Slashdot Mirror

← Back to Stories (view on slashdot.org)

Police Want Fast Track To Get At Your Private Data

Posted by timothy on from the if-you-have-nothing-to-hide dept.

An anonymous reader writes "According to this story on CNET, police again are pushing for new laws requiring ISPs and webmail providers to store users' private data for five years and also want a new electronic way of speeding up subpoenas and search warrants via police-only encrypted portals at all ISPs and webmail providers."

38 of 301 comments (clear)

  1. Security keeps increasing... by Jorl17 · · Score: 5, Insightful

    As well as criminality. Can we see a pattern here? These measures don't seem to help at all. They are ethically wrong and have been empirically proven useless.

    --
    Have you heard about SoylentNews?
  2. Because they can?! by headkase · · Score: 4, Insightful

    They think just because they can it's a good idea? Doesn't sabotage the principles of free and open societies at all?! Imagine if they did in real life half the things they already do online. I'd have already picked up a gun just because others already would have too.

    --
    Shh.
  3. Okay, but on one condition by twidarkling · · Score: 4, Insightful

    The police have to pay for the storage. Since the amount of online data is constantly increasing, I figure having to lay out funds for that many terrabytes of storage should bankrupt them, and then they can focus on doing the job they *should* be doing (picking up garbage), instead of the one they *want* to be doing (invading privacy without probable cause).

    --
    Canada: The US's more awesome sibling.
    1. Re:Okay, but on one condition by The+Archon+V2.0 · · Score: 5, Insightful

      Pay for storage AND maintenance of said storage. The ISPs shouldn't be forced to spend a dime on this, even if it does pass.

      ISPs pay, increase rates to make up shortfall. Result: The average joe pays to lose his privacy.

      Government pays, increase taxes to make up shortfall. Result: The average joe pays to lose his privacy.

      I'd like a third option, please. How about "we don't do it and no one pays"?

    2. Re:Okay, but on one condition by Anonymous Coward · · Score: 1, Insightful

      You're modded funny, but...I'd angrily mod you "short sighted" if I could.

      If the police had to pay for storage, you know they'd just raise taxes to do it. And then they'd hire their inept DBA, backups, and lose them to some intern unencrypted in the back seat of his car.

      But it is a great observation, that aside...

      I have a hardware random number generator. If there's anyone in a country/location that does log all traffic, I'd be more than happy to dump 50% of its entropy into netcat at the port of your choice, at the (reasonable) rate of your choice. TCP, UDP, strange looking HTTP ...whatever

      If you really want, I'll even have it send the XOR of the webpage of your choice with that output just so you can actually identify what it is (even if you don't know the key)--that way you can produce the plaintext if you're ordered to in Britain.

      Anyone interested--leave a reply with contact method. I've got lots of bandwidth...and I really love the notion of filling up drives at some defense department with truly random numbers for giggles. Maybe I should use DES or RC4 on a counter key just to be sure some CPU cycles are wasted cracking it...

      CAPTCHA = "bluffing"

  4. Bore them to death by mollog · · Score: 2, Insightful

    Hey, they can look at my data. It will bore them to death.

    Seriously, the internet has enabled a range of new criminal activity. This move to preserve data and mine it is to be expected. As time goes on, it will get worse.

    I'm reminded of how people used to live in small towns and everybody knew everybody else's business. The only difference is that, now, police agencies and other spying organizations can conceal their activities. I vote that ISP's must reveal who asked for what.

    --
    Best regards.
    1. Re:Bore them to death by sakdoctor · · Score: 5, Insightful

      Nobody knows how totalitarian their country will be in 5 years.
      Best to assume the worst extrapolating from today's trajectory.

    2. Re:Bore them to death by Jorl17 · · Score: 5, Insightful

      We need a revolution, that's all. Democracy isn't ruling the world -- politicians are. And politicians are nowhere near what we need.
      Once again, we need a revolution. We need to take control. We must take control and save the world.

      --
      Have you heard about SoylentNews?
    3. Re:Bore them to death by Grishnakh · · Score: 4, Insightful

      Meet the new boss, same as the old boss.

    4. Re:Bore them to death by zippthorne · · Score: 4, Insightful

      "If you don't have anything to hide, you don't have anything to fear" is exactly backwards. If you've actually committed a crime, I don't care about your privacy. I only care about the privacy of people who haven't committed crimes. I think we should care about it so much that we protect the criminals, too.

      Protected rights aren't supposed to be loopholes with which to "get away with stuff." That's just a side effect of the real purpose of protecting your rights.

      Just because your data is boring to a law enforcement agent, does not mean that your data will be boring to everyone that subsequently has access to it, including people who are in addition to being LEOs also people who have an interest in you, personally.

