter is fighting all the way, as I mentioned in my other comment.
Unfortunately a site gets really big like twitter you just have to bow to the powers that be, or they'll make life hard for you.
We live in an age where open web standards can create software that looks and feels a lot like the existing closed/commercial platforms (ActivityPub/Mastodon et cetera).
OTOH, there probably are at least a few investigations into real cases of abusive or criminal activity. This may be getting used to watch what’s happening in other countries. There are a lot of possibilities for gray area questions that are neither clearly legal nor clearly illegal, and Uncle Sam knows that exposure could cause things to lean toward clearly illegal.
Let’s not pretend that privacy of Twitter messages is a human right, though. It’s a for-profit business that was already monitoring your traffic, and the government is asking for what Twitter already has access to. While the government may have a very different agenda, using Twitter doesn’t come with any privacy guarantees in the first place. Twitter’s not going to come arrest you, but they were never under a legal obligation to help protect you from the government or anyone else, and Twitter DMs are not private in a legal sense.
Alternatively they justify some actions with the war on drugs or fighting against pedophiles with: "think of the children".
If you promote strong encryption you might help drug dealers, pedophiles and terrorists.
There's also the preaching: "you shouldn't be worried of us spying if you have nothing to hide".
"We are empowered to stop terrorism." (or drugs, CP, etc)
"X can be used for terrorism."
"Therefore we are empowered to stop X."
Thus that agency gains power over all possible X. Like cash, any monetary transaction, photography, encryption, any messaging system whatsoever, or any number of other things that should make up the bedrock of a free society.
Are we? The article just mentioned grave or imminent harm to national security, not an existential threat.
Don't get it twisted: it's just a cover for domestic criminals inside the US government who have become accustomed to getting to break the law as much as they want for the last two decades. By making it seem special or important (it's not) they get support in suspending basic human rights such as publishing.
Ditto Syria even though even if Assad's government had fallen, Syria would've almost certainly continued to exist as a nation.
They have a point about a security risk but what they also sneak under that guise is their desire to hide intelligence capabilities and potential threats. It is not a risk if you don't have a specific threat or plan of attack,certainly not a risk to the nation. Vulnerabilty is not risk.
Revealing a request may thwart their investigation but the burden of proof that a specific threat that cannot be stopped if the information is public is required of them. Short of that, you can chit chat on the subway with a third cousin of a terrorist or something and they can say "if we can't monitor his DMs then we can't know if they are using code words to plan a terrorist attack"
On a different note, I think it is a failure if the US constitution to not clarify details like this. A constitutional convention to review and update the bill of rights and a few other things is long over due.
Dan Maynard: That's right. Yeah. After the trial we found out that they had had an undercover agent who had been texting with Simpson, less than three weeks before the attack, to him "Tear up Texas." Which to me was an encouragement to Simpson.
(of course the answer is no, it is not)
Sliding into Twitter DMs and baiting fools to say they are going to use fake explosives aren't particularly productive things for the government to be doing, but there's probably a reasonable legal foundation for most of it.
Well, they can’t have it both ways. Twitter takes credit for the Arab Spring which was indeed an existential threat to several countries, at least their regimes, but still millions of ordinary citizens were impacted.
I don't trust US corporations at all and I thought that there was some kind of corporate conspiracy to discredit the US government to allow corporations to gain more power...
Now I'm thinking that the situation in the US is even worse than that; not only are corporations trying to discredit the government, but the government is working hard to discredit itself as well.
There are lots of recorded occasions of single governments doing this.
Governments are seen as having authorities that corporations do not, and thus are to be viewed much more skeptically as a general policy. Companies can't raid your house with machine guns, or toss you in jail for publishing an integer on your website.
It's not that corporations are trusted more; it's that the maximum possible damage by corporate evil is much, much, much, much less than the maximum possible damage by government evil. IBM participated in the holocaust, but they didn't directly cause it. That needed governmental authority. It's prudent to maintain several orders of magnitude higher suspicion and/or skepticism of government activities; corporations are basically sandboxed (e.g. no armies, for the most part) in this model.
If we look at historical instances of single entities causing 10M+ deaths and oppressing millions of people, since corporations were invented, I think we will find that a corporation is driving the death and oppression more often than you might think. Jardine Matheson, Dole Pineapple, Dutch East India Trading, myriad tobacco corporations, British Petroleum, Shell Oil, for just a few famous examples are each definitely responsible for oppressing millions of people at least, and some of them are responsible for 10M+ deaths. Sure, governments generally claim a monopoly on violence, and in these cases it was a government that actually did the wet work, but they were doing the bidding of specific corporations.
What about this inspires any form of faith towards governments? You've got an entity that controls/is the army and it is weak-willed enough that some company with money and a good story persuaded it to 'do the wet work' and kill or suppress millions of people.
What in this story makes you think that only corporations will direct that sort of power in a way you don't like? Are people with bad intentions only found on the boards of large corporations such as Dole Pineapple?
