Slashdot Mirror
Tech Firms Planning Highly Irate Letter To Government Requesting Transparency
Nerval's Lobster writes "a 'broad alliance' of 63 technology companies and civil liberties organizations plan on demanding more transparency about U.S. government surveillance programs, according to a new report in AllThingsD. Those companies and organizations will reportedly ask the government to allow them to report more accurate information about user-data requests. At the moment, federal agencies forbid Google, Microsoft, and other tech vendors from reporting more than a broad numerical range; for example, Google might announce as part of its Transparency Report that it received between 0-999 National Security Letters (issued by agencies as part of national security investigations) in 2009. 'We seek permission for the same information to be made available regarding the government's national security–related authorities," reads a portion of a letter that will be reportedly published July 19 and signed by all those tech companies. "This information about how and how often the government is using these legal authorities is important to the American people, who are entitled to have an informed public debate about the appropriateness of those authorities and their use.' This is all continuing fallout from Edward Snowden's leaks of top-secret documents alleging that the NSA maintains a program called PRISM that allegedly siphons personal information from the databases of the world's largest tech companies. Ever since, those companies (which have all denied participation in PRISM) have been anxious to show the world that they only give the government as little user data as possible. This new push for more 'transparency' plays to that strategy, and the stakes couldn't be higher—if consumers and businesses lose faith in their IT providers' ability to preserve privacy, the latter's very existence could be at risk."
...color me skeptical, but that looks more like PR damage-control tactics since they very well played lapdog. I maybe would have bought it if their reaction was immediate.
... could we trust them?
"Here Lies Philip J. Fry, named for his uncle, to carry on his spirit"
A highly irate letter only after they were publicly embarrassed. How self-serving. Fuck these companies.
A balanced consideration is in order: Should we warmly regard these oh. so. heroic. companies for their bold stance? Hardly, this is snivelling PR drivel of the highest order.
However, considering the relative number of important friends possessed by "The Constitution" and "Shareholder Value" respectively, is it not a convenient thing that NSA activity be perceived(and ideally actually be) bad for influential American corporations?
Isn't it extremely useful that all American 'cloud' and telecommunications companies now have a PR problem on their hands(and quite possibly a sales problem, EU privacy mandates aren't going to make moving EU customer data onto American servers any more legal if you do business on that side of the pond, and do enjoy selling foreign governments your products on a "Don't worry, it'll be just between you, us, and the American Clandestine Services..." basis)?
Outfits like the EFF and ACLU, not to mention people like Snowden and Manning who take great personal risk, have the moral high ground; but perhaps less so with the 'army of effective lobbyists and vast financial resources'. These companies, by contrast, are mere mercenaries; but may prove useful for so long as NSA spying harms their interests, rather than serves as a revenue stream(looking at you, telco wiretapping fees).
Never wait for the government to do something. Just release the data and see if anyone has the balls to convict them of something. I bet not.
So just how many tech companies will end up mired in this BS? A bunch of startups pop into business with security products that the NSA want's backdoors into. So they are contacted and inside info is exchanged, or perhaps even access info of some kind. Before long there are hundreds of developers from these startups all knowledgeable about what the NSA is doing regarding data collection. And we have thousands of NSA employees and contractors in on it too. So just who are all these guys keeping their secrets from if half the world knows about them?
The only time they'd need to make a request is when:
a) The data is from before they've been collecting
b) The data in their database is not yet nicely formatted for easy access
c) They are missing the encryption keys, for some reason
Isn't the splitter the big worry? And that these requests are just a small part? Combined with the fact that I'm not an American, this means they can collect a huge database of my personal data, and look at it any time, without asking anyone for permission. Perhaps I'm misunderstanding what's going on?
You assume too much. This "irate letter" seems a lot more like a negotiating tactic than anything else. Remember, these corporations signing the letter are among the most privileged of all corporations, in terms of how the government treats them. They have their own personal tax laws, that allow them to claim that their profits are all earned in Luxemburg, and they have private countries where they keep their intellectual property so they don't have to pay taxes here. They are given special treatment from the local level right on up to the federal government. They have enjoyed decades of protection from anti-trust legislation (and yes, that includes Microsoft, even with their successful prosecution). These companies are a part of the government as are the biggest banks and the biggest energy companies.
