How, in short, is this shit valid under the U.S. Bill of Rights? I’d really like someone to explain that to me. With a straight face. Preferably without making me want to punch them in the process.
Well, he's going to want to punch me, but here's what I think(?) the answer is:
(a) He's not a US person, but instead a well-known citizen of Iceland, living abroad, and is thus not protected by the Fourth Amendment, at least to the extent that anything in the Fourth Amendment conflicts with any interest of the US.
(b) He's a person of interest in the investigation of one of the most significant leaks of national security information in US history.
No, tptacek is right... if you are a foreigner living abroad, the bill of rights does not apply to you:
In 1957, the court changed its position, overturning decades of precedent to declare that American citizens are in fact protected against U.S. government misbehavior by the Bill of Rights even outside the country. Unfortunately for the rest of the world, the court limited its ruling to U.S. citizens. Foreigners remained stuck with the old rule that the Bill of Rights doesn't apply abroad.[0]
So US citizens are protected whether they are within US borders or abroad. And foreigners are protected if they are within US borders... but once they leave, it no longer applies.
If a foreigner is protected while in the US, is accountable to the US if he/she breaks US law from abroad, and accountable if he/she breaks US law while visiting the US in the form of visiting a US web-server, (we foreigners are said to have visited US jurisdiction if we use US based services, there for we can be extradited) why then, if a foreigner's data is on US servers or systems, is his/her data and privacy not also protected under US law, if a foreigner is protected while in the US.
If we are said to have visited the US and there for come under US law if we use US services, then surely it must also apply that the data we leave behind is also protected.
I think its rather that no one has tested the above argument. The judgement was in 1953, so it had nothing to say about the internet or data stored in the US.
I wonder if a panel of lawmakers were given all of this to make recommendations on, without secrecy, gag orders or political prejudice, if we'd have very different situation today.
I'm aware that the court has interpreted it that way. That doesn't make it any less wrong.
To consider the judges as the ultimate arbiters of all constitutional
questions is a very dangerous doctrine indeed and one which would
place us under the despotism of an oligarchy. - Thomas Jefferson,1820
I will also note that the data in question was within the United States, where all property, whether owned by foreigners or not, is protected from unlawful search and seizure.
In context, your quote does not make sense. Without judicial review, which Jefferson was criticizing, there would be -nothing- to stop bad laws from being implemented. Abortion would still be illegal, for example.
Marbury v. Madison created a remarkable legal instrument: the Court can strike down a law, but it cannot write a new one (deplorable Costa Rican abortion jurisprudence notwithstanding). It is a check on government power that errs on the side of liberty.
However, relying on the Court to strike down every bad law is like relying on the compiler to catch logic errors. A sufficiently intelligent compiler can perform some remarkable analysis of code, but that is not the function of a compiler. We continue to elect bad Congressmen who pass bad laws signed by a bad President, and then we have the gall to blame the Supreme Court. It's ridiculous.
If you want to make a difference in politics, you have to actually get involved in politics, at the party and primary level, because that is just how shit gets done. It is critical to elect good candidates, not just to throw out bad ones.
This is misdirection and you know it. By that same token, if we were around at the time, I could also point to the slaves.
The reckless interpretation of the U.S. bill of rights is already precariously close to violating the Geneva Conventions (on many cases, it probably has already been violated. I.E. Guantanamo Bay). The idea that you're somehow exempt from what is commonly regarded as decent and fair treatment of another human being based on a narrow (and arguable) technicality is appalling.
Jefferson would have had each state be its own absolute arbiter of the Constitution, and free to ignore the Constitution if the state felt like doing so.
Ron Paul arguably holds the same views now (with his various attempts to make state actions immune from federal judicial review).
For both of them, history furnishes examples of why -- even if we hold that the Supreme Court and federal judicial review was a bad idea -- this is also a bad idea.
The First Barbary War was a declared war -- declared first by the Pasha of Tripoli against the US and explicitly recognized as a state of war in several acts of Congress subsequently -- so its hardly relevant.
Well, "recognized as" hardly amounts to a declaration of war. Congress did authorize use of military force though, but technically only against Tripoli, not Algiers or Tunis. So the question remains open in general.
> Well, "recognized as" hardly amounts to a declaration of war.
Congress has the power to declare war, but (a) that power doesn't require any particular language, and any authorization of military action, as contained in the various statutes Congress adopted after the Tripoli declared war, can have the effect of a declaration of war (and a declaration of war may be limited or conditional), and (b) Congressional declaration of war is sufficient to create war, but not necessary; an enemy declaring, or initiating without declaring, war is also sufficient to create war.
See, among other cases, Bas v. Tingy, 4 U.S. 37 (1800);
The Prize Cases, 67 U.S. 635 (1862); The Protector, 79 U.S. 700 (1871).
Right.. Prior to 1957, US citizens did not even have rights outside of the US. From the same article:
So when, in 1880, American diplomats in Japan "tried" and convicted one American for killing another in Yokohama Bay, they did not need a jury to convict. When the defendant asserted that his 6th Amendment right to a jury trial had been violated, the Supreme Court declared "the Constitution has no operation in another country."
"No, tptacek is right... if you are a foreigner living abroad, the bill of rights does not apply to you:"
This is becoming abundantly obvious from where I sit, outside the US as a non-US citizen.
I wonder just how long it's going to take for non US businesses and governments to realise the consequences of that?
I look forward to the startup opportunities in what are currently considered "major player consolidated verticals" for non US based disruption?
Who's currently planning an ad network or web analytics service or auction site or microblogging service or social network or online retail conglomerate - all marketed to national government and non-US based businesses as "all data stored outside US jurisdiction, all data SSL/TLS with PFS on the wire to minimise consequences of interception", then lobby governments to advice citizens to switch away from "US monitored services" and for corporations to forbid use of "US monitored service" via corporate networks.
It's all but impossible to break into markets dominated by Google/eBay/Amazon/Facebook/Twitter - but what if the Australian government started recommending people use a secure local alternative, and big companies started blocking those services at the firewall?
4th amendment: “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”
I don't understand this notion that you don't really understand something like the 4th amendment without understanding the whole history of case law interpreting said amendment.
The amendment is short and simple. It says what it says. It is part of the supreme law of the land (the constitution) and thus supersedes any lesser laws which may conflict with it. Any interpretation of it is just that.
If I were to put it in software terms, I'd call interpretations “derived artifacts” and the amendment the “source”. If I start getting weird conflicts and unexpected behavior, as any developer knows, I should “make clean” (clear out all derived artifacts) followed by “make” (rebuild from source).