      --
      Can you be Even More Awesome?!
    5. Re:Bore them to death by Anonymous Coward · · Score: 1, Insightful

      It's really not worth a lot considering that it's pretty much ignored these days.

    6. Re:Bore them to death by IdleTime · · Score: 3, Insightful

      What the US need is an equivalent to the Norwegian Data Inspectorate, see English webpage at http://www.datatilsynet.no/templates/Page____194.aspx

      --
      If you mod me down, I *will* introduce you to my sister!
    7. Re:Bore them to death by ObsessiveMathsFreak · · Score: 2, Insightful

      Once again, we need a revolution. We need to take control. We must take control and save the world.

      Great idea! I'll be the leader. You all just do exactly what I say and we'll topple the bourgeoisie elites and bring about... whatever it is you wanted exactly. The important part is that you have to pick me to be the leader. Every revolution needs a good dic^H^H^Hleader after all.

      --
      May the Maths Be with you!
    8. Re:Bore them to death by Anonymous Coward · · Score: 1, Insightful

          The US federal government doesn't own any state.

          In fact, through a constitutional convention (called by a minimum of 35 states), the states have the power to amend the constitution without an amendment coming from Congress, completely rewrite it, and/or dissolve the federal government and start again.

          The encroachment of federalism this last 80 years does not change the fact that the true power is in the people, and the states.

    9. Re:Bore them to death by Anonymous Coward · · Score: 1, Insightful

      Right, because in five years the culture of law enforcement and the country it is a part of is going to radically change.

      It already radically changed DAYS after 9/11, but you think five years is too short a time?

      In the days before 9/11 the patriot act would have been unthinkable, and any senator voting for it would have been ousted. The same people pushing for all this surveillance today are all the conservative NRA members who bitch that the government even has the right to force them to register their gun. Now they're ok with shit like this.

    10. Re:Bore them to death by Anonymous Coward · · Score: 3, Insightful

      You have already committed a crime, guaranteed. The sheer number of laws already in place in the US neatly assures that you have committed at least some sort of crime. It is merely a question of whether or not you are charged with something.

    11. Re:Bore them to death by Anonymous+Cowpat · · Score: 3, Insightful

      so does the European Convention on Human Rights (and, by incorporation, the Human Rights Act 1998), and general common law principle. It won't stop the government trying to do it, and it won't always stop them getting away with it either.

      --
      FGD 135
    12. Re:Bore them to death by Grishnakh · · Score: 4, Insightful

      Just because the Constitution says something doesn't mean it's true. After all, our government has been happily ignoring the Constitution for decades now.

      The "true power" is with the Federal Government, in a de facto fashion. The States are a joke, and would never stand up to the Federal gov. And the people are just sheep. They're not going to stand up to the government either.

    13. Re:Bore them to death by Jason+Levine · · Score: 2, Insightful

      We can solve this problem simply and easily. A person can donate as much money to any candidate they can vote for, otherwise it is strictly forbidden.

      I'm guessing by this you mean companies are forbidden from contributing but people can. No problem, my very wealthy Company Inc will just fund a Interested Persons group which will write checks to top members. They get to cash the checks and keep 10% if they write another check giving the remaining 90% of the amount to Candidate Joe Smith.

      I'd also make sure that EVERYONE over 18 had to write a check out to the IRS, for some amount, say $25 (or so) "person" tax. The reason for this is because people who don't pay ANY taxes (now about 50% of the population) don't care about how government spends other people's money.

      And how are you going to make the Miller family who lost their house and all of their savings from bad investments, scammers, job loss, or whatever other reason pay the $25 fee? Would this mean that people who are desperate for food/shelter/medical protection/etc won't have a voice in the government?

      --
      My sci-fi novel, Ghost Thief, is now available from Amazon.com.
    14. Re:Bore them to death by e9th · · Score: 2, Insightful

      Isn't that what the US effectively was up until the Civil War? "States Rights" came to mean merely supporting slavery (later, racial discrimination), and everything started to slide downhill from there. Now we're at the point where someone will complain if one state has different home schooling rules than another.

    15. Re:Bore them to death by FiloEleven · · Score: 2, Insightful

      The States are a joke, and would never stand up to the Federal gov.

      This is provably untrue. That article's from last February, and I think there are now 16 states which have introduced resolutions to reaffirm their rights under the 10th Amendment. Oklahoma's passed; their may be others by now. And it's not only abstract affirmations being passed--CA and other states' marijuana laws are out of sync with the federal government, and Montana has exempted its firearms from federal regulation.

      Washington won't give up without a fight, as shown by the Supreme Court case regarding federal medical marijuana raids in CA in which the justices twisted "interstate commerce" to mean "intrastate commerce," and though Obama's administration has stopped raiding they still claim the authority to do so.