And even if they were why are you then defending the idea that the entity holding the knife, as it were, is the more credible and trustworthy of the two? Surely the government has some accountability for its actions?
I'm not sure how that comes from what I wrote? I was responding to the claim that corporations aren't responsible for deaths or oppression.
No, it's not "corporation" vs "government". I don't have easy answers to how to prevent this kind of behavior, and I don't trust easy answers, like "minimal government" or "strong government". Global trade and capitalism seems to be working for the most part, with some unsettling caveats.
“6 Mega Corporations Control Almost the Entire Global Cigarette Industry” 
25 years × 5M people / 6 corporations = 20.83M deaths per corporation (leaving out pre-1990 / post-2015 deaths).
Governments are comparatively hard to read. They are by and large not motivated by anything specific and are often possessed by destructive short-term zeitgeists (how many demographics haven't been targeted as a matter of government policy at some point?). It is difficult to anticipate where the hammer will fall next.
Over the short term the only thing making the government trustworthy is inertia. Over the medium and long term they are much less trustworthy than a corporation.
Maybe in the moment, because the constraints they're fighting against are large and not easily understood except through hindsight, but history shows that adversarial governments are pretty rational as well. They seek to increase their dominance, natural resources, and manufacturing capability, amongst their peers, and over ever-larger numbers of people. Just like corporations, it's all self-serving turtles, all the way down.
Sure. But that doesn't mean they dont have a say / influence in it. Take any social network for example, with a small change in their respective feed / discovery algorithm , it could clearly influence it.
> the maximum possible damage by corporate evil is much, much, much, much less than the maximum possible damage by government evil
In my opinion, it definitely is NOT that less. Sure governments can cause wars and all that but the corporations right now have a lot more control over the mind / general public view of things than the government.
They're responsible at least for the oppression of millions of people. 10 million deaths can't be directly attributed to them but they can be attributed maybe 1/10th of that. The issue is that there are a lot of corporations for which the case is pretty good that theyve left a lot of people to die and far more oppressed.
Probably better to stick to currently existent companies and compare them to governments in the 21st century.
One Nation Under God: How Corporate America Invented Christian America (Basic Books, 2015)
Both are horrible, let's be real.
Government and corporations are merging to become the same thing. I just assume any data I give to a corporation or government is public since they share your data anyway.
Of course it is.
Powerful and motivated interests have long been working to overturn basically every social program and every protection for labor, discrimination, environment, voting, etc. The goal is to "starve the beast," privatize everything to work toward a government that only runs the military and police, and to make sure it stays that way once it gets there.
Insidiously, they can win support by pushing the government to be more wasteful, more corrupt, less effective, more intrusive, more bumbling, and more frustrating to work with. The moment of victory is when they convince you that government fundamentally is a bad idea that cannot work well, all those taxes you are paying are just going to be squandered, and we'd be better off getting rid of the whole thing.
They have been at work for decades through groups like the Heritage Foundation, CATO institute, etc., to push this into the mainstream. They reached new heights of legitimacy with FOX news & co., and have made great progress with the Trump presidency so far.
Microsoft,Yahoo, Google, AOL, Skype and Apple all did more than legally required.
It's great that twitter took a stand, but if that company failed everyone would easily replace it. Twitter is toy.
Well I guess it depends on what your definition of "toy" is. I think all popular social media platforms deserve careful consideration. They have a colossal impact.
It's more interesting to consider what, exactly, government surveillance can be used for.
And really, "James Bond" style villainous plots aren't what we _really_ need to worry about. The real weapon in these platforms is disinformation campaigns-- and the actual actors behind such campaigns (as well as anyone else who is paying money to influence any user) should be revealed to the public.
Like in this case, I fail to understand how releasing the number of requests would have any security bearing.
You make a good point re: investigatory capacity, but it seems even that is fuzzy and could maybe be handled through other means (aggregating time periods or using some kind of required delay).
And it's hard to challenge such law as unconstitutional because no right to privacy is explicitly written into the constitution.
What I can not understand or appreciate is that such requests can not be made public after said investigations are closed. Alas that approach is now also curtailed and would have to be raised as a separate avenue now. Which with this judgement, will now make that a little more harder to pursue. Been nice if the Judge had allowed that avenue of release, but that was not catered for in the scope of how this case was put forward.
Maybe if Twitter had approached with - what is a fair and reasonable amount of time until we can make such requests public? Or along those lines, then that avenue of release would of been within the judgment remit. Though I'm no lawyer, and may well that this approach they have taken is the best as it allows two bites of the cherry and an angle to appeal.
One just hopes the matter is not as clear cut and settled as it stands.
Companies are allowed to reveal gagged legal process in ranges of 1000, starting at 0, for six-month periods. Combined FISC and NSL requests can be revealed in ranges of 250.
Although you're certainly free to conform to whatever meaningless social convention you like. I assume it provides you a sense of belonging, moral righteousness, etc.. But, given the conformity you seem to demand, you might want to consider who here is most deserving of the "dick" moniker.