While I would prefer your stance to be correct, the Supreme Court has held that the Constitution applies only to persons within the USA. For example, Downes v. Bidwell found that "the Constitution does not apply to foreign countries [...]" [1] and that it doesn't apply to US Citizens if they are outside of the US, "[the] Constitution can have no operation in another country." [2]
Justice Black, who wrote the Reid opinion[1], did so in terms which are very much applicable to the current situation:
The concept that the Bill of Rights and other constitutional protections against
arbitrary government are inoperative when they become inconvenient or when
expediency dictates otherwise is a very dangerous doctrine and, if allowed to
flourish, would destroy the benefit of a written Constitution and undermine the
basis of our Government.
That sentence basically sums up my entire viewpoint on warrantless government dragnets.
It's perfectly alright, what you cited was dated to 1901, but the United States did have a longstanding tradition beyond that (up until 1957) of not upholding constitutional rights for citizens abroad. So, it's very reasonable to think this is still the case due to the abundance of cases which reinforced that precedent.
That's why Reid v. Covert was such a landmark case, it completely overturned the precedent. IANAL either, however :)
If you have the time, I really really recommend listening to the "Civil Liberties and the Bill of Rights" [1] which is available from The Great Courses (and the Sunnyvale library, possibly a library near you as well) It is an excellent introduction into how the systems works (or doesn't work) and how it evolves the interpretation of the Constitution as it applies to citizens and noncitizens alike.
That's what you may have thought it meant, or what you think it should mean, but it's not what it does mean. If you are so sure it's wrong, then it's up to you to make the argument for why, instead of just handwaving it away because you don't like it.
Given that spying drastically shortened the war against Japan and appreciably shortened the war against Nazi Germany (both of which are definitely not on the Christmas list of UN human rights proponents), I'd be careful about how emotionally attached one gets to the issue of spying. Like many other things, it is a tool... it can be used for good or for bad, but in the end it's a tool nonetheless.
Figured it was worth a shot. I would actually imagine there's a lot of people who actually are antivax for the reason I mention, but you never know 'til you try, right? ;)
Sure. Just like making a relevant point is way different to supporting the broken end of a dead tangent (NSA/GCHQ/etc. don't just spy on governments, they spy on anyone they feel like, and everyone by default, and this is very much confirmed now)... without presenting any evidence.
Some of the bill of rights is that, and some clearly refers to things protecting "the people". I am no constitutional scholar, but this does seem to indicate that those specific rights are rights that are intended to apply to citizens of the US.
My understanding as well; noncitizens on US soil are protected by the Fourth Amendment; outside of actual border crossings, the USG cannot search them without a warrant or probable cause.
AFAIK "outside fo actual border crossings" also extends 100 miles into the US (including the coastlines). This covers the vast majority of people in the US. I've heard stories of people being searched and harassed by police because they happened to have a foreign visitor with them:
Federal law and executive order define a U.S. Person as:
a citizen of the United States;
an alien lawfully admitted for permanent residence;
an unincorporated association with a substantial number
of members who are citizens of the U.S. or are
aliens lawfully admitted for permanent residence; or
a corporation that is incorporated in the U.S.
I doubt that "permanent residence" includes H1-b workers, or other work visas, and I very strongly doubt that it includes people on business or pleasure trips.
The NSA's language seems to derive very closely from FISA (the law itself, title 50 chapter 36),
..which in 1801 (i) has similar language, though it clarifies that the definition of "lawfully admitted for permanent residence" should be taken from "section 1101(a)(20) of title 8"
(20) The term “lawfully admitted for permanent residence” means the status of having been lawfully accorded the privilege of residing permanently in the United States as an immigrant in accordance with the immigration laws, such status not having changed.
I don't feel enlightened.
The EFF, in a surprising turn, claims that any legal resident is a US Person... normally I expect the EFF to (a) do their research correctly, and then (b) point out the worst-case scenario. This appears to be neither. https://ssd.eff.org/foreign/fisa
If you want to see how it is currently in effect, look no further than Guantanamo Bay.
Non-citizens also under the label of terrorists (hint: not human) do not receive right from the US
I can easily see it in a very literal interpretation of the documents though. For example, all of the amendments refer to "the people". "The people's right shall not be infringed..."
Who is "the people"? Well, the Constitution starts out like so:
Maybe there is no need for the Fourth Amendment to apply - these rights are human rights and can be found in the Universal Declaration of Human Rights (UDHR) [1]. As far as I know the UDHR is not legally binding but there are other international laws covering the same topics as the UDHR, for example the International Covenant on Civil and Political Rights (ICCPR) [2]. Maybe a bit naive, but at least in theory I - living in Europe - should be able to sue the United States for human rights violation if the NSA read my emails without justified suspicion.
> He's not a US person, but instead a well-known citizen of Iceland, living abroad, and is thus not protected by the Fourth Amendment
Again, that actually isn't particularly obvious in this kind of situation. The US property of non-resident aliens enjoys constitutional protection against (for example) expropriation. But there's no equivalent protection for their US cloud data? Oh Well.
On the other hand, as far as I can tell (IANAL) the fellow just got served a warrant, or at least a pretty ordinary court order of the kind that isn't related to foreign-intelligence loopholes or restricted to non-USPERSes. That's roughly the kind of thing that will happen to you in any jurisdiction if prosecutors have good evidence that you have information material to a huge criminal investigation. Maybe the secrecy or the breadth of the order was dubious. (I think it's also very likely that his GMail was scoped out with a FAA702 before the government decided to re-request the information using a means that would allow it to be introduced by the prosecution in a US court case.) But fundamentally it seems </sunglasses> he just got served ... I'll get my coat.
Regarding (a) --- I don't understand how this argument that the constitution of a country (which represents its highest thoughts and ideals) can be applied selectively (i.e., only to citizens). If the thoughts contained therein regarding the rights of human beings are indeed 'True', then surely they should apply to all human beings?
If the US insists on waiving the rights of non-citizens, despite the constitution, then it should also accept that it cannot prosecute any non-citizen for non compliance with its laws because they were not afforded the same rights.
> I don't understand how this argument that the constitution of a country (which represents its highest thoughts and ideals) can be applied selectively (i.e., only to citizens). If the thoughts contained therein regarding the rights of human beings are indeed 'True', then surely they should apply to all human beings?
