Congress Passes Bill Allowing Warrantless Forfeiture of Private Communications

Prune writes Congress has quietly passed an Intelligence Authorization Bill that includes warrantless forfeiture of private communications to local law enforcement. Representative Justin Amash unsuccessfully attempted a late bid to oppose the bill, which passed 325-100. According to Amash, the bill "grants the executive branch virtually unlimited access to the communications of every American." According to the article, a provision in the bill allows “the acquisition, retention, and dissemination” of Americans’ communications without a court order or subpoena. That type of collection is currently allowed under an executive order that dates back to former President Reagan, but the new stamp of approval from Congress was troubling, Amash said. Limits on the government’s ability to retain information in the provision did not satisfy the Michigan Republican."

Re:Congressman Amash’s letter sent to Collea

[Qzukk]

I urge you to join me in voting “no” on H.R. 4681, the intelligence reauthorization bill, when it comes before the House today.

Thank you for posting the bill number, since neither slashdot nor the hill thought we should be able to look it up and see who voted for this bullshit.

It appears in the Senate it was passed by voice vote by a bunch of cowards that did not want their name attached to the bill.

Re: PRIVATE encryption of everything just became..

[Frobnicator]

But cloud is great, right? They told me cloud is great!

Yes, cloud is great as a convenience for you.

It is also great as a convenience for NSA and other agencies. The text of the bill allows that anything that was encrypted can be kept indefinitely. If your web site says HTTPS then it is fair game for permanent governmental storage.

Also, they can retain it forever for a number of reasons:

From the bill now on its way to the President's desk: "(3)(B) A covered communication shall not be retained in excess of 5 years unless ... (ii) the communication is reasonably believed to constitute evidence of a crime ... (iii) the communication is enciphered or reasonably believed to have a secret meaning; (iv) all parties to the communication are reasonably believed to be non-United States persons;"

#2 should be troubling. Does your communication (which is not limited to just email, but also includes web pages and any other data) have any evidence of a crime? Evidence that you downloaded a movie or software from a warez site, or looked at porn as a minor, or violated any of the policy-made-crimes that even the federal government has declared they are not countable? With an estimate of over 300,000 'regulations-turned-crime', plus laws that incorporate foreign laws (the Lacey Act's criminalization of anything done "in violation of State or foreign law"), pretty much anything you do probably violates some law somewhere in the world. Better preserve it just in case somebody eventually wants to prosecute you for that crime someday.

#3 refers back to a vague definition of "enciphered" that does not just mean encryption. The "secret meaning" could be as simple as data inside a protocol, Who is to say that the seemingly random bytes "d6 0d 9a 5f 26 71 dd a7 04 31..." used as part of a data stream are really not an encrypted message? Better record it just in case.

And of course #4, the law has a careful wording about communications between "non-United States persons". Considering the "internet of things", all those devices talking to other devices are not communications between United States persons. It was your camera (a non-United States person) communicating with a data warehouse (a non-United States person), so better exempt that from the 5-year retention policy as well.