Obviously, a provision that allows law enforcement warrantless access to random people's email would be a terrible thing. It seems a little unlikely that in the wake of the Patraeus scandal, that's what Leahy would really be proposing. Maybe it is. Can we FIND OUT?
Late edit: here it is: http://news.ycombinator.com/item?id=4811489
Furthermore - it's not a secret that they did so. Books have been written on the matter. The public got suitably outraged, and then nothing happened. The taps are all still there, and the equipment's all been upgraded as the capacities have increased.
It truly doesn't matter what these laws say. Your communications in the US are all already monitored as a fact of life.
This is a country in which people of African descent couldn't even reliably vote 55 years ago. I refuse to succumb to the notion that all is lost simply because we've had 8-10 years of overreach.
Well, that, or flee.
> I refuse to succumb to the notion that all is lost simply because we've had 8-10 years of overreach.
If that's the case, I ask non-sarcastically: How many decades of tapped phones, illegal body searches, and indefinite detention and/or torture of political prisoners are you willing to wait for reform before you declare the US an unacceptable place for good and reasonable people to continue living in and paying taxes to?
I'm genuinely curious. Is there an upper bound?
For me, personally, it was ~8 years.
"The most dangerous man to any government is the man who is able to think things out for himself, without regard to the prevailing superstitions and taboos. Almost inevitably he comes to the conclusion that the government he lives under is dishonest, insane and intolerable, and so, if he is romantic, he tries to change it. And even if he is not romantic personally he is very apt to spread discontent among those who are." --H. L. Mencken
So, if things get tough you typically quit? Only 8 years? There are isolated cases of each of those occurrences, and while just one is unacceptable, this country is far from uncorrectable.
There are quite a few citizens of the USA that waited a lot longer than 8 years for rights we all are born with and take for granted today. I find it perfectly reasonable to both have the determination to stay active/volunteer as well as the patience for the process to work.
I would ask you to provide evidence that my private communications are being monitored. Explain to me how the US government has cracked/backdoored every crypto library available.
You feel safe hiding behind the theoretical/practical integrity of a cryptographic library? I'm almost tempted to link the requisite XKCD cartoon.
I think ensuring private communication for all people, regardless of technical means of ensuring secret communication serves us all, including those, like you, who feel safe with their already existing measures.
If a precedent is set that allows a government the power and right to spy indiscriminately everyone's privacy is dimished including those who are avid PGP users.
Besides, once that step is taken the next logical conclusion is to simply demand you provide pass phrases and private keys for any encrypted communication as is the case in other countries .
Besides, information leaks by other means, which might be used to circumvent encryption. Man-in-the-middle attacks or simply targeting a weak end point in a communication stream. Colleagues might not be as adamant about security and their end of the communication might come under scrutiny. Besides, unless all electronic devices are electromagnetically shielded TEMPEST and other similar attacks are still possible. Once the door is open to monitoring or surveillance all bets are off as to how they accomplish this, and it might be through means that render current cryptographic libraries useless.
Even assuming a perfect means of ensuring a message is sent unseen, the patterns of communications themselves can yield a significant amount of information. Even if governments can't tell what the contents of a message the fact a communication existed (a carefully protected communication at that) might be used against people, never mind if they're to trace the communication or establish contact frequency.
It also reminds me of the mechanisms used look for errant behavior patterns. Targeting people that use only cash, don't have credit cards or those who simply fall outside of the established behavior patterns. Monitoring of everyone else's communications establishes sufficient data to single further target people and erode their privacy.
Target was able to determine when clients were pregnant by simply analyzing shopping patterns .
It also reminds me of how Germany dealt with the Baader Meinhof group, by screening for "seemingly mundane items as utility bills" to establish probable cause for detention or investigation. Once we're all under surveillance the government won't even need to read everything we write to further erode our privacy.
By fighting for better privacy protection for all I think we make our own private communications safer.
edit: grammar and expanding out a few ideas.
Today, in this world we live in at this very moment, I can communicate in such a way so as to prevent the US government from reading/hearing what I say.
So, unless you have specific evidence that this isn't the case, people should listen to what you're saying with the same attention they give every other conspiracy theorist.
Whether or not the US government can at this point in time read/hear what you say is somewhat irrelevant if they're monitoring it and recording it and there exists a non-0 chance of they being able to then crack it.
I was also not attempting to draw up some huge conspiracy theory that the US government is out to get you or any particular person. I'm merely trying to point out that the more information and communications the US Government (or any other entity) records, then the greater their capacity to infringe on our privacy. And that in some use cases the actual contents are irrelevant in so far that the monitoring itself can inconvenience us and harm us due to information that is inadvertently leaked or signalled through our communication patterns.
But to be honest, I'm glad there exists a way for someone to have every single method of communication go through secure means that are impervious to any manner of eavesdropping.
