Could he sell the business? If so, at what point does the new owner get to find out they have extra non-negotiable obligations to the government?
That's absolutely brilliant and insightful - there are 192,499 (1) NSL's issued - which either will represent a huge and uncountable liability during due diligence or a massive impact on M&A work in the future.
It is stupid. It is blatantly Unconstitutional. I would hope he'd be suing for declaratory judgement that his conduct did not violate the law (now that he has been threatened with arrest he has standing to sue, I think).
I think now the real question is, as an internet community, what are we going to do about it?
Are we going to build something that 'routes around' this? Are we going to protest? Or are we just going to keep identifying the problem and complaining about it on Twitter?
I'm not saying that I'm not one of those people too - I'm just saying we need to start thinking about action and not identification.
I'm hoping that's the next article Bruce writes.
Part of the problem is that other than the EFF and ACLU, there isn't really a "privacy lobby" in the US. And neither of these organizations are effective in shaping election outcomes.
What is needed is something like the 2nd-ammendment lobby or the "Family Values" lobby--one that not only talks about policy, but one which also rewards allies and penalizes enemies at the ballot box. The way that the NRA and the Christian Coalition do it is through grass-roots organizing, and a massive donor base that they basically direct in a centralized manner, which puts them in an unassailable negotiating position on Capital Hill.
The concept of the applying the lessons of the 2nd Amendment lobby was extensively discussed here: http://news.ycombinator.com/item?id=6185138
Here's the contents of my top comment, which I think frames the concept well:
"Until we have specific, actual, real privacy atrocities I can't see this effort getting the traction of any of the groups you've specified. Labor had company towns and less but still specifically abusive employers, with plenty of specific people maimed or killed in unsafe workplaces or labor actions. Environmentalists had deformed children from Japanese industrial mercury dumping, and, oh, the Cuyahoga River catching on fire. Gun grabbers have killed, maimed, or otherwise grossly abused thousands of people and that continues to this day.
"What specific incidents, with victims most will empathize with, can the privacy effort point to?"
And in e.g. the case of MLK they were famously unsuccessful. I claim you need atrocities committed upon "victims most will empathize with"; the latter excludes "rioting hippies" and the like, especially after the Weather Underground and company started bombing and killing people.
E.g. I was just past the threshold of becoming politically aware when this happened: https://en.wikipedia.org/wiki/Sterling_Hall_bombing and it shocked and appalled the nation.
Funding could be from cloud providers who are getting screwed; even Google probably loses a marginal $100mm due to this issue, so for them funding a PAC with $25mm would be a rational choice. Plus, being anti-NSA is a great recruiting/retention thing for employees, so any worthwhile tech company could probably justify PAC support just as an HR and marketing expense.
You could probably get the tea party side, and civil libertarians in general, for free, but they're not a meaningful political bloc. The problem is at least some of the tea party side would be pro-military and might view support of NSA as supporting the military.
We already know from history that the American system can draw back from this sort of thing (https://en.wikipedia.org/wiki/Church_Committee), it's way too early to assume that won't happen again. (One caveat, the Church Committee did its work after the death of J. Edgar Hoover.)
We also won the Cold War/Clinton era "Crypto Wars"; this account is U.K. centric (I'm amazed at their success), I'll note we won earlier in the US: http://wiki.openrightsgroup.org/wiki/Crypto_Wars (HT betterunix in this current discussion: https://news.ycombinator.com/item?id=6302520).
I think we must also assume that protesting (both to our peers and our so-called "representatives") won't achieve much, at least for the foreseeable future. There's too much money being poured into the right pockets, and too many of the wrong people in the wrong places in government to dislodge. And even if this particular group of authoritarians are removed, there are plenty of replacements waiting in the wings to take their place.
For this reason, I think your first option ("build something that 'routes around' this") is the best. Granted, it's easy to hand-wave and say that this can be done -- but we cannot otherwise assume that the people and agencies which have lied to us in the past will quickly turn over a new leaf and respect our Constitutional rights. We must assume that they will continue to snoop on us, and respond appropriately: peacefully, and cleverly.
In this article, he made a very clumsy attack on the current Internet ecosystem; there's a good case to be made for it (see other comments in the topic), but he didn't make it and sounds like a generic anti-business crank.
Which might be the truth, the really startling omission in this article is the ultimate fate of Joseph Nacchio, who was convicted of the very nebulous crime of insider trading. Even if you think government was or might have been right about him, you ought to accept that a lot of executives will assume in this Three Felonies a Day legal environment that the government will get them some way, some how if they resist like Nacchio indisputably did.
Middle of the road, all-too-careful opinions are totally off base with reality.
With comments to HN or public comments on blog posts, etc. I think that the government could have gotten it anyway. If the government wants to snoop on things I say publically there isn't much I can do about it. But with private emails, it's a different matter. The question is, "what will someone think if they read this?" And so those emails end up self-censored, not discussing big controversies, and I put the political thoughts out there front and center for all to see.
So it means that for HN, no difference. I will say what i would say before. Same for any other public comment area. But there are things now that I would say in public that I am not sure I would say in private.
That's probably the feeling of most people. Martin Fowler wrote an insightful post about this subject:
Privacy Protects Bothersome People
…and isn't about me (or probably you)
He argues that privacy on the internet is important, not because normal people have something to hide, but because journalists and activists (or other counterpowers in a well-balanced democracy) need a certain level of privacy in order to work.
Yet, even some of the nuttiest, worst-case scenarios that people feared about in the wake of the Clipper Chip debacle have been surpassed by reality.
It boggles the mind.
