Slashdot Mirror

← Back to Stories (view on slashdot.org)

That Was Fast: Leahy Drops Warrantless E-mail Surveillance Bill

Posted by Soulskill on from the sees-which-way-the-wind-is-blowing dept.

Presto Vivace writes "Under the right conditions, online activism can be very effective. U.S. Senator Patrick Leahy has already abandoned his warrantless e-mail surveillance bill we discussed this morning. 'The Vermont Democrat said today on Twitter that he would "not support such an exception" for warrantless access. ... A vote on the proposal in the Senate Judiciary committee, which Leahy chairs, is scheduled for next Thursday. The amendments were due to be glued onto a substitute (PDF) to H.R. 2471, which the House of Representatives already has approved. Leahy's about-face comes in response to a deluge of criticism today, including the ACLU saying that warrants should be required, and the conservative group FreedomWorks launching a petition to Congress -- with over 2,300 messages sent so far -- titled: "Tell Congress: Stay Out of My Email!""

13 of 107 comments (clear)

  1. Oops, somebody noticed by Attila+Dimedici · · Score: 5, Insightful

    Translation, "I thought nobody would notice."

    --
    The truth is that all men having power ought to be mistrusted. James Madison
    1. Re:Oops, somebody noticed by Anonymous Coward · · Score: 5, Insightful

      The fact that he even considered it in the first place is disturbing on its own.

    2. Re:Oops, somebody noticed by DaMattster · · Score: 4, Insightful

      No, Leahy's stance should never have been pro anything that erodes 4th Amendment protections. Our elected representatives are supposed to protect our rights, not sell them away. This is further proof positive that we need a third party. Both Democrats and Republicans want increasing control over us.

    3. Re:Oops, somebody noticed by klingers48 · · Score: 3, Insightful

      This is the key point. They will try again when the heat dies down. Spooks and ignorant senators/congressmen can't actually divorce themselves from the mentality of the intelligence community and really understand where most of the pushback is coming from. It's never been about having something to hide or not... It's a community of informed IT enthusiasts who embrace the technology to a point where it becomes a feeling of violation when their digital privacy is threatened.

      I'm not a behavioral scientist or a psychologist, and this might even be wrong, but I'm sure I've read before that our brain remaps our "personal space bubble" when we drive a car. I also believe that (beyond the obvious) reasons why we get angry at telemarketers/doorknockers, wear clothes, put locks on our doors and curtains on our windows is because we have a deep-down, hard-wired intellectual personal space that has evolved alongside our physical personal space.

      Problem is, every unsolicited knock on the door, phone ring from a stranger or person peeking through the curtains rankles us in our lizard brain because an external force is attempting to wrest some control of our intellectual personal space. It's no different to a perfect stranger standing two inches from our face. It's wrong. Our lower brain connected to our higher brain sees "THREAT!!"

      We feel the same way when the government pries into our communications, movements or histories. It's not about being ashamed of anything or having "something to hide", it's about a feeling of an exterior force violating our intellectual idea of personal space. We are being denied the control we desire over what we show the world. That is in my opinion the core issue governments will never be able to understand. That's the answer to the inevitable "Why are they protesting?" question.

    4. Re:Oops, somebody noticed by slashmydots · · Score: 4, Interesting

      Exactly! This is why we need a randomly selected American civilian (similar to jury duty) to follow around every congress member and every time they do something stupid or controversial or clearly evil, they'd get to react like "WTF are you signing that crap? Are you shittin' me right now? Why are you adding that to the bill? Why are you going to a $1000 luxury dinner with that oil company exec?"
      Now that's representative-based democratic oversight, lol.

  2. Executive Order in 3... 2... 1... by hawks5999 · · Score: 4, Insightful

    Whenever this stuff can't get through Congress it just ends up in a Friday night EO dump. Is this one important enough for Black Friday? We'll know by Monday.

  3. Re:No time like the present... by lister+king+of+smeg · · Score: 3, Interesting

    try convincing nongeeks and nontinfoilhaters to use double public key encryption for all of their communication be it email chat or voip. they will fight it tooth and nail because it "more complicated" translated requires one additional click per message maybe a couple keystrokes for your password.

    --
    ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
  4. Re:No time like the present... by fuzzyfuzzyfungus · · Score: 4, Insightful

    No problem! We can just simplify the process by setting up a large number of so called "certificate authorities", who we will trust implicitly and pay yearly fees for little chunks of math! Nothing could possibly go wrong, and we can have a comforting little padlock symbol for noobs...

  5. Two sides to every story by BinarySolo · · Score: 4, Informative

    According to this, Leahy claims CNET was incorrect in its original article and that he never supported the warrantless wiretapping. When he tried to clarify this stance, CNET comes out with this article saying that he backtracked because of the backlash caused by their article. Not going to make the judgment call on which side is right, but it should at least be noted that there are two sides to the story.

  6. Strange bedfellows... by sconeu · · Score: 3, Insightful

    When the ACLU and a conservative group are loudly on the same side of something, you know whatever it is is bad.

    --
    General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
    1. Re:Strange bedfellows... by Anonymous Coward · · Score: 3, Insightful

      Not really. ACLU shares many same beliefs as libertarians. So more correctly, when they do line up on the same side you know its a government versus privacy issue. In this particular case, I think they are correct. But I'll reserve my judgment for their future endorsements, as they both are kind of bizare at times.

  7. Re:No time like the present... by Score+Whore · · Score: 4, Insightful

    It does if you'd bother to look at the fingerprint and verify it's the same as last time. Which the browsers should do, but they don't because it cuts into their CA root key inclusion fees.

  8. Re:We could have fixed this, but didn't by Obfuscant · · Score: 4, Informative

    The issue could have been addressed by fiat from any one popular software package.

    Thus solving it for users of one package.

    2) Add a field to the protocol

    Which protocol? SMTP? POP? IMAP? UUCP?

    The protocol allows for experimental fields

    Same question.

    The mouseover for the button

    Oh, this would solve the problem only for the people with GUI mail clients.

    could have said "use encryption if the recipient has a compatible client".

    Sorry. How does my email client know what email client YOU are using and whether it supports this? Is there a new protocol you are proposing where one client asks another prior to sending an email? What happens if the recipient is offline?

    But for some reason we didn't do that,

    Mainly because it is an intractable problem, much more difficult than simply having one GUI email client start doing it. Here's one big problem: how do I read those encrypted emails sitting in my mailbox when I'm not using the specific GUI email client that deals with them, or I don't happen to have the key and can't get it because I'm not online at the moment?

    (I've often wondered if the browser could automatically encrypt/decrypt the content of specific named text blocks from specific sites such as gmail. Then the content could be encrypted online, but show cleartext to the user.)

    If you are limiting yourself to defining "email" as "gmail accessed via a web browser", you simplify the problem considerably. Of course Google could store all your email in an encrypted form and send you a javascript (if you have a js enabled/capable broswer) applet that decodes it on your system. If you send them your public key, they could even encrypt the stuff they store on their disks as it came in for you, if it wasn't already. You still have the problem of how you make sure every system you use to access that email has the key kept locally, and what happens for people who have gmail forwarded to some place else.

    So, yes, the problem is rather trivial if you force everyone and everything through one mail server and ignore the huge diversity in protocols used to transport email and the kinds and types of clients/servers used to do it.