Privacy Advocates Protest FBI Warning of 'Going Dark' In Online Era

CWmike writes "CNET's Declan McCullagh reported last week on the FBI's argument that the massive shift of communications from the telephone system to the Internet 'has made it far more difficult for the agency to wiretap Americans suspected of illegal activities.' The law has already been expanded once, in 2004, to include broadband networks, but still excludes Web companies. The FBI says its surveillance efforts are in danger of 'going dark' if it is not allowed to monitor the way people communicate now. Not surprisingly, a range of opponents, from privacy advocates to legal experts, disagree — strongly. On key tech hitch with the plan, per ACLU attorney Mark Rumold and others: There is a difference between wiretapping phones and demanding a backdoor to Internet services. 'A backdoor doesn't just make it accessible to the FBI — it makes it vulnerable to others,' Rumold says."

Backdoor for others

[shoehornjob]

'A backdoor doesn't just make it accessible to the FBI â" it makes it vulnerable to others.

Speaking of backdoors I've got these cool new Sony disks for your computer......

Piss off, FBI

[Scareduck]

No. No goddamn panopticons.

Re:Piss off, FBI

[hawguy]

Slashdot on government surveillance: "Piss off, government! Respect my right to privacy!"

Slashdot on Google surveillance: "So what if they archived people's emails and passwords for two years, and their CEO said only criminals have something to hide? They're just a poor, innocent company! Give them more of my personal data, I say."

Yeah, it's funny how geeks on Slashdot can actually differentiate between a private company recording snippets of non-encrypted data broadcast over radio waves by the public, and a concerted effort by the government to create backdoors (and a massive new security vulnerability) to let them do intentional surveillance of citizens. It's almost as if they are two completely separate issues.

(and instead of the public complaining to the Wifi industry for letting AP's default to non-encrypted communications and complaining to web service providers for allowing passwords and other sensitive data to be sent over non SSL connections, they blame Google for capturing the data. If you're sending passwords and other sensitive data in plain text over Wifi, Google is the least of your worries, they're not going to use your captured password to hack into your online bank account).

Re:Piss off, FBI

[spire3661]

A corporation is not a government. Google does not wield the power of life and death over its users. See the difference? I can choose to not participate in the google universe, i cannot choose to exclude myself from the government's control.

Re:Piss off, FBI

[Dunbal]

If Slashdot is truly taking a stand

Slashdot does not speak for me. I certainly do not want to be "represented" by a collection of nerds and trolls in any point of view - I am perfectly capable of taking my own stand where I choose.

Re:Piss off, FBI

[infolation]

One is a free, voluntary service that you can sign up to, at the expense of your privacy.

The other is a law, that applies to everyone, whether you like it or not.

Slight difference.

Re:Piss off, FBI

[Charliemopps]

Google wants to invade your privacy to target you with advertisements that you are more likely to click on and there-for more likely to make them money.

The FBI wants to invade your privacy to levy fines on you, or put you in jail or even to death. Add to that that the FBI has a well recorded history of being used and abused by elected officials and corporations to manipulate, defraud and terrorize people and you can see why some are concerned.

Do I like what Google is doing? No... but that's more of a "I wish they didn't do all that, it sucks" thing... What the FBI is doing scares the living shit out of me and makes me think we're one bad election away from the iron grip of some totalitarian nightmare.

Re:Piss off, FBI

[Trepidity]

I don't see them as inherently different, but more of a continuum depending on how easy it is to exclude myself. The U.S. government is among the hardest to exclude myself from, so I agree on that. But when we get to lower levels of government, many of them are considerably easier to avoid than many large corporations are. For example, it is quite easy to avoid the Pittsburgh city government; just don't move to or work in Pittsburgh.

Re:Piss off, FBI

[Man+On+Pink+Corner]

Deal with it when it happens.

Google didn't bring us J. Edgar Hoover, so they get a free pass this time around.

Re:Piss off, FBI

[PopeRatzo]

No, the difference is that if I choose not to use Google and block them from tracking me, they aren't allowed to throw me in jail or break into my home at night and shoot me "because I thought he had a weapon"

It's interesting that you bring that up because that is exactly what Google was helping the Chinese government do to dissidents.

The line is blurring, friend. More quickly than anyone thought possible.

Re:Piss off, FBI

[rtb61]

Is it really willingly when they lack knowledge of what is being done to the data, or they lack the ability to cloak or obscure their data and when they need to make use of the services to search the internet.