      As a result, Montana went further by explicitly declaring,

      A personal firearm, a firearm accessory, or ammunition that is manufactured...in Montana and that remains within the borders of Montana is not subject to federal law or federal regulation, including registration, under the authority of congress to regulate interstate commerce. It is declared by the legislature that those items have not traveled in interstate commerce.

      On the day the bill passed, a test case was filed to see what Washington's response will be, but that is of course unresolved. Since its passing, a dozen other states have introduced similar legislation. The outcome will be a very good indicator of what the federal government will put up with and what we will have to take back more forcefully. (It's almost unfortunate that my text is about guns, because I am certainly not talking about physical force here--that step is a long way off and likely unnecessary.)

      And the people are just sheep. They're not going to stand up to the government either.

      They will if given the option. Most don't know it exists, and others who might are disinclined to help because they're tired of being called "sheep" by everyone who thinks he has the answers. If you want people to think differently you have to give them the option by talking with them instead of only about them.

      --
      Your brain is not a computer.
    16. Re:Bore them to death by Anonymous Coward · · Score: 1, Insightful

      We need to take control. We must take control and save the world.

      This has been US foreign policy for the last 70 years. Call me a cynic, but maybe it's time to try something different?

  5. A road paved in good intentions by CorporateSuit · · Score: 2, Insightful

    Just where is it taking us?

    --
    I am the richest astronaut ever to win the superbowl.
    1. Re:A road paved in good intentions by Xelios · · Score: 3, Insightful

      I wouldn't even call this good intention, it's nothing but an attempt to bypass some paper work at the expense of privacy.

      They argue that e-mailing a court order is too slow. Well no, e-mailing it is nearly instantaneous, it's the response that's slow. That's a problem that shouldn't require unfettered access to private data to fix. A simple piece of legislation stating ISP's must respond to legal requests by law enforcement within x days should do it.

      As for data not being retained long enough, 20 years ago police departments didn't have any web data at all, and they still managed to do their jobs. I'm sure they'd like to have 5 years of retained data to mine, but considering the implications for privacy and security I don't think this convenience is worth it.

      --
      Murphey's fighting Occam, and we're in the stands.
  6. NO! by russotto · · Score: 5, Insightful

    It's no great surprise the cops want this. But can you imagine the response of banks (and customers) if the police were to demand a special door in every bank so they could waltz in and search the safety deposit boxes at their convenience? Of homeowners if the cops were to demand a master key to every house to make search warrants easier to execute?

    Unfortunately, when it comes to electronic records, lawmakers seem to think expanding the AT&T NSA rooms to access portals for every cop in the country is a great idea.

  7. Tyrants... by ground.zero.612 · · Score: 2, Insightful

    need to put to death.

    There are going to be a lot of jackasses that comment with "so what you should have nothing to hide" or "that's what you get when you don't run your own email server" etc.

    My question is, how many people would it acceptable if the USPO opened all your mail and made photocopies of it to store for their own use? What about UPS, or FedEx?

    The solution everyone is too afraid to talk about is simple: kill the tyrants.

    That will send a message to the other tyrants that we are no longer in the position to have our privacy, our freedom, and our liberty trampled upon.

    --
    "Be prepared, son. That's my motto. Be prepared." --Joe Hallenbeck
    1. Re:Tyrants... by RiffRafff · · Score: 2, Insightful

      They probably ARE keeping a file, but not for the reason you hope. Mostly because citizens who understand the Constitution, and remember that Thomas Jefferson once said, "the tree of liberty must be refreshed from time to time with the blood of patriots and tyrants," are a stumbling block to wider and wider police powers. That that makes them a threat.

      --
      "I might have made a tactical error in not going to a physician for 20 years." -- Warren Zevon
    2. Re:Tyrants... by ground.zero.612 · · Score: 2, Insightful

      Sounds like you are making a very good case for the police to monitor YOUR communications - you speak exactly like a terrorist.

      You sound like someone who might want to bomb government buildings in the name of liberty.

      I hope the authorities ARE keeping a file on you. :-)

      So says the anonymous coward.

      I believe what I said, and I am blessed with the right to say it solely due to others that believed the same.

      Tyrants must be put to death. If you don't put them to death, you don't deserve the basic rights, freedoms, and liberties that they will rob you of. It saddens me that people either don't know this or need to be reminded of it. These rights and freedoms are gifts to us that have been paid for with blood.

      --
      "Be prepared, son. That's my motto. Be prepared." --Joe Hallenbeck
  8. Police-only encrypted portals??? by RiffRafff · · Score: 3, Insightful

    Police-only encrypted portals?

    Hmmmm... sounds like a challenge.

    --
    "I might have made a tactical error in not going to a physician for 20 years." -- Warren Zevon
  9. Bad bad Idea. by Asadullah+Ahmad · · Score: 2, Insightful

    Anything that gives too much centralized and easy access to thousands of users' data is a terrible thing to even consider, be it for Police or whatever.