You'll get little argument from most 'Mericans for your statement that these rights are human rights. The argument you will get is the rationality of transference. The difference between the OP and any American is citizenship and history.
US citizens of today are beneficiary to a Constitution that was crafted and bled for, over 200 years ago, with nasty war for our independence and claim to self governance. I didn't fight this battle. My father didn't fight this battle. Neither did his father. But one of the dumb-luck results of not only being born in the US to American citizens, are the benefits bestowed upon me by the war that was fought for the benefit of future generations (i.e. ME).
Now... this is going to sound really pointed and "f* y", but there's no other way to say it. Those 200+ year old men and women didn't fight this war for people in other countries, they did it for their own sons, daughters, and many generations that would come.
I agree! Those rights that were fought for should be universal human rights for every single person on the planet. But that's why you have to fight whatever government collects your taxes for those very rights on your own.
But that's why you have to fight whatever government collects your taxes for those very rights on your own.
Why? It's not the government collecting my taxes that is reading my emails and generally spying on my communications, it's the US'. How does fighting it help me?
I hear the point. Seriously I do. But the Constitution the US is bound by is not an agreement between the US government and citizens of the world. It's an agreement between the US government and the citizens for whom it claims jurisdiction. It's scope and application is not only limited, but intentionally and wisely limited. Were it not, we would be imperial Britain and we all know how that worked out.
I think you are missing the point here: My government (Germany) already grants those rights, maybe even more rights than the US. But this doesn't mean anything when I'm using a service provided by an US company over which my government doesn't have any jurisdiction. What the US government says by its position and in the age of internet and cloud computing is the following: The moment any non-US citizen is using a service provided by an US company, he is giving up any right to due process, privacy and data security (as far as this service is concerned). Which is risky and short-sighted to say the least.
That's just it; our Icelandic friend at WikiLeaks didn't lose due process. A valid warrant was issued, that's essentially the end of story; that's all the protections U.S. citizens get, after all.
I do agree that there needs to be a framework for how "data privacy" works in the Cloud Era, but it's important to keep in mind that it's not as if the law was meant to be that uneven toward foreigners, the law is essentially still from a time when there was no such thing as a Cloud, and "search & seizure" actually meant something physically present was found and seized.
The law doesn't (in general) permit taking property in the U.S. belonging foreigners abroad, for instance, so it was not as if the legislators all had their "FUCK U EUROPE" pens out when they were drafting the laws.
What we need are bilateral treaties that cover this situation. Perhaps something like a Most Favored Nation status between nations that specifies what kind of warrant requirements would exist for a given foreign national.
But then again, how do you determine the nationality of the user behind a given IP address in the modern world?? :-/
> The moment any non-US citizen is using a service provided by an US company, he is giving up any right to due process, privacy and data security (as far as this service is concerned). Which is risky and short-sighted to say the least.
I realize this is a crappy response, but the only solution is to not use the services of countries whose laws do not explicitly protect you. As a US citizen, I refuse to use any services that can avoid that are provided by China for this very reason. (aside from the fact that I can't read Chinese.)
But... it's really, really important you understand something else here... The rights and protections you are correctly suggesting are NOT granted to you because of the limited scope and application of our Constitution, are the exact same rights and protections of mine, as a US citizen, that are currently being violated. Were I a citizen of another country, I would be just as, if not more, incensed about what has been claimed about the privacy rights of my data recently. But imagine what it's like to have grown up in a country where the guarantee of these rights is so ingrained in our minds that they are barely (almost NEVER) questioned, to find out that they are being violated at will and without the legal right to challenge or even the right to know what those violations are.
I can not even begin to articulate to you the degree of uncontainable rage I and many, many people I know have regarding what is going on right now. I can't recall a single time in my entire life, which is not an insignificant number, that I have been more angry or concerned about anything. NOT F!*&%$ ONCE!
"Google is, however, allowed to tell me what account is involved, and I can do whatever I want with the information Google gave me"
So Google was allowed, not required. Looks like they did the right thing by at least telling OP what they were forced to do. Shouldn't the title be "Not trusting your Government"?
> The chain of trust still extends to them. You're
> trusting that they're actually doing everything
> they say they're doing.
Tarsnap performs encryption in the client, which is distributed only as source code. If you audit the client sufficiently to believe it is properly encrypting your data, then there is no need to trust the server or the hosting provider.
Sure, if you are willing to do all of the computation on the client, and only use the server as a place to store an encrypted bag of bits.
If you have a sufficiently fast network connection (or enough local disk cache and the ability to predict what you will need before you drop off your high speed network access), that can work. But there will be a lot of things that you may have gotten accustomed to if you operate in such a paradigm.
You still have to trust them and their government when you use the service. They (or their government) could delete or compel the deletion of the files, have or cause outages, etc.
Also, all the crypto in the world doesn't keep a service from logging (ip, timestamp) tuples each time you access them. You can do a lot with metadata.
Yes, but almost every provider is going to tell you up front that they will comply with requests from the government. If they then do that, there's no violation of trust.
Even cperciva notes that. He even says he might well turn over information without making it a knock-down/drag-out fight, if he believes the request is reasonable. And its all in his ToS.
FWIW I agree completely with that viewpoint, so this is not a criticism.
True, but Google is by far the most dangerous aggregation of personal information, and the topic of this conversation. It's also a company that spends a lot of effort telling people to trust them when that is clearly unjustified.
I think he's right. There's something terrible, here. Google services let us search/share/store data with an efficiency yet unseen at this scale. It's probably not that much of an exaggeration to say google is empowering humanity.
But doing so, it handles so much data about so much people that even with good will, it's a danger. How secret services and cops could not be interested in the huge amount of data magically made available by google services ? The aggregation itself is the danger - and the feature we all love.
I'm playing Devil's Advocate here, but why would I be worried about Google?
I search through Bing. My email is through Hotmail/Outlook. My online cloud sync is through Skydrive. Why am I cowering from Google any more than MS or anyone else that I give huge amounts of my data too?
Mostly because Google is a lot better at it and had far more sources of information about each individual to draw on, for example they have your search history, the history of all your browsing (via analytics), location history for users of maps on mobile, calendar, and email, and docs.
It doesn't take much to imagine what kind of dossier could be constructed on an individual from that data. Quite likely they do know more about many people than those people know about themselves. Of course this can be used beneficially, but it's also the exact information needed to manipulate people.
That is far more than any other service is able to aggregate, and Google's business is fundamentally about mining that data in a way that is not for other corporations.
But yes, the others are a problem too - just on an orders of magnitude lower scale than Google.
