Schneier on Security
A blog covering security and security technology.
« Massive Chinese Espionage Network |
| Fourth Annual Movie-Plot Threat Contest »
March 31, 2009
Privacy and the Fourth Amendment
In the United States, the concept of "expectation of privacy" matters because it's the constitutional test, based on the Fourth Amendment, that governs when and how the government can invade your privacy.
Based on the 1967 Katz v. United States Supreme Court decision, this test actually has two parts. First, the government's action can't contravene an individual's subjective expectation of privacy; and second, that expectation of privacy must be one that society in general recognizes as reasonable. That second part isn't based on anything like polling data; it is more of a normative idea of what level of privacy people should be allowed to expect, given the competing importance of personal privacy on one hand and the government's interest in public safety on the other.
The problem is, in today's information society, that definition test will rapidly leave us with no privacy at all.
In Katz, the Court ruled that the police could not eavesdrop on a phone call without a warrant: Katz expected his phone conversations to be private and this expectation resulted from a reasonable balance between personal privacy and societal security. Given NSA's large-scale warrantless eavesdropping, and the previous administration's continual insistence that it was necessary to keep America safe from terrorism, is it still reasonable to expect that our phone conversations are private?
Between the NSA's massive internet eavesdropping program and Gmail's content-dependent advertising, does anyone actually expect their e-mail to be private? Between calls for ISPs to retain user data and companies serving content-dependent web ads, does anyone expect their web browsing to be private? Between the various computer-infecting malware, and world governments increasingly demanding to see laptop data at borders, hard drives are barely private. I certainly don't believe that my SMSes, any of my telephone data, or anything I say on LiveJournal or Facebook -- regardless of the privacy settings -- is private.
Aerial surveillance, data mining, automatic face recognition, terahertz radar that can "see" through walls, wholesale surveillance, brain scans, RFID, "life recorders" that save everything: Even if society still has some small expectation of digital privacy, that will change as these and other technologies become ubiquitous. In short, the problem with a normative expectation of privacy is that it changes with perceived threats, technology and large-scale abuses.
Clearly, something has to change if we are to be left with any privacy at all. Three legal scholars have written law review articles that wrestle with the problems of applying the Fourth Amendment to cyberspace and to our computer-mediated world in general.
George Washington University's Daniel Solove, who blogs at Concurring Opinions, has tried to capture the byzantine complexities of modern privacy. He points out, for example, that the following privacy violations -- all real -- are very different: A company markets a list of 5 million elderly incontinent women; reporters deceitfully gain entry to a person's home and secretly photograph and record the person; the government uses a thermal sensor device to detect heat patterns in a person's home; and a newspaper reports the name of a rape victim. Going beyond simple definitions such as the divulging of a secret, Solove has developed a taxonomy of privacy, and the harms that result from their violation.
His 16 categories are: surveillance, interrogation, aggregation, identification, insecurity, secondary use, exclusion, breach of confidentiality, disclosure, exposure, increased accessibility, blackmail, appropriation, distortion, intrusion and decisional interference. Solove's goal is to provide a coherent and comprehensive understanding of what is traditionally an elusive and hard-to-explain concept: privacy violations. (This taxonomy is also discussed in Solove's book, Understanding Privacy.)
Orin Kerr, also a law professor at George Washington University, and a blogger at Volokh Conspiracy, has attempted to lay out general principles for applying the Fourth Amendment to the internet. First, he points out that the traditional inside/outside distinction -- the police can watch you in a public place without a warrant, but not in your home -- doesn't work very well with regard to cyberspace. Instead, he proposes a distinction between content and non-content information: the body of an e-mail versus the header information, for example. The police should be required to get a warrant for the former, but not for the latter. Second, he proposes that search warrants should be written for particular individuals and not for particular internet accounts.
Meanwhile, Jed Rubenfeld of Yale Law School has tried to reinterpret the Fourth Amendment not in terms of privacy, but in terms of security. Pointing out that the whole "expectations" test is circular -- what the government does affects what the government can do -- he redefines everything in terms of security: the security that our private affairs are private.
