Slashdot Mirror
US Police Increasingly Peeping At Email, IMs
angry tapir writes "US law enforcement organizations are making tens of thousands of requests for private electronic information from companies such as Sprint, Facebook and AOL, but few detailed statistics are available, according to a privacy researcher. Police and other agencies have 'enthusiastically embraced' asking for e-mail, instant messages and mobile-phone location data, but there's no US federal law that requires the reporting of requests for stored communications data, according to Christopher Soghoian, a doctoral candidate at the School of Informatics and Computing at Indiana University."
I had an out-of-state police dept. gain access to my Gmail account for a joke email I forwarded to somebody who requested it. The intended recipient provided me the wrong email address (off by one letter) and it ended up in the wrong mailbox. It was not threatening/sick/graphic, yet they were able to access my account and locate me by phone.
This has already been reported
What's it got to say about this kind of thing?
Any statute which purports to give the government access to our electronic communications without a warrant is not a law at all. It's a usurpation.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Welcome to the land of the free and the home of the brave, where big brother can ask for all of your private information and it will be handed over without record.
Where there is no Fourth amendment, and judicial oversight are things of the past. Where you have no expectation of privacy, and the government involves itself in every aspect of your life.
Never talk to the rest of the world about your freedoms and your wonderful society ... it doesn't exist as you remember it, and you're happy to be blissfully aware as long as they keep putting out American Idol and Facebook stays online.
You guys really need to reign in your government, before it's too late for all of us ... because once your government fully becomes asshats who don't respect your rights, all of the rest of us are completely fucked.
You're on your way to being worse than the soviets ever dreamed of.
Run your own mail server. It's not a complete solution, since in principle ISPs could be storing data transmitted over their networks, but it at least makes it more expensive to violate your privacy.
But Gmail? Facebook? I am continually amazed by people who store their personal data in these places and expect it to stay private.
My father is a cop, supervisor of investigations here actually, and I asked him about this once. If I remember correctly, the standard our police use is that any electronic documents that you have in your possession (i.e. a cell phone pic or document on a laptop) at the time of arrest are free game unless they are locked, encrypted, etc. If the document is not in your immediate possession (readable with out connecting to a server or decrypting), then they need a warrant from a judge to view them. The concept is the same as a locked briefcase, they can't force you to open it with out a warrant.
Also, Keep in mind that just because they are making the requests, doesn't mean they are being honored. I didn't see any thing in the article citing how many of these requests were actually processed, and the desired information handed over to the police. In fact, when I worked for Sprint we were all instructed in the event that some one approached the retail staff about making these requests that they were required to contact a division of the legal department and that they would likely need a warrant/court order.
Also, IANAL and neither is my father...so take what I say with a grain of salt.
will fix all of this, oh wait, by the standard of law naming in Congress this will do the opposite of what it claims.
See http://www.washingtonwatch.com/bills/show/112_SN_799.html and http://www.cato-at-liberty.org/the-privacy-bill-of-rights-is-in-the-bill-of-rights/
[T]he measure applies only to companies and some nonprofit groups, not to the federal, state, and local police agencies that have adopted high-tech surveillance technologies including cell phone tracking, GPS bugs, and requests to Internet companies for users’ personal information–in many cases without obtaining a search warrant from a judge.
---
In other words, the government seems keen on protecting us from ourselves while opening us to them by any means. It really comes down to crafting laws with safe sounding names all in an effort to circumvent the Constitution. As most realize, Congress's favorite activity of the last fifty or so years has been how to get around the limits our Founding Fathers placed on the Federal Government.
* Winners compare their achievements to their goals, losers compare theirs to that of others.
The point is, according to TFS, the cops DON'T have a warrant. At this point, you could tell them to fuck off... Of course, many people would say that this leads the cops to have "probable cause" because if the person doesn't have anything to hide, why wouldn't they let the cops look?
It's one thing for the police to look for evidence in email, that's all well and good. The problem here is twofold: they don't have to serve a warrant to the person whose email they're perusing, and they don't have to even tell that person they're snooping around. Contrast that with if the police want to search your house, your car, or even your CPA's office. In all of those cases you at least have an idea that they're doing this, which provides some oversight on these activities.
The idea that just because my email sits on Yahoo's servers that I don't have an expectation of privacy with it is ludicrous. My will sits in a safe in my financial adviser's office (since he's also the trustee of the estate if both my wife and die, but that's another story), but I fully expect him not to open it unless he's informed by next of kin that we've both passed away. In the same way, I expect Yahoo's employees not to poke around in my email (and this is one of the reasons I don't use Google since their systems do just that to serve up ads).
God invented whiskey so the Irish would not rule the world.
They don't give a FUCK. You did notice the mention of them collecting money for this, right?
I'm concerned about the instances where cops take bribes
A bit of a tangent, but it pertains to the larger issue of police corruption that's been enabled by granting them too many powers.
Police like to say that they're "always a cop", even when off duty. If that's the case, then why are they allowed to get paid by people they may have to investigate in the future? What if a cop on a detail is getting paid, I dunno, $2000 a month to work as a part-time security guard (while in his police uniform) at a theater, then the theater owner becomes a suspect in a crime. How hard is that cop (or his buddies) going to work to destroy that income?
God invented whiskey so the Irish would not rule the world.
It's easy for me and it's easy for you - it's even easy to use once it's set up (assuming they are vigilant). But if I told my (very non-geek) girlfriend to encrypt her e-mails, she would have no clue on where to start. I could certainly help her but the problem is that not everyone has someone to ask or would even care enough to do so (obvious, since most people don't encrypt their email).
I definitely agree that everything should be encrypted, it has a great deal of benefits (aside from my opinion that cryptography is just fascinating). It's problematic though, since most people don't think that way - now we're back at square one, how am I supposed to send an encrypted e-mail to someone without a public key? Even if they had one, we still run into some problems with people not paying attention to what they are doing (did they verify that the fingerprint I gave them matched before they trusted my public key? Not likely).
I think computer security in general is far removed from many people's minds outside of paying their 40$/yr to Symantec. E-Mail encryption? They simply don't care.
I have a submission pending on just this topic. I find it shocking that email encryption has not become simple to set up and standard to use. The reason our friends and family don't use it, is because solutions are platform dependent, or require technical knowledge to set up, or are a total pain to use, or all of the above.
There is really no excuse for this situation. Email encryption (and digital signing) should be automatic and transparent. Granted, only tech-nerds will take proper care of their keys, but a standardized solution would still be much better than nothing.
Enjoy life! This is not a dress rehearsal.