Kind regards, member of the LGBTQ community and HN.
P.S. It's just about respect, nothing else.
> you're certainly free to conform to whatever meaningless social convention you like.
You don't see the irony here?
I'm not going to waste any time replying further but I'd simply point out that human empathy and care for others costs nothing here.
Empathy is entirely extraneous to the discussion. If someone responds emotionally to an otherwise dispassionate discourse, that is their own concern.
... is now 14 years old. This was the first warrant canary and, I am sad to say, one of the few remaining ones.
Nobody can legally force you to say that in the event it has been compromised. At least not yet, and if we get there, I really do fear for us.
[From memory from some ancient HN thread]
Just a reminder all kinds of "government" for any reason is reading all of your email any time they want without a warrant and it's perfectly legal. Just has to be 180 days old but I suspect that doesn't make a difference.
The law allowing it is 30 years old and why the Clintons had their own private email server in their basement in the first place. Congress was going to close the loophole but Jeff Sessions and Trump stopped it.
Written back in the old days when everyone used POP for mail... Emails would download to your computer and be deleted from the server. Plus webmail back then had limited storage anyways, like 20MB while now you can get at least a gig or more depending on the provider. So the server was more just like a temporary holding space for your email, before it got downloaded to your computer where you'd store it longer term and be responsible to back it up, etc yourself.
Now with webmail and IMAP (where your same email account can be on both your phone and laptop). Super outdated now since we access email differently now with multiple modern devices, I doubt many people use POP email now.
1) There is no such thing as privacy anymore, at least with respect to anything electronic. I know this because I wanted to be the head of a large online community (I worked on a program which I hoped would become the next Facebook), and I studied everything I could about security/privacy that I could for many years.
2) It would be better, far better, if, when users signed up on Twitter (or any other online service for that matter) if there was a big screen which comes up, with big letters, and says "Everything you say could potentially be taken out of context, could potentially be used against you in Court, and/or could potentially be spun on the News Media or by other people in such a way so as to destroy your reputation, livelihood, and potentially your life." This would be honest, ethical, up-front. "Forewarned is forearmed", as they say...
3) When Jack Dorsey filed his articles of incorporation, for his company (which Venture Capitalists require, and for good reason, if they didn't, they wouldn't be able to sue if/when the founder skips town on them!), but when he did this, he made a legally binding CONTRACT with the Government. Oh sure, it may have been a State government, but let's remember the Supremacy Clause in the Constitution (the Constitution is also a CONTRACT, incidentally...). But once you do this, even though you might not be liable financially on a personal level for your company, you have basically set yourself up to be REGULATED, REGULATED, REGULATED, by the Government and its in-no-shortage-of-supply Lawyers... (Regulated is another fun word for "they're going to tell you what to do" <g>).
(Now, I'm not saying that's a bad thing... historically that regulation created some major wins for society, case in point, the meat packing industry, many many years ago, when proper sanitary conditions were not followed, and there are many other examples of this).
But the thing is, this Judge is making his decision based on that CONTRACT (the contract is the tip of the iceberg, by the way, it basically makes the company accept ALL of the thousands of miles of statutory U.S. code, it's sort a lead-in to that).
So, based on what I know about U.S. Law -- the Judge is probably, probably not wrong, but remember, he's making his decision based on
a) The CONTRACT, aka "Articles Of Incorporation".
b) The miles and miles of State, Federal, Statutory Code and Agency Code (since federal agencies are quasi-law creating entities) that the said CONTRACT (a), forces the company to accept...
In other words:
c) Lawyers, not technologists, are running the show... <g>
And you wondered how "The Swamp" works... <g>
Hey, I think I remember some song lyrics (Depeche Mode, actually!):
"The handshake seals the contract
from the contract
There's no turning back
The holiday was fun packed
The contract still intact..."
-Depeche Mode, Grabbing Hands
There never was! I was there for Scott McNealy telling us, "You HAVE no privacy. Get over it." As the CEO of Sun, he knew exactly what the federal government was doing with all those computers they were buying: running Larry's database, and archiving absolutely any-and-everything they could. All Snowden did is show us how well the tools running on top of that infrastructure work, 25 years on.
Not to mention gerrymandering and widespread voter suppression.
France passed a law to make the Burkini illegal - targeting Muslims. This isn’t just the US.
Either way, one should be wary of large organizations, regardless of their type such as governmental or corporate.
Put another way, it doesn't matter whether they were pleased or not, the system is set up to make their interests more apparent than others.
Political power shifts happen all the time in democratic republics as the populace gets fed up with the party/parties in power.
> "all large organizations", "democratic republics", "the developed world"
Someone else also pointed out (https://news.ycombinator.com/item?id=22909123) that even the US has plenty of "safety net" policies, despite some glaring holes in it.
Standard Oil and US Steel weren’t easy to opt out of.
I wonder if the millions of US Americans whose stimulus checks got "lost" are somehow correlated to people that have criticized Trump on twitter.
That's rich coming from a company famous for censorship.