Slashdot Mirror
US DOJ Say They Don't Need Warrants For E-Mail, Chats
gannebraemorr writes "The U.S. Department of Justice and the FBI believe they don't need a search warrant to review Americans' e-mails, Facebook chats, Twitter direct messages, and other private files, internal documents reveal. Government documents obtained by the American Civil Liberties Union and provided to CNET show a split over electronic privacy rights within the Obama administration, with Justice Department prosecutors and investigators privately insisting they're not legally required to obtain search warrants for e-mail."
"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
Maybe we should create an amendment to the constitution that makes this issue more clear regarding illegal search.
Oh, wait... http://en.wikipedia.org/wiki/Fourth_Amendment_to_the_United_States_Constitution
well then maybe we should create a law that clarifies the position a bit further
Oh, wait.. http://www.justice.gov/opcl/privstat.htm
ok, well maybe we will have courts decide that emails are personal property
Oh, wait... http://wiki.answers.com/Q/Are_emails_personal_property
when/where does it end?
Yes. And there's no violation of the 4th Amendment if you willingly wave that right and say, "Come right on in and look around!" The 4th is only about coerced searches.
This was modded up?
The searches in Boston weren't "consensual" by any definition of the word. Luckily, people took videos of the police, even if in their disarmed state they couldn't stand up to them. The police were showing up with a SWAT team, banging on the door, holding the person who answered outside at gunpoint, and searching the houses. On the street even more SWAT team members waited in a tank with guns aimed at people visible through windows - including the person taking the video.
But go ahead, explain to me how that's not a "coerced" search.
And then the people cheered the police over this behavior - literally, there were people in the streets thanking the police for stripping them of their Constitutional rights. It's absolutely sickening and a perfect example of why the OP is absolutely right. People need to stand up for their rights against a police force that does not hesitate to use excessive force against their own population.
All we need is email programs that perform a Diffie-Hellman key exchange during the first few emails you exchange with anybody
As always, the hardest part of practical cryptography is key management. What you are talking about is opportunistic encryption. It won't actually prevent decryption but it will force the attacker to do an active Man-In-The-Middle attack, which can be detected after the fact.
This should be the default mode of operation for PGP mail. Whenever you send an email it should append your public key into the headers. As soon as your interlocutor responds, he can encrypt his reply and sign with his own public key, so all messages but the first one are encrypted. It should just work, nothing should be exposed to the user except a small keylock, which he can click if he's so inclined and verify things like key thumbprint etc. to detect tampering and/or explore full PGP functionality.
For an environment such as webmail, this still offers zero security: you either keep the private key on the server, or you do the encryption operations on the clients's side. Since Javascript run-time a href=http://www.matasano.com/articles/javascript-cryptography/>is malleable it's very easy to retrieve the private key or the plain text back from the user when the government asks you.