I believe that behind closed doors, Google, Microsoft, et al, are just fine with the surveillance state, because it plays to their strengths and they're already on the inside. I'm not sure NSA spying harms their interests in any way.
You are welcome on my lawn.
Outfits like the EFF and ACLU, not to mention people like Snowden and Manning who take great personal risk, have the moral high ground; but perhaps less so with the 'army of effective lobbyists and vast financial resources'.
You lost me. But these companies do deserve to be punished for their simple network/security mistakes (that had grand consequence). They simply built the wrong software. In my opinion home serving software that keeps people in control and possession of their "papers", combined with open source pervasive encryption, was and remains the obvious right answer. These companies should be firing the inneffective employees that didn't see this coming long ago, and choose a better strategy than "wait for the day it all blows up in our faces".
Right To Serve. Period. http://slashdot.org/comments.pl?sid=3929983&cid=44170993
These large corporations are claiming to have the people's interests in mind, yet they are only asking for a very narrow change that really doesn't affect the status quo. If they really are concerned with the extent of the surveillance, why don't they use their extensive lobbying clout to propose actual changes to the laws that would require transparency to the entire process starting with requiring judicial approval for any monitoring.
Maybe if they put some weight behind real change it would be worth it. I think they can see that most of their future revenue is going to come from services where they host user data. But if people understand that the Third Party Doctrine, or Business Records Exemption mean that that "their" data is totally and utterly insecure, then the market for those services will be severely damaged. America doesn't have much going for it businesswise any more -- we have a weapons industry and flush government contractors -- but if the government is broke because nobody has anything but a Walmart job, those industries are dead. Technology is the government's biggest potential cash cow -- it should probably NOT shoot it in the head.
I think the tech companies might actually have "good luck with that" perspective. But they have to be willing to make the point. And then support at minimum, legislative limitations on the both Third Party Doctrine and Business Records Exception. Even more preferable, would be a Constitutional amendment defining digital content (including metadata) whereever stored (drives, wire, airwaves) as "papers" and that government access to such data is not affected by where it is stored, i.e., it remains a person's private stuff and unreachable without a warrant supported by probable cause, even if stored offsite so to speak.
What changed under Obama? Nothing Good
Given how good they are at avoiding US taxes and US regulations by having branches and shell companies off shore, I imagine if they really wanted to break the orders they could find a way to do it and legally be outside US jurisdiction.
"They are violating our rights, spying on everyone and forcing us to cooperate in all of that." - "I got it! Let's send them a really stern letter!"
This is PR damage-control, nothing else. They're trying to create the impression they were unwilling accomplices.
Assorted stuff I do sometimes: Lemuria.org
Putting weight behind a letter seems a bit fanciful.
On the other hand, they can simply present it as a demand, and state that the alternative is each of them will publish ALL the letters delivered to ANY of them and refuse to comply.
Let the DOJ or the DOD put ALL 69 Companies in jail or shut them down. Especially when the government is dependent on most of them and the citizens are customers of all of them.
Sig Battery depleted. Reverting to safe mode.
I believe that behind closed doors, Google, Microsoft, et al, are just fine with the surveillance state, because it plays to their strengths and they're already on the inside.
I don't think you have any evidentiary basis on which to base that judgment.
It wouldn't surprise me if Google and Microsoft have convinced themselves that whatever they did was right. Moreover, I find it easy to believe that the exact extent of their complicity (unlike, say, the extent of the complicity of telcos) was exaggerated in the leaked documents themselves, and they are genuinely pissed off that they can't set the record straight (as they see it).
Did they go further than you or I or any other civil liberties-minded person would? Almost certainly. But how far did they actually go? We don't know, and they're not allowed to say.
It's rich that the NSA gets to spin this as "people are talking crap about stuff they don't know anything about" (e.g. "the PRISM isn't a programme, just the name of a specific database" line) . What the hell did they expect? No, we don't have complete information first-hand from the people who truly understand it. That's exactly the problem.
So I applaud the tech companies for actually trying to disclose more. More information means we have a better basis on which to judge them, and judge them we shall.
sub f{($f)=@_;print"$f(q{$f});";}f(q{sub f{($f)=@_;print"$f(q{$f});";}f});
Keep in mind, that data is useless. The real threat is that the NSA likely has equipment redirecting data out of these companies without their direct knowledge. They probably even have staff working there to help facilitate their data collection. The NSA could sink any of these companies at the flick of a switch. So the idea that they're going to threaten the NSA with anything is rather silly. Also, they are likely the recipients of a lot of corporate secrets the NSA pulls in from around the world.