You are missing a word: yet. You are not interesting yet. You might become interesting some time in the future, and discover that what you thought were uninteresting conversations today can be used against you. Here is a famous example:
"Following the Nazis' invasion of the Soviet Union, the Guild gave its support to President Roosevelt's wartime policies, including that of Japanese American internment."
Would people say the same if Ficher's "youthful indiscretion" if he'd worked for a Nazi front after, say, Kristallnacht? (See the above quote, they wouldn't have between 23 August 1939 and 22 June 1941.) Was it that difficult for Ficher avoid working for a cause dedicated to the violent overthrow of the US government and the liquidation of its "capitalist" classes including the wealthier farmers?
Of course, that's one of the aims of a surveillance state: if any word or action could be used against you, then people mainly police themselves.
"Right. Send him to Guantanamo!"
Reminds me of this old chestnut:
Q: Why does the government prosecute the Mafia?
A: They don't want any competition.
But other than that, regulation? Even if it worked in the US would the Chinese or Russians agree?
I think perhaps its all or nothing.
The Thirteenth Amendment makes it pretty clear you can't force a person to work, unless they've been convicted of a crime. There may be an argument that he violated the NSL, but that's not the same thing.
Rsync.net does this:
It's not clear whether the secret courts that enforce NSLs could consider this a legitimate loophole or too cute to get away with, but I wouldn't hold my breath.
The people who do this for a living aren't stupid, and most of them probably don't even think they're being evil.
The deal with the warrant canary is the guy signs a new message every (day?), actively affirming that he hasn't been served with any such secret warrants.
What if he gets tired of it? Same with running the business? You can't be compelled to work forever, neither for free or otherwise.
tl;dr Yes, these NSL have compelled people to directly lie.
And I don't see why the courts couldn't do that, as lying isn't even a crime. Maintaining the posting isn't even actively telling a lie, you're just not changing anything from the way it was before. So I could definitely see the same court that authorized these sweeping movements also supporting prosecution if you tip your hand on these matters; it's national security on the line, after all!
And even if the courts wouldn't force you to lie, the FBI could still attempt to prosecute you for not lying, and for taking action that directly reveals your receipt of the letter. Even if the court is opposed to it, it will be a lengthy process, and because of "national security!" you may not even get that far. From the government's perspective, you're enabling terrorists through secret and underhanded messaging, so you're already behind the ball both in the judicial court and in the court of public opinion.
Take, for example, the necessarily anonymous writings from 2007 from an NSL recipient:
> Living under the gag order has been stressful and surreal. Under the threat of criminal prosecution, I must hide all aspects of my involvement in the case -- including the mere fact that I received an NSL -- from my colleagues, my family and my friends. When I meet with my attorneys I cannot tell my girlfriend where I am going or where I have been. I hide any papers related to the case in a place where she will not look. When clients and friends ask me whether I am the one challenging the constitutionality of the NSL statute, I have no choice but to look them in the eye and lie.
So yes, even the person who has done the most to stop NSL, has been compelled to lie directly to his friends and colleagues.
Sure you can. For one, what about people pleading guilty, when they are not, just because their case looks bad and they want to avoid a trial that can put then in jail for decades and get a plea bargain?
That's actually encouraged by the DAs.
The logistics behind this might be hard to pull off. I really don't know enough to know whether something like this is feasible, but if the concept was feasible to implement, it seems like you can just publicly announce ahead of time that the system is in place, and it's out of your hands.
The argument against building systems to amass huge databases of personal information has always been that the very existence of such systems would almost inevitably lead to abuse, through inappropriate expansion of the collection activity and through inappropriate uses of the resulting database. It's simply too tempting a target to leave unmolested.
From that point of view, storing and analyzing large amounts of data is "invalid conduct."
Current events are just history proving this out yet again.
The fundamental property of land is spatial relation. Using that, you can build a town of little houses, where everybody has a modest and equal helping of privacy. You can build a giant open agora, where everybody can see everybody's business. Or you can build a panoptic prison: http://en.wikipedia.org/wiki/Panopticon
That's your prerogative, of course, but we're talking about the past now. It's not theoretical anymore. It has really happened, it is really happening.
I'd like to point out that theses abuses weren't done by the data holders but by the government...
You are drawing a sharp line between private enterprise and the government, but it seems like an increasingly irrelevant, imaginary distinction.
From a practical point of view, for the average user on the modern web, there never was such a distinction worth making, as it turns out. The "data holders" will rat you out to the government and the government will give orders to the "data holders" that they simply have to comply with. In many respects, the "data holders" may as well be another government office, from a privacy-minded point of view.
Neither can the NSA.
Remember this? (http://www.theatlanticwire.com/national/2013/08/government-k...)
Cops searched this family's house at a private corporation's behest, more or less. The fact that a large database is privately held isn't going to protect you from the government.
Skip to the update:
Her employer tipped off the FBI after seeing suspicious searches show up in their logs. Not Google.
Please check your facts and leave the tinfoil hat hysterics at the door.
I'm worried about what the NSA is doing too, but making shit up doesn't help.
Yes, that's what I said in my comment, that's what it says in the link you just posted, that's what it says in the link I posted, and that is the story you are telling me now as some sort of correction.
It's not hysteria to say that they got their house searched as a result of a Google search, or as the ultimate result of the actions of a private corporation; those are facts we apparently agree on, facts that every single media report on the incident agreed on, AFAIK. Its the consensus view.
Just to be clear that example you offer is a case of an employer monitoring employee activity on company equipment, which is another can of worms: http://www.wired.com/threatlevel/2013/08/pressure-cooker/
Also it's not an account of action taken against consumers or users, nor is it any example of a "large database".