In order for choice to really exist should a new search service be created government funded, that displays no adds and keep no private data and actually does give all citizens a true choice.

Often government regulation ensures the majority people have a choice. The majority might decide many services are far to privacy invasive and use the legislative rights to get laws enacted to enforce privacy requirements.

The FBI is becoming lazy, full of government appointees who have no idea what they are doing, looking for easy short cuts, basically get computers to do their thinking for them. The computers can watch everyone all of the time and just tell the FBI who to arrest and then the agents get the credit.

Privacy, at it's core is the difference between a free person and a slave. A slave has no right to privacy, none, not in their person or not in their few minor possessions. Kind of reminds you exactly what the TSA does to people, turns then from citizens to slaves, not everyone of course, special people better people, the people with real power, they fly private or charter and the TSA under Uncle Tom Obama stays well away from them, including and especially all of Obama Hollywood friends.

Re:Piss off, FBI

[Jawnn]

A corporation is not a government.

You have, quite clearly, not been paying attention to current events. While we may split hairs over semantics - whether or not corporations are the government, the fact that they exert an extraordinary level of control over our government (U.S.) is well established. And that most certainly includes matters of life and death. Sticking one's head in the non-digital sand and insisting that all is well is simply absurd. Google acting as the government's rat, or the government acting as RIAA's muscle; two sides of the same fascist coin.

So sad

[bky1701]

Unconstitutional efforts to spy on citizens ended by progressing technology. I will have a nice little cry for the FBI tonight, right after my nightly one about RIAA lost profits due to piracy.

Re:So sad

If you watch the moderation for any given topic, it always skews a certain way and punishes anyone who speaks out against the conventional wisdom. Because a limited pool of users controls the filtering of opinions, there is in fact an overall viewpoint that is enforced rather than a diversity of ideas.

I can't help seeing the outrage to "unconstitutional spying" on the part of the government and then wondering why absolutely anybody who speaks out against Google's privacy violations on Slashdot earns themselves a permanent -1 account. But if you watch closely, you'll see this over and over on this site, and it's mind-boggling.

Even this conversation we're having, which on any other site would just be another standard thread with differing perspectives, will see my posts modded down to -1 (just watch).

Re:So sad

[spire3661]

Because my fellow man (which is what government in the US is supposed to be, the whole 'we the people' thing) spying on me willy-nilly using Monopoly on Violence is not the same thing at ALL as the shopkeeper next door keeping records of what i buy to use in his marketing and optimization research.

Re:So sad

[roman_mir]

Google is not your Friendly Bureaucratic Institution, it's just a company that you don't have to deal with and can voluntarily abstain from.

Constitution, by the way, doesn't apply to private entities, it's the law above the government, not above individuals and their businesses.

Re:So sad

[Attila+Dimedici]

I have watched the moderation and I have observed that you are wrong. I have noticed that the moderation on any given topic tends to skew according to which side gets on with mod points first.

Re:So sad

[rocket+rancher]

Because my fellow man (which is what government in the US is supposed to be, the whole 'we the people' thing) spying on me willy-nilly using Monopoly on Violence is not the same thing at ALL as the shopkeeper next door keeping records of what i buy to use in his marketing and optimization research.

Really? You need to take a broader view, then. Let's start with your shopkeeper's surveillance of your spending habits. He knows what you buy, when you buy it, and exactly how much you spend in his shop, along with all of your other neighbors. Some simple analysis allows him to predict quite accurately what you are going to buy and when you are going to buy it. So he jacks up those prices on D-1 and lowers them again on D+1. The Walmart grocery store in my neighborhood appears to be already doing this; the variance I get in the price of a Red Baron pizza correlates too strongly with payroll dates for the lower middle class neighborhood I live in for it to be a coincidence. But hey, according to you, it's *different* -- I guess you believe the monopoly on violence only includes armed force, and not the "Monopoly on the only grocery store within miles" kind of violence. FWIW, boutique retailers have been doing this for millenia -- each customer gets a unique price, determined by the shopkeeper's ability to assess the depth of the customer's pockets. Thanks to your benign "marketing and optimization research" the guy who sells you food is going to be able to do the same damn thing...