My bet is these companies said something like "Um... NSA? Yea... we're looking pretty bad over here... would it be ok if... I mean... could we send a strongly worded letter.... and uh...."
NSA: "No problem... we'll even write it for you! Now put that dress back on, we want you to look pretty for this next part..."
You want some transparency? So do we. Dump it all. Dump fucking everything. Expose this piece of shit government utterly and completely for every last request, letter and shady program.
You spineless twits, you have utterly and completely shattered the trust you had. Fuck you and fuck your cloud; I hope this exposure of your complicity with the criminal organizations in D.C. costs you billions in lost business. I don't care how you do it; leak information, "oops we were hacked", whatever. Dump it all.
The fact that there is 1 person, 1 guy out of >300 million in this country who has the balls to stand up speaks volumes to who the true enemy and threat to the American people, hell the people of Earth FFS, are: the U.S. Federal government.
So either these spineless companies are trying to save face, or Snowden has still got some really juicy dirt left up his sleeve.
I really, really hope it's the latter.
I won't host any of my data, or the data of the companies and individuals I consult and work for, with any company in the United States, and it will take much more than an "irate letter" to gain my trust back.
If it ain't broke, don't fix it.
Go ahead & disclose it, you're corporations, you're above the law. The govt can't tell you what to do.
Nothing will happen, I promise you. Union carbide killed 8000 people and.... nothing. nada. zip. Same goes for the Exxon Valdez & BP.
Isn't this very timidity firm evidence that Google and company aren't as powerful as you claim? Here we have a government agency costing US businesses a lot of money and what do they do? Write letters. It doesn't get any clearer than that who's in charge. It's not Google.
"Objection."
"Overruled."
"Oh, no, no, no. No, I STRENUOUSLY object."
"Oh. Well, if you strenuously object then I should take some time to reconsider."
“He’s not deformed, he’s just drunk!”
There is no infrastructure currently to support what you are talking about much less ten years ago. Most businesses don't have servers and switching and storage. They use ISPs and data centers. Most individuals certainly don't have this stuff. Economies of scale are what makes it all affordable. This means you have to store data offsite and run your apps offsite. If it isn't Google it's Rackspace or Amazon web services or your local collocation hub sitting near a T3 backbone.
You are deluded to think that it can be different even in a future where servers are cheap and bandwidth is fast. Centrally managed by dedicated support staff will always win out over anything else in 80% of the use cases.
A fool throws a stone into a well and a thousand sages can not remove it.
That falls in line with my own thoughts. It's time that the people showed government that government works FOR THE PEOPLE, not the other way around.
Just publish all the details. Publish everything. Tell the government to go screw itself - they can't enforce unjust laws. Government can scream "CONSPIRACY" all they want, but if 60, 75, even 90% of people and corporations are in on it, what can government do?
A number of articles over the past weeks have shown that congress really doesn't have a clue what NSA is up to. Congress critters lack the technical understanding to figure this stuff out. But, worse, the NSA only "answers to" a small committee, and that committee isn't sharing jack-shit with the rest of congress.
Each year, congress authorizes money for NSA and the rest of government, without any accounting for that money. I think that congress should just cut that money by about 75% and tell NSA to make do. At the same time, demand a full accounting for HOW that money is spent. If NSA doesn't have a billion dollars with which to snoop on citizens, and another billion with which to pay "analysts", then they won't be snooping and analyzing citizens. The money that they have left will be targeted specifically toward terrorism and national security.
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
I like that this is happening, but I can't see it making any difference in itself. Yahoo fought in secret courts to protect user data, and lost. Even if US companies are trying to do the right thing, we can't trust them because we can't trust the US government.
If companies had the right to come out and say "we only gave the US data this information because we had no choice", would you still want to deal with them? The company might win sympathy points, but that clearly doesn't mean we can trust it. This is particularly true for end users outside of the US.
It's GNU/Linux dammit!
I will never again trust another company.
Whenever I use a company's service, I will assume they (have):
1. Given the govt a backdoor
2. Sold all my private data to whoever will pay
3. Track me with cookies etc best they can.
4. Given the govt all my passwords (maybe even sold my passwords to customers)