I am not. Google is only doing what it is forced to. I am activly searching for google alternatives. Ghostly app on iphone, ghostly for firefox, duckduck, but a good mail client? With easy encription? Not available...
Google isn't forced to rely on stockpiling personal data as a business model. It could create the exact private service that you are looking for, but it intentionally does not.
> It could create the exact private service that you are looking for, but it intentionally does not.
Most of Google's products are "webapp" equivalents to traditional desktop software. It is not possible to create webapps which are private against the webapp's host.
What you are essentially arguing is that Google ought to shut down its current business in favor of writing security-conscious desktop apps. The result would be that users would all jump ship to another provider, and then Google would go out of business and people on HN would be complaining that $NEW_COMPANY doesn't respect user privacy.
If you want to suggest a course of action that will improve user privacy, it must be one that users will actually be willing to support.
Google was perfectly capable of creating a secure browser and propagating it through all manner of mechanisms. There is no reason they couldn't do the same with a secure mail system, for that matter they could just deliver it as a chrome update and smoothly redirect people into it if they wanted to. There is absolutely no reason why users would 'all jump ship' to another provider.
All you are really saying is that Google exposes data to the government because its business model dictates that it put privacy below behavioral profiling it its list of priorities. That is not in dispute.
You are arguing that Google is incapable of solving this problem, whereas I think that a group of people as talented and resourceful as Google could solve it if they wanted to, but they aren't trying because they think their value is tied to the amount of personal data they collect, rather than what problems they solve for society.
Right now, this privacy problem is a serious one for society, and who is better positioned than Google to solve it?
> Google was perfectly capable of creating a secure
> browser and propagating it through all manner of
> mechanisms.
Google could easily create a secure email client. There's no need to, since Thunderbird already exists, but they could if they wanted to. That wouldn't help at all with the problem of email security.
> There is no reason they couldn't do the same with a
> secure mail system, for that matter they could just
> deliver it as a chrome update and smoothly redirect
> people into it if they wanted to.
What you're asking for is for Google to create its own proprietary communication protocol, then force all Chrome users to have it, then force Gmail users to use it. Can you imagine the reaction? Apart from flagrantly violating "don't be evil", it would lock out every alternative browser and prevent Gmail users from communicating with non-Gmail users. It would be XMPP->Hangouts all over again, except even worse because people actually use email.
And consider how the implementation would have to work. First, it would be available for only a handful of browsers, possibly even only Chrome. Obviously it would need to be equivalent-ish to POP3, so that no data remains on Google's servers, which means that users would only be able to check their mail from a single device. If they bought a smartphone, they'd have to choose which device to read mail on. If they bought a new computer, they'd lose access to their previously received mail.
There is no technical reason why Google could not create a secure messaging system. There are many many many social reasons.
> All you are really saying is that Google exposes data
> to the government because its business model dictates
> that it put privacy below behavioral profiling it its
> list of priorities. That is not in dispute.
Google exposes data to the government because it is headquartered in a country where laws require compliance with search warrants. In theory Google could choose to relocate all of its employees to Somalia to avoid warrants, but that seems impractical.
If a user wants their data to be truly private, then the implementation of that requires much more stringent privacy measures than most users are willing to put up with.
Your position appears to be that companies should not provide communication products for people who don't mind giving up a bit of privacy in exchange for a lot of convenience. That's not a reasonable position.
> whereas I think that a group of people as talented and
> resourceful as Google could solve it if they wanted to
This problem is not a technical problem, so no amount of technical expertise could solve it. You could set every single programmer in the world at solving this, but if their solution involves a user having to understand encryption keys then it would never be adopted.
Google could easily create a secure email client. There's no need to, since Thunderbird already exists, but they could if they wanted to. That wouldn't help at all with the problem of email security.
False. The problem is not whether or not secure email clients exist. The problem is that people don't use them. Google has massive strength in both marketing and usability that existing secure email clients do not have.
What you're asking for is for Google to create its own proprietary communication protocol, then force all Chrome users to have it, then force Gmail users to use it. Can you imagine the reaction? Apart from flagrantly violating "don't be evil", it would lock out every alternative browser and prevent Gmail users from communicating with non-Gmail users. It would be XMPP->Hangouts all over again, except even worse because people actually use email.
False. Nobody said that the protocol had to be proprietary. Nobody said Google couldn't also release it as an open source module that anyone could incorporate to their clients. Indeed these would be prerequisites for the security of the system to be audited.
Your position appears to be that companies should not provide communication products for people who don't mind giving up a bit of privacy in exchange for a lot of convenience. That's not a reasonable position.
Why not? If it's unreasonable, you should easily be able to say why. I think it's a question of priorities. After our collective experience with cigarettes, we no longer think it's reasonable for companies to peddle addictive substances. Why shouldn't our attitudes to corporate responsibility for privacy also develop?
Google exposes data to the government because it is headquartered in a country where laws require compliance with search warrants. In theory Google could choose to relocate all of its employees to Somalia to avoid warrants, but that seems impractical.
False. Google exposes data because of the law and because it has engineered systems to collect the data for it's own business purposes. Google can't control the first but it can control the second, therefore it is responsible for the outcome (as are the lawmakers and enforcers).
This problem is not a technical problem, so no amount of technical expertise could solve it. You could set every single programmer in the world at solving this, but if their solution involves a user having to understand encryption keys then it would never be adopted.
False. Usability and marketing problems can be solved with technical solitions. This is a large part of what Google does. There is no need for users to need to understand encryption keys in order to use encryption, otherwise we wouldn't have ecommerce today.
When you don't pay for a service in money, the company providing that service has to find some other way of generating money.
Often they do this by collecting and selling data about you.
Now, that doesn't mean that just because you paid for a service they won't do the same thing. But they'll will have more incentive to protect their paying customers than some service which consider you and your data as the commodity.
Sorry, paid or not still doesn't have anything to do with whether or not a company will comply with a lawful order, or how much that company will push back. The incentive and willingness to push back isn't related to how much a single user pays, but considerations like the principles of the company, and the estimated aggregate losses from the perception that a company doesn't protect their user's data. Google, for instance, has a much higher potential loss from this perception than a smaller company that charges.
Also, Google does not sell information about their users. They target ads. The difference is huge.
This has nothing to do with privacy and free services. Yes, that is a problem, but it has no connection at all to this case. It's about emails and private chats being given to the government without any limitations. It's about non-US citizens having zero protection or due process when they use US-based cloud services. That's a couple of degrees more severe than "Google is storing personal details about you and may give them to the government". It basically means that foreigners upload their data de-facto directly to NSA servers when they use US cloud services.