Re:So sad

[roman_mir]

getting sidetracked much? Google is not a monopoly in search, that's first. Secondly, android is not a monopoly in phones. Thirdly you have no choice with the FBI, unlike with Google. The constitutional argument has nothing to do with Google, as Constitution applies to the government, it's the law above government, not above Google. Lastly: the Constitution does not allow the federal government to spy on people without a warrant through any means, including forcing private companies to give up this information.

Re:So sad

[Z34107]

If you watch the moderation for any given topic, it always skews a certain way and punishes anyone who speaks out against the conventional wisdom. Because a limited pool of users controls the filtering of opinions, there is in fact an overall viewpoint that is enforced rather than a diversity of ideas.

Funny, elections work the same way.

Re:So sad

[bky1701]

"I can't help seeing the outrage to "unconstitutional spying" on the part of the government and then wondering why absolutely anybody who speaks out against Google's privacy violations on Slashdot earns themselves a permanent -1 account."

Really? Because I badmouth Google pretty often (not always, because unlike you probably think, it is not always warranted), and lo and behold, actually would be one of those "limited pool of users" getting mod points. Maybe you should stop being an asshole, and you'll stop being modded down. That probably starts with not whining about your posts being modded down while insulting the whole site with claims easily proven false ("libertarian fantasy hellhole" when it is clear slashdot is more polarized, but about as equally distributed, as everywhere else)... but then, I guess that's just more "conventional wisdom" for you to rage against.

Pretty much any time I see a post here complaining about groupthink/whole site having specific political idealogical/site idolizing some specific company (the proportion of Macbois is disheartening, but far from a defining characteristic), my automatic response is they are probably doing one of the following:
1. Presenting their ideas poorly.
2. Holding easily discredited ideas.
3. Acting like assholes.

Considering you're posting anonymous and I can't really see anything beyond your complaining, I have to assume your issue is probably #2 and #3. Maybe you should think about if you're the reason you are being modded down, rather than blame it on everyone else. After all, no one is forcing you to be here if it is that awful.

Re:So sad

Coincidentally, I am actually producing an estimate for a potential Red Baron campaign right now, so let me help you understand the difference.

It is much easier to tell when to lower the price than when to raise the price, because of the existence of competitors. The raised price on Red Baron pizza you see at Walmart is actually the normal market price controlled by competition at the high end of the demand spectrum. When the lower middle class have spent most of their money, that is when the price lowers because the demand has dramatically lowered at those times. When other stores hold onto their stock for the next round, Walmart is able to know when it is appropriate to lower the margin, and still make money by selling enough volume.

The difference is this: both Walmart and their competitors market to when people have the money to buy it, but only Walmart (and others like them) know when people do NOT have the money to buy it at the high end of the demand spectrum. Knowledge of the marketplace is used to IDENTIFY what market demands ALREADY exist. Knowledge of the market is very different from leveraging one market into the next, and monopoly abuse. Granted, Walmart has a market leverage effect, raising prices, but also has the opposite effect by applying market knowledge to lower prices. The market knowledge is what lowers prices. Nothing wrong with market knowledge.

Market analysis can be done using statistical analysis that operates on anonymized customer information, like the product I work on, so the shopkeeper doesn't need to be shipping his customer's personal information around. On the other hand, the Monopoly on Violence uses personal information ONLY because it is personal, and as centralized as it possibly can. The shopkeeper has an incentive for his data to not be shared too centrally, because it could get into the hands of his competitor. The shopkeeper sees his customer database as proprietary.

The Monopoly of Violence is only repelled by the political movement to restrict prosecution only to warranted information that is collected through normal business practices. There must be a direct line of warrant from actual damages. Otherwise, fishing expeditions for thought crimes and political reasons become practical. The only reason why "probable cause" is even allowed for a warrant is because of that relationship to actual damages. What "warranted" means is not JUST probable cause, but also because damages have occurred from a directly related event. The police should be investigating CRIMES not LIVES.

Re:So sad

[AmberBlackCat]

It happens to me too. And they like to wait until the thread is old before they make it go below zero. I just wonder if they're paying Slashdot or using their own bots. Or if Google just has that many fanatics on Slashdot. But they won't be able to keep people from noticing.

Re:So sad

[TrekkieGod]

I heard a story about how a store called to reveal how some girl was pregnant just from her shopping patterns.

It was Target, and they didn't call. They sent coupons for pregnancy products to her by mail.