No, that's completely wrong. Just because something exists doesn't mean it's accessible. That's what warrants are for, and if it's unlawful for the government to ever see that information, then the warrant will never be granted.
We were talking about whether or not people are able to communicate privately, and you claimed it was impossible. This is factually inaccurate, as I've been trying to point out.
Do you have any evidence to suggest that the government is capable of breaking currently considered secure encryption? If not, shut the fuck up.
I don't understand how anyone can think that the founding fathers would not have considered email and cell phone conversations to fall under this provision.
I'm so sad about our country's abandoning the principles of freedom.
I don't think that's a good state of affairs, but I can see how it logically makes sense. On HN we're often reminded that people have no right as users to any particular service from Google or Facebook, and the reason is that they don't own anything about the service or the data on it. Facebook could sell your data to advertisers, they could mail all your posts to the FBI without a warrant, whatever they want. So similarly there is no 4th-amendment right that you have relating to a search of Facebook, because it's not a search of your person or property, but of theirs. In the Founding generation this wouldn't have been an issue because it was not common to for a person to store significant amounts of their personal papers in a form where they had no ownership over them (even when you stored with a 3rd party, like in a bank safety deposit box, there was typically a contract specifying that you had certain ownership rights).
I do think there should be a fix to it, which will require implying some kind of rights that Facebook users have against government searches of Facebook targeted at that user (despite the user having no ownership in Facebook). But one wouldn't want that to go too far, because I can also see the property-rights argument: if I really do want to voluntarily mail the data on my server to the FBI, and I didn't sign a contract with the users saying I wouldn't, why should the users be able to stop me from doing so? You'd have to abrogate property rights with some kind of right-to-information-privacy that supersedes the fact that it's my server and I own its contents. Overall it seems like a situation that the Constitution's framers didn't imagine.
>> you have no property rights in your Facebook account, which is wholly owned by Facebook
By this logic, do I also have no right to expect privacy when I mail a paper letter through the post office? After all, its sorting facilities are wholly owned by the government.
I honestly don't know what the framers would have said about that. If I shouldn't expect privacy there, the argument is done.
If I should expect privacy from the post office, there's a second issue:
>> and which you use for free only as a guest
By this logic, I should expect privacy from my cell carrier, because I pay to use their service, therefore my account and the data passing through it might be argued to be "mine".
>> in a bank safety deposit box, there was typically a contract specifying that you had certain ownership rights... [snip] ... some kind of right-to-information-privacy that supersedes the fact that it's my server and I own its contents.
Both of these parts of your comment suggest that I should be legally able to operate a service and specify in the user agreement that I won't give their data up for search without a warrant; that they have some ownership rights over their data.
Sadly, I think the government would assert otherwise. The only loophole I've heard used so far is to operate a service which, through encryption, actually can't access users' data. And for all I know, that will be declared obstruction of justice.
Your last point is an interesting one, though. If a provider specifically includes in their service policies a promise not to give up the user's data, then it seems like the provider would have a good claim when they attempt to quash subpoenas, even if the user themselves doesn't have any particular rights in the matter.
The cases are only uncovered by the fourth if we accept a narrow reading which somehow determines that "your papers" only applies to physical pieces of paper and that "be secure" only applies if the citizen would be deprived of access in the course of the search.
Those distinctions make no sense and, if applied, make the fourth amendment wholly technologically obsoleted in the very near future.
Is it a remotely logical position to argue that the founders were really concerned about government searches, seizures and surveillance, but only inasmuch as people were inconvenienced by those searches, seizures and surveillance?
That provided the English could have searched, seized and surveilled quickly, efficiently and entirely-on-the-sly the Revolutionaries wouldn't have been so hot about the issue?
The time to leave the US is now. You no longer have the basic rule of law. Collect your family and possessions and emigrate.
It's not easy, but it's the only way, now. We're never getting those rights back.
 I did it. It's tough, no foolin'.
IMHO moving out of the US just avoids the problem, instead of solving it. We need to put more support behind advocacy groups like the EFF who's mission statement is to fight against the infringement of personal rights.
I'm not saying that the US is strictly better than Canada in the rights department. However, it's definitely not strictly worse.
Fascist countries don't tend to be very tolerant of their friendly neighbors.
>You no longer have the basic rule of law.
In many EU countries (my own included) people would start either crying bitterly or laughing hysterically have you told this to anybody older than 12. Loosing control over your mail shouldn't be the turning point in making a decision whether to emigrate or not.
Arguably this is already happening.
The turning point is often just the final straw, not "everything was 100% fine up until they started reading my email".
Fleeing is also an option, but I am 100% sure Sneak had more reasons to move abroad than just PATRIOT and NDAA.
 A decision of a court that assumes that a publication is violating another person's personal rights (a newspaper for example can be forced not to publish private pictures).
