Slashdot Mirror

← Back to Stories (view on slashdot.org)

Court Upholds Warrantless Internet Snooping

Posted by kdawson on from the repeat-after-me-you-have-no-expectation dept.

amigoro writes to let us know about an appeals court ruling on Friday that holds that federal agents can snoop on an individual's web surfing, email and all other forms of Internet communication habits without a warrant. The court found recording this kind of information to be analogous to the use of a pen register. In 1979 the Supreme Court ruled that this technique did not constitute a search for Fourth Amendment purposes.

6 of 173 comments (clear)

  1. Maybe it is the same. But I'm not convinced. by khasim · · Score: 4, Interesting

    With a "pen register" all they get is the phone number you called.

    That would be analogous to the IP address that you connected to (and maybe the port).

    The question is how are they capturing the IP addresses? If they're capturing the packets, that's the same as a wiretap.

    Encryption. Learn it. Love it. Live it.

    1. Re:Maybe it is the same. But I'm not convinced. by ScrewMaster · · Score: 4, Interesting

      Encryption. Learn it. Love it. Live it.

      Until they illegalize it. Or, as I understand England has done, simply make it illegal to withhold your keys from government agents.

      --
      The higher the technology, the sharper that two-edged sword.
    2. Re:Maybe it is the same. But I'm not convinced. by Ngwenya · · Score: 4, Interesting

      Until they illegalize it.


      Extremely unlikely. You'd be trashing the entire electronic commerce infrastructure which relies on solid encryption. And there's no way a corporately oriented government system is going to do that.

      Anyway - you've got no worries. If the USG tried that, you'd use all those wonderful 2nd-amendment protected firearms to overthrow it? :-) OK - snarky Brit comment over. Back to the normally scheduled stuff.

      Or, as I understand England has done, simply make it illegal to withhold your keys from government agents.


      You mean the United Kingdom. Sadly Scotland is also sucked into RIP silliness.

      The police and other law enforcement agencies still need a judicially signed warrant to obtain those keys. There's all sorts of stupidities in there - but let me ask a question: Why should you be able to refuse to obey a properly formed court order? If they served a legitimate court order to hand over they keys to your house, should it be legal to flip them the finger? If you think that encryption keys are somehow immune to warranted seizure, you have to say why. Alternatively, if you think that all court seizure orders are wrong, then you probably have to defend that one even more!

      I don't have a problem with warranted search and seizure. I have a huge problem with the LEAs thinking that privacy is solely a cover for people to do evil things.

      --Ng
  2. Address implies content by Harmonious+Botch · · Score: 5, Interesting
    From TFA

    ...the court said, although the government learns what computer sites someone visited, "it does not find out the contents of the messages or the particular pages on the Web sites the person viewed."

    The search is no more intrusive than officers' examination of a list of phone numbers or the outside of a mailed package, neither of which requires a warrant, Judge Raymond Fisher said in the 3-0 ruling. I think that his honor missed something here. He seems to be saying that knowing the address of a web page is like knowing the address on an envelope, and in either case the contents is not being snooped upon. In the case of the letter he would be right, for a letter can contain anything ( I could mail a recipe for braised goat's eyes to Bin Laden ).
    But a web address often has a 1-to-1 corespondence with its contents. Knowing the address is one simple - and undetectable - step from knowing the contents. They are doing an unconstitutional search here.
    1. Re:Address implies content by slashqwerty · · Score: 4, Interesting
      Something to keep in mind. The internet isn't so different from the mail. Simply knowing who someone communicated with provides the government with enough knowledge to track down someone who leaks embarrassing information to the press. From the U.S. Postal Museum in Washington, D.C.

      At the beginning of the new America, nearly all the news came by mail. When the Constitution was signed, it was rushed by post riders to every town that had a printing press. And that's how the newspapers were able to bring the resounding news of how we were to govern ourselves. The newspapers knew of it first by mail.

      In England, for centuries, the mail was frequently scrutinized by agents of the Crown or of the Parliament. It could be worth your life to write a letter that might be seen as having the seeds of treason. This did not happen here. From the beginning, by and large, the U.S. mails have been free of eyes other than our own and those of the sender.

      To the framers of the Constitution, the mail made the engine of democracy run--along with the newspapers. And newspapers then printed a good deal of correspondence. Rufus Putnam, a key military figure in the Revolutionary War, said, "The knowledge diffused among the people by newspapers, by correspondence between friends" was crucial to the future of the nation. "Nothing can be more fatal to a republican government than ignorance among its citizens."

      As a journalist, I have sometimes been asked where my leads for stories come from. Much of the time, they come from opening the mail. Readers from all over the country send personal stories, newspaper clippings, local court decisions, and student newspaper editorials arguing for the First Amendment rights of students. There is no other way I would have known about these stories except through the mail. It is through letters that I often receive highly confidential stories about unfairness in the justice system from people who would not trust any other form of communication.

      The framers of the Constitution knew how vital the mail would be when Article I was written to protect privacy of communication through the mail.

  3. The laws are technologically obsolete by hey! · · Score: 4, Interesting

    The laws were written with specific technologies in mind.

    For example a wiretap is conceptually, if not legally, tied to telephony. In order to be a wiretap, a communication must have an aural component. Thus intercepting an email being sent over WiFi is not a wiretap, but a VoIP intercept is. Likewise intercepting an email with a voice mail attachment (such as might be generated by a voice mail/email gateway on a system like Asterix) might qualify as a wiretap.

    There are provisions for controlling the reading of text messages, but the law is written for a system like the old Telex system, in which the messages are ephemeral,but stored in temporary buffers at various stages of delivery. Thus while intercepting an email in a transfer agent queue is questionable, once it is delivered to your email box at the ISP, it becomes fair game. It is no longer in transit, but stored on a server. In the days of Telex, you'd take your message of the teleprinter, read it, and shred it, knowing that it was gone forever, not recoverable from your mail box or from backup tapes.

    The third part of the ECPA laws deals with something called a Pen Register: a device that is attached to an old fashioned phone line to capture the in-band signaling of the phone numbers being called. Even though the privacy concerns for email or web proxy logs are identical, these situations are not covered by the Pen Register Act.

    The underlying problem is this: although attempts were made in the laws to make them independent of a specific technology, those efforts failed because US law (unlike EU law) does not recognize a fundamental right to private communication. There are packages of specific rights secured by the Bill of Rights, statutes and common law privacy concerns, but these rights are much less than a true right of private communication. The reason is that you can't have a meaningful right to private communication when that communication is mediated by a third party like an ISP or a telephone company, not unless you have a fundamental right to informational privacy.

    Without a right to information privacy, anything that falls into the hands of a third party is fair game. This includes information ISPs or telephone companies store in order to route and deliver a message, up to and including the entire content of the message. ECPA, which consists of the Wiretap Act, the Stored Communications Privacy Act and Pen Register Act, closed these loopholes in its time, but as of today those loopholes are wide open again.

    This process will repeat itself forever, no matter how many times we close the loophole, until a fundamental right of informational privacy is recognized. We could do that be adopting into law the EU Data Directive. The reason we don't is that this would hurt US companies which are flourishing by exploiting the America's backwater status when it comes to privacy.

    --
    Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.