You can't separate the two. The reason why foreigners are uploading their data to the NSA when they use Google is because of the way Google makes its money and engineers its services.
Compare this to Apple's iMessage or FaceTime - Apple cannot decrypt the contents of the messages, and therefore cannot give the contents to the government.
They designed the service this way because their users pay for the service as part of the cost of the devices they sell so they don't require access to the data for behavioral profiling.
> Compare this to Apple's iMessage or FaceTime - Apple
> cannot decrypt the contents of the messages, and
> therefore cannot give the contents to the government.
This is not correct.
First, when you buy a new iPhone, the way you authenticate yourself is by entering your Apple ID and password. Once entered, your new device will begin receiving iMessage data. This means that Apple is capable of provisioning a virtual device with your credentials, which will receive your messages. From there, they can be either stored or forwarded to third parties.
Second, your iPhone runs binaries distributed by Apple. There is no technical reason why these binaries could not contain code to forward historical messages to Apple or to a third party. Even if they don't now, a future update to iOS (which you won't be able to audit) could introduce such code.
The only way to have private communication is for all parties to run open-source clients. Each party must have the technical skill to audit the source code, or there must be at least one (preferably multiple) trusted third-party auditor. They must distribute encryption keys through a separate channel which does not depend on the communication host.
In other words, the standard Thunderbird+GPG+keyparty system that is popular among nerds but has seen no uptake among the general population.
First, when you buy a new iPhone, the way you authenticate yourself is by entering your Apple ID and password. Once entered, your new device will begin receiving iMessage data. This means that Apple is capable of provisioning a virtual device with your credentials, which will receive your messages. From there, they can be either stored or forwarded to third parties.
Wrong. As others who have examined the protocol have noted, your password is used to unlock a keybag on the device itself. Apple doesn't have your password (only a secure hash) and therefore can't unlock the keybag. The security depends on the strength of your password, which is a weakness, but it is in your control, not Apples.
Yes, the binaries of any system can contain arbitrary spyware or be infected with such at any stage from development through to decommissioning. Open source is no absolute protection against that.
At the moment we are trusting that companies are not baldly lying to us, even Google.
> As others who have examined the protocol have noted,
> your password is used to unlock a keybag on the device
> itself. Apple doesn't have your password (only a secure
> hash) and therefore can't unlock the keybag.
Re-read what I wrote, and think about what it means.
Setting up iMessage on a new iPhone does not involve copying a "keybag" (sic), inputting a private key, or any other form of strong client-side authentication. All you have to do is sign into the device using your Apple ID, and you can then receive iMessage messages.
If there were any additional barrier preventing Apple from provisioning iMessage entpoints, iPhone users would not be able to activate iMessage with only their Apple ID.
Do you understand now?
> Yes, the binaries of any system can contain arbitrary
> spyware or be infected with such at any stage from
> development through to decommissioning. Open source is
> no absolute protection against that.
It's not an absolute protection, but it is very good protection.
Staying inside your house is not absolute protection against being eaten by bears, but your chances of being eaten by bears are much much lower than if you walk around Yellowstone dressed in steak.
Re-read what I wrote, and think about what it means.
I think it means you have a false belief about the limits of the system.
If there were any additional barrier preventing Apple from provisioning iMessage entpoints, iPhone users would not be able to activate iMessage with only their Apple ID.
Wrong. Apple doesn't have your password. Only a hash. Verifying against the hash allows apple to add another device to the backend but does not unlock the keys to the message history. Only the password does that.
There are other sources around the net that you can refer to to understand more about how such a protocol can be built, but I don't have a lot of faith in you as a conversation partner now that you've demonstrated that you can't be bothered to inform yourself before responding incorrectly with condescending certainty.
> Verifying against the hash allows apple to add another
> device to the backend but does not unlock the keys to
> the message history
Isn't this what I've been claiming? If Apple can provision additional endpoints, they can provision a virtual endpoint which receives messages and forwards them to third parties.
Doing that wouldn't provide access to the history. Unless they always do this for every single device, there is no mountain of data to analyze.
The point we are discussing is not whether iMessage provides perfect security. The point is that iMessage doesn't give Apple a stockpile of personal data that can be indiscriminately targeted at any time the way GMail can.
I'm not saying it's a panacea or arguing in favor of Apple. iMessage proves that Google could engineer a system to protect users privacy by not stockpiling data if they wanted to, which you have incorrectly denied.
> iMessage proves that Google could engineer a system
> to protect users privacy
iMessage does not protect privacy, because Apple is capable of intercepting your messages messages and sending them to third parties. To be a private communications medium, it should be considered impossible for messages to be intercepted.
The only thing worse than a product that doesn't offer privacy is a product which claims to, but actually doesn't.
IMO, Apple's claim that iMessage is private is irresponsible because it endangers people who take that claim at face value.
No modern computer can be constructed by an individual without trusting a corporation not to have coopted some part of the system. Therefore no communication system can exist that meets your criteria. (E.g. Because the CPU could be compromised)
Your argument is the equivalent of 'we can't trust any corporation'. It's a coherent position to take but it is extreme and doesn't lead to meaningful discussions about what is possible.
> Therefore no communication system can exist that meets
> your criteria. (E.g. Because the CPU could be compromised)
For the purposes of this discussion it's reasonable to assume that consumer hardware does not contain backdoors, because such extensive compromise of the computing infrastructure would require conspiracy on a massive scale (approximately every electronics manufacturer in the world).
Any evidence of this? I had read and posted about the same, but more recently found an older discussion on HN (which, absurdly, I cannot find now) which explains in more detail how the end to end encryption actually works and does so in a way that Apple almost definitely cannot intercept the plaintext messages.
Short version: Users can enable iMessage on their devices by signing in to their Apple account. Therefore, Apple is capable by themselves of configuring which devices receive messages from particular accounts. Therefore, Apple is capable of configuring a device you do not control to receive your messages.
They could do so, yes, but it would pop up a message on your actual devices which you would have to agree to before that device can receive and decrypt new messages.
You still don't understand how this works. Apple can't complete the provisinig process alone - the user unlocking the keybag on the device with their password is an essential part of provisioning a device.
When a new device is added to the keybag, the other devices report the change - this isn't controlled by the server and isn't optional. Apple can control the transport infrastructure, but they cannot enrol new devices into the cryptographic session without the user being involved.