 All forms of movie ratings (also for computer games but not for books) motivated by youth protection.
 Media that is assumed to be very harmful to youth is indexed by the Bundesprüfstelle für jugendgefährdende Medien (Federal Department for Media Harmful to Young Persons). These publications are restricted in marketing but not de jure censored in general. Indexing can grant publicity but is often tried to prevent. The reduced violence in some German versions of movies and games that carry a USK rating have in fact not been censored, but the companies releasing them have decided themselves to remove certain content in order to make the media available to a wider audience.
 Publications violating laws (that restrict freedom of speech in general) can be censored; their authors can be penalised. Such restrictions are Volksverhetzung, slander and libel (which are in Germany Beleidigung, Verleumdung and Üble Nachrede). Especially Üble Nachrede (defamatory statement) scarcely causes censorship. Üble Nachrede (Defamatory statement) means violating personal rights by spreading gossip/news which are neither evidentially true or false.
Membership in a Nazi party, incitement of hatred against a segment of the population (Volksverhetzung) and Holocaust denial, are illegal in Germany. Publishing, television, public correspondence (including lectures), and music are censored accordingly, with legal consequences that may include jail time.
Wow, so much freedom the government must step in to stop people from thinking certain ideas, and voicing certain opinions, now that's freedom!
Let's talk about banned video games:
Soldier of Fortune: Payback - Banned due to high levels of gore (decapitations, dismemberments, and excessive blood-letting)
KZ Manager (1990-10-29/1990-11-19) - Banned because of Nazi references.
Condemned: Criminal Origins (Decision AG Munic February 2008) - Banned because of high impact violence and cruelty.
Condemned 2: Bloodshot - Banned because of high impact violence and cruelty.
Manhunt (all versions, 2004-07-19) - Banned because of high impact scary violence and cruelty.
Manhunt 2 - Banned for "gross, unrelenting, and gratuitous violence."
Dead Rising - Banned because of high impact violence and cruelty.
Dead Rising 2 - Banned because of high impact violence and cruelty.
Silent Hill: Homecoming (Uncut) - Banned because of high impact violence and cruelty.
Wolfenstein (Uncut) - Banned because of Nazi references.
Scarface: The World is Yours (Uncut) - Banned because of high impact violence and cruelty.
Left 4 Dead 2 (Uncut) - Banned because of high impact violence and cruelty.
The Darkness (Uncut European Xbox 360 version) - Banned because of Nazi signs in bonus comic.
Yes indeed, what a way to celebrate your new found freedom by cowardly running away to a country that itself was home to some of the worst atrocities known to man kind; further compounding your stupidity because that country itself has many banned topics, ideas, and restrictions on how you can express yourself.
You are a coward, and I say good riddance to you, because surely whenever things get tough in a country, the answer is to turn tail and run away to somewhere "better".
The USA PATRIOT Act turned 10 years old in October 2011. If it was going to get better, it would have happened in the first decade.
There are way more things you can't say in the USA than there are things you can't say in Germany. On paper, it certainly appears as if the US has more liberty, sure.
I realized that it was time to go when I walked up the path to the Jefferson Memorial and saw a sign indicating that carrying firearms is prohibited on the grounds.
The liberties that are guaranteed to you in the constitution are no longer real. The fact that Germany enumerates the specific things you can't say and do actually makes it much better here.
EDIT: Found the sign from the TJ memorial. I took a picture of it when I was in DC to visit the NSA's Crypto Museum. http://i.imgur.com/KROsp.jpg
I've lived in both, I can say with authority: One is a lot more free in practice, here. The police concern themselves with criminals, not with bullying. Surveillance is a lot less common. The government isn't wholesale tapping the fibers (or, if they are, they were slick enough to censor the news stories and books about them doing it, too). There aren't laws suspending certain groups' right to trial.
I agree with you completely about Scientology. And I'd rather have Scientology Centers on as many corners as Christian churches than have a government that colludes with private employers to screen new hires based on their religion.
It's one thing to say that the government should have nothing whatsoever to do with religion, including tax exemption. It's another to say that not only should the government be in the business of picking "legit" religions and designating others as scams or cults, but that it should then be using its power to coordinate a shunning of adherents to those religions.
It's not like the problem is that Germany doesn't respect Scientology. I could give a shit; I don't respect it either. It's that Germany thinks it's the role of the state to tell people what they can and can't believe.
Which makes it way different, from say, the Catholic Church.
Ridiculous. Name one.
There are tons of different forms of legal expression that directly lead to arrest in the USA.
And I'd rather be corralled into a "free speech zone" for expressing a countervailing political opinion than arrested and indicted for it, as you would be in Germany.
The people at the RNC _were_ arrested.
My point stands. If anything, you just reinforced it by pointing that out.
And then what happened to them?