They figured this out by data mining, and her father was pissed. These companies say they can figure out stuff like this. That means they can figure out that you have AIDS and you're gay, or that you have cancer or herpes or whatever.

Yeah, I know. But first, this entirely new, it's case of old things becoming new again. Think about the situation of a small town where everybody knows everybody else. Now a young girl walks in to buy a pregnancy test. The drug-store owner knows her, and now he has information she might be pregnant.

Either way, Target figured out this type of direct targeted advertisement freaks people out, so they're kind of hiding they have the knowledge. For example, when they figure out somebody is pregnant, they'll send them coupons for pregnancy products along with coupons for something someone pregnant would not buy, such as wine. This makes it seem random. It also prevents the father from finding out from the store, instead of from his daughter (although that particular story was never confirmed by the journalists. Target can figure out somebody is pregnant by what they buy, but the whole 'father got upset' thing could be apocryphal).

That information is sold around and then insurance companies and drug companies can exclude you from clinical trials that would save your life because they think you'll mess up their numbers or cost them too much.

And that is a problem. I agree with you when a company sells that information to anyone else, that is highly unethical, and should be illegal. By purchasing things from a company, you chose to give them data about you. If you wanted to avoid that, you can always buy it with cash, and not use any discount cards. However, you didn't authorize them to give that data to anybody else, and I think there's a much greater privacy violation when companies can get a complete picture of everything you've purchased from different stores.

That's kind of tracking for profit is unethical.

No, I think the tracking is fine. The selling of information is unethical.

Cry me a river

[betterunixthanunix]

CALEA was basically a hand out to law enforcement, letting them sit back and eat doughnuts instead of going into the field when they need a wiretap. Now they are complaining that they do not get a similar hand out when it comes to the Internet, and dishonestly claiming that they do not want to revive the cryptowars? No thank you, FBI -- we are not going to give up secure communication systems or plant backdoors all over the Internet just because you long for the "good old days" when wiretapping-on-demand was enough to violate our privacy.

Oh for the Cold War

[AnaxagorasZ]

I miss the days back when the only reason that our righteous free country would spy on our citizens or suspend our rights was to try to catch people working for evil governments who did things like spy on their own citizens and violate their rights. Back when it was easy to tell who were the good guys and who were the bad guys.

Re:Oh for the Cold War

[spire3661]

The 24 hour news cycle did not create the machinations we now see exposed. They have always been there, it only seems magnified because we see more now. The FBI has ALWAYS spied on us extra-judiciously. From day one it was built, its purpose is to catalog and amass information about the american citizenry. Just read the first 2 paragraphs of J. Edgar Hoover's wiki if you have any doubt at all. http://en.wikipedia.org/wiki/J_edgar_hoover

Re:Oh for the Cold War

[PolygamousRanchKid+]

Back when it was easy to tell who were the good guys and who were the bad guys.

Well, if you run out of one set of bad guys, you need to find or create a new set, right?

How's this for an idea?

[gman003]

First, the FBI gets a warrant for a particular "wiretap". This should be absolutely mandatory for what I'm about to propose.

Then, off a specific warrant, they go to whichever company the warrant lists, and either:

a) Install a packet-sniffer in front of the web server, logging everything to disk, which is then physically taken by the FBI as evidence - just like a conventional phone wiretap. This avoids the whole "anyone could use the backdoor" - if "anyone" can install hardware on the network, the 'security' is already broken so badly I had to use scare quotes.

or

b) go to the company, literally add code on a case-by-case basis to log a particular set of user's actions. This could include real-time alerts, if necessary. Oh, and the FBI is either the one doing the coding, or they pay standard rates for the service's programmers to do the job. This, again, avoids the security issue implicit to a government-mandated backdoor, by moving the "backdoor" from the computer level to the organizational level. It also does privacy better than a), because by being in the application layer instead of the network layer, it can be smart enough to only log the suspected users, not everyone.

This seems totally reasonable. The FBI gets the data they need (face it, there are always going to be times when they're justified in listening in on "private" communications), the internet companies only have to do anything if there's actually enough of a case for a warrant, there's no backdoors for a hacker to exploit, and, if the judges do their job right, everyone's privacy is maintained unless there's enough evidence to justify violating it.

And thus, by being at least mostly reasonable, it is guaranteed to not happen this way.

Re:How's this for an idea?

[Adrian+Lopez]

... go to the company, literally add code on a case-by-case basis to log a particular set of user's actions.

