Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacking Victim Can't Sue Foreign Government For Hacking Him On US Soil, Says Court (vice.com)

Posted by BeauHD on from the first-of-its-kind dept.

According to Motherboard, a court of appeals in Washington D.C. ruled that an American citizen can't sue the Ethiopian government for hacking into his computer and monitoring him with spyware. "The decision on Tuesday is a blow to anti-surveillance and digital rights activists who were hoping to establish an important precedent in a widely documented case of illegitimate government-sponsored hacking." From the report: In late 2012, the Ethiopian government allegedly hacked the victim, an Ethiopian-born man who goes by the pseudonym Kidane for fear for government reprisals. Ethiopian government spies from the Information Network Security Agency (INSA) allegedly used software known as FinSpy to break into Kidane's computer, and secretly record his Skype conversations and steal his emails. FinSpy was made by the infamous FinFisher, a company that has sold malware to several governments around the world, according to researchers at Citizen Lab, a digital watchdog group at the University of Toronto's Munk School of Global Affairs, who studied the malware that infected Kidane's computer. The U.S. Court of Appeals for the District of Columbia Circuit ruled that Kidane didn't have jurisdiction to sue the Ethiopian government in the United States. Kidane and his lawyers invoked an exception to the Foreign Sovereign Immunities Act (FSIA), which says foreign governments can be sued in the U.S. as long as the entire tort on which the lawsuit is based occurred on American soil. According to the court, however, the hacking in this case didn't occur entirely in the U.S. "Ethiopia's placement of the FinSpy virus on Kidane's computer, although completed in the United States when Kidane opened the infected email attachment, began outside the United States," the decision read. "[It] gives foreign governments carte blanche to do whatever they want to Americans in America so long as they do it by remote control," Nate Cardozo, a staff attorney at the Electronic Frontier Foundation, a digital rights group who represented Kidane in this first-of-its-kind lawsuit, told Motherboard.

21 of 102 comments (clear)

  1. What's good for the goose is good for the gander by Anonymous Coward · · Score: 2, Insightful

    The CIA has been doing this for ages.

  2. Obviously this requires new legislation by Baron_Yam · · Score: 4, Insightful

    Look at what would happen if you shot an American on American soil from Canada or Mexico.

    Now get your lawmakers to apply that same logic to digital aggression and draft some new legislation for what happens if you commit a computer offence against someone across legal jurisdictions.

    1. Re:Obviously this requires new legislation by Anonymous Coward · · Score: 2, Insightful

      Nothing is stopping them from suing in Ethiopia. Or, in your case, in Canada or Mexico.
      Plus, this is about a citizen suing a foreign government, not another individual. Totally different laws.

    2. Re:Obviously this requires new legislation by CrimsonAvenger · · Score: 2

      Look at what would happen if you shot an American on American soil from Canada or Mexico.

      Better, look at what would happen if a Mexican soldier shot an American on American soil.

      Hint: "Act of War" comes to mind, but "I'll sue, I'll sue!!" doesn't....

      --

      "I do not agree with what you say, but I will defend to the death your right to say it"
    3. Re:Obviously this requires new legislation by Jaime2 · · Score: 5, Informative

      It goes both ways. We are currently using the principle behind this law to shield drone pilots from repercussions. There's also this case where the US says a border guard was within his rights to shoot a man in Mexico.

      Given what we have to lose, it's unlikely that the US government will change its position on this issue.

    4. Re:Obviously this requires new legislation by Ranbot · · Score: 3, Informative

      There actually is a precedent allowing American citizens to sue other countries that support terrorism under the Foreign Sovereign Immunities Act of 1976, but I assume the court decided Ethiopia's hacking was not an act of terrorism.
      Wikipedia: https://en.wikipedia.org/wiki/...
      Flatow v. Iran case details: http://www.leagle.com/decision...

      I only point this out because the degree of legislation or judicial interpretation might be much less than people assume.

      If anyone is interested in the Flatow v. Iran case and it's aftermath NPR's Planet Money did a great podcast on it: http://www.npr.org/2017/01/12/... (I swear it's not left or right leaning story)

    5. Re:Obviously this requires new legislation by Ranbot · · Score: 2

      If anyone is interested in the Flatow v. Iran case and it's aftermath NPR's Planet Money did a great podcast on it: http://www.npr.org/2017/01/12/... (I swear it's not left or right leaning story)

      Apologies... I posted the wrong NPR link. Here's the full Planet Money podcast: http://www.npr.org/sections/mo...

    6. Re:Obviously this requires new legislation by dbIII · · Score: 2

      Liberals like George Washington and Thomas Jefferson?
      It's by design to stop things like absolute rule by a King and balanced by other powers.

      If you want something other than what's in the constitution then feel free to go ahead and try to get it changed.

    7. Re:Obviously this requires new legislation by Impy+the+Impiuos+Imp · · Score: 3, Informative

      There's a case winding its way through courts right now where a US agent, inside one of these border airlock areas, controlled by the US but partially on Mexican soil, shot at a someone and the bullet accidentally killed a Mexican on the Mexican side inside. Can his estate sue the US?