The reality is, one nanny state is as good/bad as another. You can point to no objective evidence that Germany is a more enlightened, tolerant, or liberal nation than the US. It's great that you're happy there, but you shouldn't have to indulge in rhetorical gymnastics to affirm your decision to stay... and you can't possibly expect such cherry-picking to convince anyone else.
...says the smurf account. If you actually disagree with someone say it with your main or don't say it at all.
The comment you're responding to isn't a drive-by. It makes a substantive argument. If it's wrong, address the wrongness.
- is located off shore, preferably some small country with less draconian laws that exists now and could be implemented in near future (15 years?), BUT stable enough so that my service can be reliable,
- content of my emails is automatically encrypted,
- and at this point, I am fine with paying for my email. The amount of work it lets me do, I am fine with paying up to $49/month, I think.
Can't someone make a Chrome extension that does the same for Gmail, though? There seem to be a few solutions for Firefox.
If you trust the server to not backdoor your crypto... you can just trust the server to _do_ the crypto in the first place.
There is an effort underway to build better crypto APIs into browsers, but I'll bet you a bitcoin that it's super easy to fuck up the implementation of and most end up being insecure, and/or nobody ends up using it after all.
Google controls the key/cert that allows for Chrome extension updating...
And then of course I can't make everyone I communicate with use encryption. So all I can do is encrypt incoming mail, which is rather pointless because there's another unencrypted copy out there and the mail headers will give away where to look.
Just like they get their own pass for the TSA at airports.
This is why we host all our stuff ourselves in a UK DC. Snooping legislation is crazy in the land of the free
> A 19-year old from Lancashire has been sentenced to 16 weeks in a young offenders institution for refusing to give police the password to an encrypted file on his computer.
A police state doesn't require evil intent. On the contrary, each one starts out with the BEST of intentions.
However those who do nefarious things certainly don't do email.
My understanding is that this is still in the experimental stage.
It's not really a legal hiccup. Let's rewrite it without the editorializing:
"At the moment, Internet users enjoy more privacy rights if they keep their data private than if they share their data with non-governmental third parties..."
If you tell me you're planning to kill someone, the FBI doesn't need a search warrant to get me to testify about what you said. A subpoena will do. Why should it be different if you tell Google you're planning on killing someone, by storing "Killing Someone Plans.doc" on their servers in plain text?
Because there's an expectation of privacy when you store information with password protection.
The government can't demand to go look in your safety deposit box, it can't get your library check out records, it can't see how many airline miles you have, it can't read the mail in your PO box etc etc without a warrant. Of course, in some of those cases, the third party will cooperate without a warrant, but they're not required to.
The obvious answer is that too many Americans no longer believe in the basic rights to property and privacy. The civil liberty wing of the Democrat party has also been completely destroyed. It's not just the policy makers - it's the American people that are at fault. It's their sense of life, ideas and culture that is bankrupt.
"CNET has learned that Patrick Leahy, the influential Democratic chairman of the Senate Judiciary committee, has dramatically reshaped his legislation in response to law enforcement concerns. A vote on his bill, which now authorizes warrantless access to Americans' e-mail, is scheduled for next week."
I've always voted against Leahy, but I have almost no hope in voting him out. I think the last incumbent US Senator from Vermont to lose re-election was Luke Poland in 1867.
We need to know which ones did it. How it was done or who they took direction from is irrelevant. One or more Senators signed off on this.
Encryption solves absolutely nothing unless you're physically outside of the US.
The only way to deal with what's happening is to peacefully dismantle the monster in DC through voting (good luck of course). You can't have a government the size of the US, without it becoming totalitarian and destroying civil liberties - there's nothing else for something that big to do.
I mean, if some government agent rifles through their stuff in the cloud, the sheep don't care. But if they knock on the sheep's door and do it, then the sheep is going to get angry, if he's innocent.
Maybe it is just me, but the recent (absolutely justified) bashing of the GOP retraction the copyright policy paper makes me wonder, why negative GOP stories have always attached to the party name, while DEM stories are usually attributed to a single politician or the institution per se.
Let's not act like this is something new. Your rights to privacy have been gone for some time.
Call it an unrecoverable two-bit error, in your metaphor.
The bill covers every user of email, but it's not hard to make the argument that neither GPG or PGP are correctly usable by every user of email.
Despite there being a technical workaround, it's simply a kludge; strong civil liberties need to be in place, with encryption simply augmenting them.
I'd definitely consider abandoning plenty of USA-based services/business, use an alternative from some other place that has some regard for humanity, spread the word to people I know, maybe even making a living off of it
- "come to my service everyone, we're not .com!"
The relatively strong property rights and privacy laws that the US has enjoyed are being obliterated at warp speed (or more specifically, they're using the leap to digital as a means to bypass all the existing physical protections on the books, pretending none of it applies).