If I were running an online service I wouldn't want the FBI coming in and adding their own code to mine. If the FBI wants any of the data on my system then let them either get a subpoena that I can execute with a certain degree of deliberation (see here for one example), or a search warrant that allows them access to all of the data named therein. No need for the FBI to install special code that is potentially just as dangerous as a backdoor.

Re:How's this for an idea?

[gman003]

Look, if it's a data stream, you can record it. I'm not saying everyone should have an API that the FBI can use. I'm not saying we need to record absolutely everything so the FBI can look at it.

What I'm saying is that if the FBI needs to record something and they have enough evidence to get a warrant, they can come in and write their own damn code to log it, we'll put it on the server for as long as the court order says, and then as soon as they're gone we revert the code back to the way it was. Or, the FBI can log every packet themselves, and *they* get the fun task of sifting through billions of TCP packets to find the ones used by Ahmed ibn Badguy.

And if the system *is* anonymous-by-design, well, "that's literally impossible" is generally considered a valid reason to refuse a warrant. I know if the FBI knocked on my door and handed me a warrant for "whatever is 40km beneath the property" and a shovel, I'd call up the judge and tell him that, unfortunately, the laws of science trump even the US Constitution.

Re:How's this for an idea?

[sir-gold]

the FBI can install spyware on a computer just as stealthily as they can bug a room.

Let's not forget what this is really about

[GodfatherofSoul]

The FBI can get a warrant if they've got evidence, but they want to snoop without them.

Transient vs Persistent Data

[Adrian+Lopez]

The purpose of wiretaps is to capture information that is transient in nature and therefore lost after transmission. Online services are a different beast altogether, the data being more permanent in nature and therefore better suited to the traditional subpoena / search warrant model. Building surveillance capabilities into online services is like building surveillance capabilities into people's homes: invasive and unnecessary.

Dear FBI...

[Lumpy]

Good luck. I can, right now have a heavily encrypted communication with several people over the internet that you will not be able to decrypt when the information is the most valuable to you. This is your own fault. You did not pressure Congress to fund the Sciences heavily to make sure we had the best and brightest here in the USA working for you. Instead you let them go off on their hunt on the constitution. You let the Fear engine get away from you and let the CIA have the ball with their Terrorism Bogeyman.

Now it's too late. Even a 13 year old kid in a basement has the tools he needs to make a secure encrypted communication channel that would take you months or even years to crack. Long after it was valuable to do so.

Want to fix it? Go to congress and scare the bejesus out of them, Get them to dump 20 to 30% of the Defense budget into Science and research. If we start now you can get back on top in about 10 to 15 years. It is the only way. If you dont, the bad guys will win. Get off your asses and scare the shit out of congress to get the funding, because if you actually talk to them like they were educated men, you will be wasting your time.

The only plots they foiled were their own

[kawabago]

Since the only domestic plots the FBI foiled were ones they set up themselves, the military recently killed foreigners planning attacks from the middle east so I think we really don't have to worry that much about terrorism. People on planes have shown that they will react and subdue a would-be terrorist so that isn't a big concern. As far as I can tell, the whole terrorist ball of wax is just a make work project for law enforcement much like the war on drugs.

All for nothing!

[__aaltlg1547]

If you really want to keep your communications from the FBI, you can still always use a third-party local, secure ecryption system that the government can't easily crack. So they'll end up knowing anything they want to know about the people who don't think they have anything worth hiding from the government and NOTHING about whatever communications you choose to hide from their scrutiny. Well, they might know when it occured and maybe with whom, but they won't be able to crack the content. And if enough people object to their prying eyes, they'll find that they've driven most communications to use an ecryption method that neither they nor their proxies can crack in any reasonable time, so there will be a huge volume of "suspect" data: so much that they can't tell the difference between routine chats between business partners and chats between members of a terrorist cell discussing their evil schemes.

It is *supposed* to be hard

[bradley13]

Of course, if you work in law enforcement, this is your daily work. Everyone lives in their personal bubble, and wants their daily work to be easier. However, in the big picture, spying on individuals is *supposed* to be hard.

Another point that people often forget: The government (or the FBI) is not some single entity. It is composed of individual people: some good, some evil, most just schmucks trying to get along. You cannot trust the government, simply because it contains some individuals who are not trustworthy. This is another reason that things like wiretaps should be difficult.