    Law enforcement agencies are not filled with angles who will just stick to a line if they have access like this.

  10. Police want... by pluther · · Score: 2, Insightful

    And criminals want to be given everything they want without having to work for it first.

    They both need to grow the fuck up, and leave the rest of us alone.

    --
    If the masses can keep you down, you're not the Ubermensch.
  11. Smacks of Corruption. by Anonymous Coward · · Score: 1, Insightful

    "...via police-only encrypted portals at all ISPs and webmail providers.

    Er, why don't you just hang a big sign over this system that says "Hack Me!"? And "police only"? Like we've never put the words "Police" and "Corruption" together before. I also like how they use the term "speed up" when referring to the process of obtaining search warrants and subpoenas. I think what they really mean to say is "go around".

    I can just see it now. Users with access to this "all-seeing" system bankrolled by lawyers to either "clean" users data, or create some "evidence"...

    The corruption smacks harder than S&M porn.

  12. A real boon for the bad guys. by OFnow · · Score: 2, Insightful

    The bad guys are way better at getting this sort of data out of the ISPs
    than the ISPs are at protecting it. The scammers are going to love
    this new data, nicely collecting valid IP addresses, email addresses,
    and more in convenient form to steal.

  13. And of course by sjames · · Score: 3, Insightful

    They want provisions to pay for all the extra storage and have provided a mechanism to verify a judge's sign-off and create a public record of the judicial process, right?

    What are all those crickets doing in here?

  14. Re: not their business by mollog · · Score: 4, Insightful

    I agree that until they have a very specific reason to be looking at my data, they have no business with my data. But I also acknowledge that, starting soon after 9/11, they started looking at my data despite laws that were supposed to prevent that.

    And I also acknowledge that they will construe my information in ways that will put me at a disadvantage because I supported such-and-so politician, or because I looked into the side-effects of medication X. This manner of data-mining is already happening. Outlawing it is fruitless, but we can make laws that disclose who has looked at my data.

    Until we have a sort of reciprocity wrt searching data, until we know who has been doing it, we will be at a disadvantage. The searching is already happening. But who is watching the watch-birds? That's what I want to know.

    --
    Best regards.
  15. Hey, coppers, first do this! by haruchai · · Score: 4, Insightful

    You want the keys to the kingdom? Prove you can be trusted

    1.) All police officers, all employees of all police forces that may have any kind access to confidential data and any contractors or consultants
              must submit to annual interviews including polygraphs regarding their activities, private and professional, past and present.
              The Canadian Mounties have a process like this for applicants but I don't think it's done once you become a constable.
      2.) No question is off-limits; all questions must be answered.
      3.) Failure to submit or answer a question will result in dismissal.
      4.) All interviews are to be observed by a panel of witnesses of which several are private citizens
      5.) All (unedited) interviews will be available to the public upon request.

    If those conditions are met, then I'll gladly comply with your requests for private data.

    --
    Pain is merely failure leaving the body
  16. 3 different levels of scare by davidwr · · Score: 4, Insightful

    I see 3 major issues:

    * the desire for electronic-speed/non-paper efficiency from the police point of view

    * the desire not to have records be routinely destroyed between the receipt of a police request and the time the record is scheduled for destruction, i.e. "almost immediate" data-freezing

    * (not stated, but probably desired) the desire to have historical information available for years.

    Traditional phone companies already keep records of what phone called what phone for 2 years, which IMHO is about 22 months too long. I'm sure the police would love similar transaction records of who emailed whom and who chatted with whom going back that far, and they would salivate over having the actual content of the communications for that long.

    As a taxpayer, I'm all for increased efficiency as long as it doesn't increase the "efficiency" of illegal or barely-legal-but-inappropriate records requests. It also makes sense that data-retention requests should be honored as soon as practical, not "oops, we just now got around to processing your request from yesterday, the data you want was purged last night, sorry."

    However, transaction records and other records should not be kept any longer than necessary for billing and other internal processes. For most services which aren't billed a la carte or per-bit or per-transaction, we are talking days, max, for individual records. For billed services, they need to be kept until the billing=dispute deadline has passed or until all billing disputes are finalized, or the normal "few days," whichever is later.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  17. Re:Kevin Mitnick needed by Anonymous Coward · · Score: 1, Insightful

    As you just found out, the Chinese have been cracking exactly this type of system for years, and using it for serious international espionage.

    It might be a good idea to stop blindly rolling out law-enforcement intercept systems with any kind of unclassified endpoints and take a very, very serious look at the national security implications of storing this data. It is useful data for anyone of nefarious intent to mine, and a centralised point of attack to obtain unfettered access to it.