Fair enough, but actually your other point doesn't stand either because the prevailing understanding is that the keybag mechanism allows the clients to detect and report when another device is provisioned, and that the password is needed to join a new device to the keybag.
Therefore although Apple could add another device to the communication protocol, without the password another device cannot be added to the encryption session, or without alerting the end user.
Even leaving behind the arguments that Apple was incorrect on iMessage history being inaccessible to them, what about the rest of Apple's services (like all your icloud email, your contacts, calendar, etc) that certainly can be turned over with a warrant?
That data certainly can (and likely is) turned over by Apple in just the same way that the data Google stockpiles can be.
This doesn't affect the conclusion - Apple can make services that don't compromise user privacy because they aren't driven by their business model to collect personal data for behavioral profiling. Google has a vested interest in collecting this data, and persuading us to accept this as normal, that Apple just doesn't have.
Complying with search warrants would not be nearly as problematic if Google didn't capture so much data about its users, or made a bigger effort to prevent itself from reading it (and hence be unable to provide it).
Some data could be captured less, but what about data like email contents, files, contacts, calendar data, chat histories? Retaining those things are part of the whole purpose of having web clients and dwarf logs like the IP address you used to do a web search, which is ephemeral anyway. Can we at least define the "so much data" that we're talking about here? Going to my Google account page, for the most part I see services that I specifically turned on. What other data are we talking about here that would really save the day if not present?
Meanwhile, some of the objections in this thread seem kind of selective. With a search warrant, the FBI can tap your phones and record your conversations, they can tap your internet connection and watch every IP address you connect to and record all the unencrypted connections you make, they can place tails on you that record every word they can pick up with a microphone, they can track every financial activity you engage in and every person you meet with; they can go into your house and take everything you own. If Colin was in the US, they could certainly go into his house and install a keylogger.
If you just want an online backup system, definitely use tarsnap or the like. I have an offsite backup that's locally encrypted. If you want a web service, though, with all the tradeoffs that implies, that's what you're going to be subject to. For US citizens, search warrants are actually good things; probable cause is a high bar to meet. It's the bullshit lack of disclosure/secrecy culture that the judiciary accepts so often that is the problem here (as well as the problems of if you're not a US citizen...). If we ensure that warrant disclosure policies are reformed, at least we can be informed that our data has been seized and defend ourselves.
Some data could be captured less, but what about data like email contents, files, contacts, calendar data, chat histories? Retaining those things are part of the whole purpose of having web clients and dwarf logs like the IP address you used to do a web search, which is ephemeral anyway. Can we at least define the "so much data" that we're talking about here? Going to my Google account page, for the most part I see services that I specifically turned on. What other data are we talking about here that would really save the day if not present?
LastPass is a webservice and stil encrypts the data locally; they use an extension, but Google controls the most popular browser today. They could add encryption capabilities to it and use it on Calendar, Contacts and others. Even email could be auto-encrypted on arrival.
...but at the expense of basically everything that makes gmail useful. No search, spam filtering, filtering, google now, etc. If you want that, just use IMAP in thunderbird with PGP today.
The user's choice, yes. If Google didn't do those things that required access to the data then the user would switch to a service that did. It would be like Scroogled but on steroids.
They keep the deleted e-mails too? So even if you want to escape that 180 days law that says after 180 days it's free for all for authorities to get your e-mails, then deleting them before that time passes won't do you much good.
So basically the authorities will have access to your e-mails anyway. It's just that they won't get them in the first 180 days. And of course this just applies to police/FBI, as NSA can get them from the day you sent them.
Google's chairman has publicly stated that Google deletes things when you ask for them to be deleted. Video here starting at 4:00 mark and relevant discussion ending at around 5:45.
Google doesn't 100% say that the data is totally totally gone, but seems to say that it is no longer indexed for lookup by your accounr, after 60days after deletion:
https://support.google.com/mail/answer/7401?hl=en
I don't have any personal knowledge of this but if I were to recklessly speculate, I would wager "deleting stuff is hard". The typical concern is data loss, so to delete something completely you need to unwind your entire data loss prevention stack. Delete a file, delete a row from a database, wipe a cache from another server, scrub any ZFS-style filesystem versioning of data, mirror the changes to any off-site on-line backups and scrub everything there, retrieve any off-site off-line backups and wipe those...
It's a non-trivial engineering task. If you want an email service which can readily delete your email, you need to find one with non-redundant, completely un-mirrored databases, fragile filesystems, and no backups. But that is not what most people are clamoring for in a service provider.
Creating a massive behavioral profiling advertising system is hard, as is creating a self driving car. Protecting users from Government intrusion is simply a lower priority for Google.
I wouldn't be surprised if the NSA didn't have the e-mail captured, sorted, and analyzed before it's processed on the receiving end and shows up in the user's mailbox.
If Google has records of all emails that have been sent and deleted, presumably even if you don't have a Gmail account the government could ask Google for all emails that had ever been sent to your account.
Just as the Syrian government is unlikely to be able to get Google to give them information on particular dissidents, it would be wise for American activists to choose a email provider that is not located in the United States.
Indeed. Once I manage to anonymously acquire some Bitcoins, I will be looking for a reputable VPS host based in Europe (that I can pay with Bitcoins) where I can run my own mail system.
Why, so that all the emails you send and receive can go right back to american PRISM partners? There's little point to that when everyone you email uses gmail.
I wonder if donating to wikileaks or even sending an email to wikileaks offering to volunteer would be enough to interest someone in government in getting all your 1's & 0's.
I wasn't trying to sound paranoid or cowardly. I was just curious what opinions people had on the level of involvement with Wikileaks that would be enough to get the governments attention.
I don't think it would take very much "involvement" at all.
Let's say you sent such an e-mail. It was noticed by the NSA and triggered... whatever and now they've decided that they want to monitor you. How much difficulty is involved?
From what I've read recently, it seems that it's fairly trivial to start monitoring an individual and continue to do so for a period of time. I would imagine that the easier it is, the higher the chances are of it happening.
If it's a matter of hitting a few keystrokes to begin the monitoring, there's little cost involved so why not? They could monitor you for a while, analyze the data, and then decide if they need to keep monitoring you.
If it's extremely difficult, costly, or time-consuming to begin the process, well, I'd imagine they would be less likely to do so (by how much I won't begin to guess).
Basically, if they can start monitoring you and gathering data on you with little effort or cost required, it's probably a given that they would keep an eye on you. If there's a bunch of paperwork, warrants, etc., involved, the chances would be lower, I think.