      You'd be surprised what a mess the case is.

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
    8. Re:Obviously this requires new legislation by CaptainDork · · Score: 2

      Nah.

      Legislation is not appropriate.

      The word you're looking for is, "treaty."

      Legislation by America is one-sided and has no standing in jurisdictions of other sovereign countries.

      --
      It little behooves the best of us to comment on the rest of us.
    9. Re:Obviously this requires new legislation by Anonymous Coward · · Score: 2, Interesting

      >accidentally (??!!??) I'm not sure you know what that word means,

      http://ct.fra.bz/ol/fz/sw/i57/5/10/9/frabz-you-keep-using-that-word-i-do-not-think-it-means-what-you-think--06b6e3.jpg

          The reason this is getting so much press is the boarder officer purposefully shot three times at the mexican juvenile, because he was mad the kid originally evaded him. The officer did not 'accidently' anything. He was hot under the collar, the kid ran away, and while hiding behind a cement pillar from the first two shots- the kid finally caught one in his skull.

      A difficult target to hit, unless one is aiming very purposefully at a motionless target.

    10. Re:Obviously this requires new legislation by sit1963nz · · Score: 4, Insightful

      Or, as has actually been the case, an American shot and killed an unarmed Mexican teenager on Mexican soil and the US government has refused to extradite him for criminal prosecution in Mexico.

      US airforce pilot breaking the rules/laws in Italy while hot dogging hit and broke the cables for a gondola killing some people, the US very quickly returned the guilty parties to the USA and refused to extradite them to face criminal charges.

      Yet the USA is demanding Kim Dotcom be extradited to the USA when he (at the time) broke no New Zealand laws.

  3. They have to protect the British Government by Anonymous Coward · · Score: 5, Informative

    If the US wants spy on a US citizens computer, they contact the British Government, allow the British Government to hack and break in and collect all the data necessary.

    100% legal since the US government doesn't do it. But then the British Government hands all data over to the US agencies and parallel construction method is dreamt up.

    If they allowed this case for Ethiopia they would have to allow it for the British Government. Can't have that happening.....

    Captcha: poetic

    1. Re:They have to protect the British Government by AHuxley · · Score: 2

      Project MINARET https://en.wikipedia.org/wiki/...
      "The GCHQ handed over intercepted data of Americans to the U.S. government."

      --
      Domestic spying is now "Benign Information Gathering"
    2. Re:They have to protect the British Government by CaptainDork · · Score: 2

      A change in our legislation won't do it.

      We can write laws until we're blue in the face.

      The foreign, sovereign government can tell us to get fucked.

      It can, and does, work both ways.

      They protect their citizens from foreign laws just as we do.

      --
      It little behooves the best of us to comment on the rest of us.
  4. Re:Now imagine the opposite... by ledow · · Score: 3, Funny

    Exactly the reason they know they can't allow it.

    I - as an EU citizen - would be perfectly entitled to sure the US government if there was any hint they were accessing my data (e.g. Facebook, Microsoft, etc.) - as they have requested of a number of multinational tech companies.

    That would be a can of worms that they would not won't opened.

  5. Re:What's good for the goose is good for the gande by Luthair · · Score: 3, Insightful

    The gander I'm wondering about are people who have hacked US government systems while not on US soil. Seems like the US should not be able to extradite them either....

  6. Letter bombs... incoming! by fgouget · · Score: 2

    According to the court, however, the hacking in this case didn't occur entirely in the U.S. "Ethiopia's placement of the FinSpy virus on Kidane's computer, although completed in the United States when Kidane opened the infected email attachment, began outside the United States,"

    So based on this decision a foreign government can also send letter bombs to get rid of dissidents and be safe from lawsuits by any relatives since, in the words of the court, "although the bomb exploded in the United States when the recipient opened the booby trapped letter, the attack began outside the United States".

    So besides squashing this lawsuit will the US do anything?

  7. Retarded Summary by Notabadguy · · Score: 4, Insightful

    "Hacking Victim Can't Sue Foreign Government For Hacking Him On US Soil, Says Court "

    It SHOULD say "US Court Rules that it lacks jurisdiction to hear a lawsuit against a sovereign government by a private citizen."

    It didn't say that the hacking victim can't sue the Ethiopian government, just that he can't sue the Ethiopian government in U.S. Court. Sounds like the U.N. or the African Council of Nations, or another international body - someone that has any purview over the Ethiopian government would be the place to go.

    Otherwise, we'd have every-day, all-day long lawsuits of individuals against governments around the world - further clogging up our courts - with people expecting the U.S. to uphold their private agendas against other countries.

  8. Well DUH! by houghi · · Score: 2

    What is good for the goose ...

    If they would not do that, the rest of the world would sue the US out of business within a week,

    --
    Don't fight for your country, if your country does not fight for you.
  9. Been done as a car bomb, nobody charged by dbIII · · Score: 2

    Some years back the Chilean government murdered a guy they didn't like with a carbomb in Washington D.C. It somewhat annoyed the Reagan government but the perpetrators were released without charge. When governments break laws in other nations it tends to get sorted out with diplomatic shouting instead of anything related to the rule of law.