It's hard to imagine anything more interesting to the NSA, but for not just the obvious reason.
Wikileaks set itself up as a nexus of exchange for state secrets of a great many states. Any state with an intelligence operation would want to penetrate that organization to have access to raw data and advance notice of anything interesting about to go down.
I've often wondered if such organizations (not naming names) ever wondered why they get approximately one volunteer from each European nation.
"Not trusting" in this case is more of an operational than moral/ethical judgement, and more general than Google - you can't rely on privacy from any company if the government can send them a letter saying, "Gimme everything on this guy, bitches."
And, well, if you don't want to run to Hong Kong, you're pretty much the government's bitch in that circumstance...
"I believe that organisations don’t really have a right to secrecy and I believe that the more open a society, a society where people have more information is a society where we can take more informed decisions and where we perhaps won’t need the gatekeepers that are currently in place as much" -Herbert Snorrason
If he doesn't believe organizations have a right to secrecy, then why does he believe that he is entitled to secrecy. Privacy and secrecy are the same thing, claiming to be pro-privacy but against secrecy is dishonest.
No, they aren't (e.g. that I want to be alone when going to the bathroom doesn't mean it's a secret what I am doing there). Even if they were, persons and organizations are not the same thing either.
Isn't all "this shit" in violation of the International Bill of Human Rights?
"No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks." -- International Bill of Human Rights, article 12.
I also found interesting to read the "CCPR General Comment No. 16" [1] on the right to privacy.
I think the US government showed in the last ten years that they don't care much about those "basic human rights". I'm pretty sure torture, drone killings, locking innocent people away without due process, and silencing dissidents also kind of violates the IBoHR.
I'm not saying I approve but the key word is "arbitrary". The USG would presumably say this isn't arbitrary interference as it's in the course of a criminal investigation.
Google should invent a distributed, encrypted email protocol and make that network an option in GMail for storage and message sending. That would be a great PR move - if there is no central server, and no central message pipe, it's a little hard for anyone to think Google wants to be complicit in spying.
How would you implement a secure web interface to distributed encrypted storage? The moment a user wants to view email in their browser, it needs to be decrypted by Google's server (or decrypted by Javscript served from Google's server, which is equivalent from a security perspective).
For users who are willing to give up the web interface, there are many open-source email clients that provide strong encryption (e.g. Thunderbird + GPG).
What a truly, truly, truly absurd statement. I run my own webserver and have Roundcube exposed. It's only accessible via my VPN and even then, it's HTTPS. So tell me, how are you planning to compromise that?
That would be the antithesis of what Google does - they give away services for free in exchange for access to personal information that they use to sell more precise targeting to advertisers.
Google's business relies on them being able to examine your personal data. That's how Gmail is paid for.
Perhaps someone who has a different business model e.g. Samsung, Microsoft, or Apple should do this.
But those are no more private than the unpaid ones. And they can still extract value by profiling you from your email and then displaying ads on search and other properties based on what they learn about you.
There already is a distributed, encrypted email protocol. That's what gmail uses.
Trusting "someone" on a distributed network to store information for you long term isn't a good idea. They disappear and your data is gone too.
Also, if you can find them to request the data, a search warrant can find them to request it, too.
Also, crypto doesn't help. It would be foolish to assume gmail messages aren't encrypted on disk. The keys have to be stored somewhere. End users can't and won't securely store key material. Store them on the server, and it's subject to the warrant.
That wouldn't be Gmail in any sense. Why would google be involved in that product -- they dont' provide the server, the delivery, the spam detection (right?)
If you dont want to use Gmail for some or all messages, just don't use Gmail.
They could provide all the client software. Hell, they could even make ad targeting work by moving their mail-reading bots to the client and have them select ads from a stack of mothership-provided ads, with no feedback except following the link if you click.
But I agree with you that it's very different from anything they do. Also, too vulnerable to piracy or cloning. Aaand it may not be feasible to run their bots in a weak machine.
> they could even make ad targeting work by moving their mail-reading bots to the client
Gmail ad targeting isn't a bit of JavaScript that can run in real time in the background. It's a series of huge map reduces touching data sets larger than any client computer could store. Just indexing a pre-prepared list of mothership ads would result in a horrible user experience (far poorer ad targeting).
Google has a vested interest in only showing you ads you might be interested in; it doesn't work as well as it should, but it works magnitudes better than the state of the art 10 years ago.
Why would anyone use a proprietary ad-ridden client when there would be multiple high-quality open-source clients available?
And if the protocol is sufficiently closed to prevent open-source clients, why would anyone use it at all? Wouldn't that be the same as the XMPP->Hangouts transition that infuriated everyone a few weeks ago?
Not counting monetization, the main difficulty with implementing true privacy - from the provider itself - of web services is the necessity to cut the "account recovery" feature.
When the provider can't access your data, if you lose your password, all of your data is gone forever. If you are willing to live with that, alternatives already exist, as others pointed out.
Expect that Google wants to read what you wrote on the email and to whom. Of course to help you see more ads, er better ads. Cause you're just dying for another dozen ads.
Imagine a Google Glass wearer and a NSA order to record everything he sees?
My using encryption doesn't suddenly make all of the hundred people I regularly communicate with on gmail suddenly have PGP keys or smartphones that support encrypted messages.
You would know about it, but the warrant can still be sealed if it "is necessitated by a compelling government interest", so you can no idea why it was being done.
In theory you can get this reversed, but it is common for courts to uphold the government's interest in keeping investigations secret well beyond normal disclosure dates, in a few cases even up to and during the trial against the person who was served the warrant.
Can information gathered under a FISA warrant be used to get another court to grant an Article III warrant, and can such information be critical to getting an Article III warrant? If a rubber stamp like FISC enables the government to get Article III warrants that it would not otherwise get, then FISC might as well just hand out Article III warrants.
It's not a rhetorical question, I don't know the answer to it one way or the other.
As to your second sentence, I think it's very reductionist. I see a FISC warrant as functioning like a subpoena. Say the SEC subpoena's your company's financial records from your accountant, and finds in there evidence that is sufficient to get a proper warrant to get documents from your company's premises. Does that mean there is no protection or purpose to the SEC not just being able to give itself Article III warrants?
Why not just keep all your data on your own computer? No need to have a cloud and if it's email your worried about, well, it's assured if the U.S. government wants your conversations they will get it unless you jump through some pretty large hoops.
Google shouldn't be trusted with everything you have. Between Analytics, Android, Google Search, Documents and E-mail they know what you are thinking and virtually everything you do, online and offline. Even if the current management are saints--I doubt it--the next team will push the envelope to monetize it even more. And then there is the NSA and FBI and the local divorce lawyer. If it's there they will get it.
So try things like blocking analytics at host level, using either gmail or search etc etc. Makes it harder for NSA. Can you imagine yourself in a trial trying to explain why you visited certain sites or searched for certain keywords 3 years ago? Were you really researching what you saw on CSI or were you preparing the perfect murder of your wife?
This just seems like a variation of the argument that you should get out of the way of the bullet instead of demanding that the gunman not shoot you in the first place.
I should be able to give whatever data I want to Google without worrying that the government is going to take it from Google in secret.
That is a laudable and idealistic goal, but we don't live in that world. Furthermore Google itself knows more than we do about how easily governments can access the data it accumulates.
If it chose to, Google could protect users by developing services that do not rely on Google itself examining their personal data.
Google understands the risks better than its users but chooses to expose them because doing so is aligned with its business model and philosophy whereas protecting them is not.
It's a bit like recommending someone travel through a war zone on a bicycle when a tank is an available alternative, because the bike carries advertising you profit from and the tank does not.
Still, you do want to remove that dangerous war zone itself. The problem is, to do that, a few group of people at best needs to stick their neck out for the benefit of everyone else.
The way I see it, the problem is that mass cooperation just isn't going to happen. Incentives and benefits must be found at the individual level (altruism counts as a weak incentive), and drawbacks must be dealt with, starting with the gazillion trivial inconveniences that an otherwise privacy aware citizen would have to put up with.
There's a reason why I don't encrypt my hard drive: my OS doesn't do it by default, and taking the time to set it up is just such a drag.
> If it chose to, Google could protect users by developing services that do not rely on Google itself examining their personal data.
I'm perplexed that you'd call me idealistic for not wanting a coercive third party secretly taking a company's data by force, and in the next sentence suggest that a company should provide services to me in exchange for nothing.
I give my data to Google. In exchange, I get their services and they get to serve me advertisements. I am happy with this arrangement. Wanting my government to have some semblance of the checks and balances encoded in our founding document is neither unreasonable nor idealistic.
I'm not calling you idealistic for what you want. I want a trustworthy government too.
I'm calling you idealistic because you are putting your hopes in an idealistic solution when Google could provide you with a technical solution now. One type of check and balance against untrustworthy governments is robust civil institutions. Technology companies could be helping to provide those.
It seems to me that in the presence of an untrustworthy government, a state of affairs that had existed throughout history, you prefer ad-supported free email to privacy.
Given the advance of Big Data (outside and inside of the government), it sounds to me like a variation of the argument that there's a reason people lock their car doors if they have valuables. Yes, people shouldn't steal from you, but if you really wanted those valuables then a wee amount of due diligence towards risk reduction wouldn't kill you either.
In a perfect world we wouldn't need locks at all, either on our cars or our houses. But when the world is not perfect then sometimes it becomes more reasonable to abate the risk ourselves than to shout at the whole world to stop being imperfect.
Maybe engineer a service that is harder to wiretap? It is not easy, but they have some of the best computer scientists on this planet working for them. If I were them, I would start somewhere around here:
It's not directly apropos this particular thread, but Google has engineered an email service that is particularly difficult to wiretap. To wit:
(a) They're the Internet's foremost adopter and proponent of DHE ciphersuites, which drastically reduce the impact of losing the RSA key that underpins most site's TLS security, and, just as importantly, forces adversaries to actively MITM every connection in order to decrypt them.
(b) They're a pioneer in key pinning, which bakes the identity of their key into the Chrome browser binary, meaning that when your Chrome browser talks to Google's mail service, it's unlikely to trust any otherwise- valid- looking certificate presented by a MITM attacker.
Google's mail service is better encrypted than most banks.
Difficult to wiretap in the sense of intercepting communications to and from Google, yes.
But it's also engineered to give Google itself access to your data so they can improve their behavioral profile of you.
I think what people are suggesting is that if end user privacy was Google's priority rather than gaining access to user data for their own use, they could engineer a service that didn't place themselves as a man-in-the middle.
They're a pioneer in key pinning, which bakes the identity of their key into the Chrome browser binary, meaning that when your Chrome browser talks to Google's mail service, it's unlikely to trust any otherwise- valid- looking certificate presented by a MITM attacker.
Chrome doesn't pin actual certificates, just public keys of CAs. If some organization had access to Verisign, Equifax or Geotrust keys, they could just create new certificates for *.google.com, which Chrome would accept.
Am I right that a) applies only to direct communications between the end user and Google's servers?
Actually if someone sends an email to my Gmail account using his ISP SMTP server, is the connection between the two SMTP servers likely to be encrypted?
No, I don't believe that's true. The information in your mail is not more valuable to Google than the integrity of a bank account is to a bank.
Google has a financial interest in having access to the content of mail messages, but (a) it's an interest "in the large", not in any specific account, and (b) it's a nonrivalrous interest.
> Maybe engineer a service that is harder to wiretap?
You can't solve a legal problem with engineering. We're talking about the same agencies who had the ability to get all of the major phone carriers to install wiretapping services – there's no reason to believe they wouldn't do the same to anyone else of interest.
Yeah, but if you read the linked paper, there are things Google could do to protect its users' privacy. That paper is about privacy-preserving targeted advertising, which would not give Google anything for the government to subpoena or search while still allowing them to conduct their business. There is no reason Google has to make itself an easy target.
Which is why I said they should start there. I did not say it was a completed solution. Right now, Google is not even trying to protect their users by any technical means, relying instead on the courts.
I absolutely agree that they aren't even trying, but starting there would reduce the effectiveness of their ad business and hence reduce revenue, so I don't see that happening.
Wiretapping in this context refers to both getting information on the wire and getting information stored on Google's servers. At this point the distinction between the two is completely pedantic.
Die. Lose to a competitor that is based in a free country and/or offers a paid service and therefore does not need access to the entirety of people's data to serve ads.
Well, he's going to want to punch me, but here's what I think(?) the answer is:
(a) He's not a US person, but instead a well-known citizen of Iceland, living abroad, and is thus not protected by the Fourth Amendment, at least to the extent that anything in the Fourth Amendment conflicts with any interest of the US.
(b) He's a person of interest in the investigation of one of the most significant leaks of national security information in US history.