This security is violated when, for example, the government makes widespread use of informants, or engages in widespread eavesdropping -- even if no one's privacy is actually violated. This neatly bypasses the whole individual privacy versus societal security question -- a balancing that the individual usually loses -- by framing both sides in terms of personal security.
I have issues with all of these articles. Solove's taxonomy is excellent, but the sense of outrage that accompanies a privacy violation -- "How could they know/do/say that!?" -- is an important part of the harm resulting from a privacy violation. The non-content information that Kerr believes should be collectible without a warrant can be very private and personal: URLs can be very personal, and it's possible to figure out browsed content just from the size of encrypted SSL traffic. Also, the ease with which the government can collect all of it -- the calling and called party of every phone call in the country -- makes the balance very different. I believe these need to be protected with a warrant requirement. Rubenfeld's reframing is interesting, but the devil is in the details. Reframing privacy in terms of security still results in a balancing of competing rights. I'd rather take the approach of stating the -- obvious to me -- individual and societal value of privacy, and giving privacy its rightful place as a fundamental human right. (There's additional commentary on Rubenfeld's thesis at ArsTechnica.)
The trick here is to realize that a normative definition of the expectation of privacy doesn't need to depend on threats or technology, but rather on what we -- as society -- decide it should be. Sure, today's technology make it easier than ever to violate privacy. But it doesn't necessarily follow that we have to violate privacy. Today's guns make it easier than ever to shoot virtually anyone for any reason. That doesn't mean our laws have to change.
No one knows how this will shake out legally. These three articles are from law professors; they're not judicial opinions. But clearly something has to change, and ideas like these may someday form the basis of new Supreme Court decisions that brings legal notions of privacy into the 21st century.
This essay originally appeared on Wired.com.
Posted on March 31, 2009 at 6:30 AM
• 41 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
No one is innocent. Citizens do not resist. We are determining your level of guilt now. Justice will be swift.
Ah yes, this is sure to piss off the robber barons.
Anyone want to start a betting pool for when Faux Noise will diss Blowfish on "24" again? ;-7
"he proposes a distinction between content and non-content information: the contents for example."
The contents of what?
"does anyone actually expect their e-mail to be private"
Well, depends on what you mean exactly. I expect it to be treated as such. It's always been a big game of pretense anyway. The important thing is that people play it right.
Things might more often be treated in a "what happens in Vegas stays in Vegas" kind of way. For example when considering the stupid things some people put up on their myspace and facebook pages. Up to a point you can just say it doesn't count; even though it is in full public view you can treat it as if it's private. (As some people do)
@Rusty: "The contents of what?"
Content is basically a place you have an expectation of privacy, non-content is a place you don't.
An example of content would be your home, and non-content would be in a park. You have an expectation of privacy at home, but not in the park.
Another example would be your car. You have an expectation of privacy in your trunk, but not in your back seat. If a cop sees something in your back seat in your car when it's parked or when he pulls you over, it's fair game.
Technological examples would be your personal hard drives, online accounts, and web pages. You have an expectation of privacy on your home desktop hard drive, but not on your web page that you put out for the world to see.
Where it gets sticky is in other venues. If a cop sees you in a starbucks looking at child pornography, you have no expectation of privacy. What is a matter of debate is if that makes your computer fair game. Even if it results in a duly processed warrant to search your hard disk, can one then be forced to incriminate themselves by decrypting their files?
The details get sticky. But I think the content vs non-content is a good place to start. It makes for fascinating discussion, and reasonable people can disagree quite a lot.
"Where it gets sticky is in other venues. If a cop sees you in a starbucks looking at child pornography, you have no expectation of privacy. What is a matter of debate is if that makes your computer fair game."
Actually, that's not debatable at all. The officer can arrest you for committing a crime in his presence, and based upon the same evidence, he will be able to obtain a warrant to search your home for child pornography.
"Even if it results in a duly processed warrant to search your hard disk, can one then be forced to incriminate themselves by decrypting their files?"
There is real debate here, and I think the right answer under current law is, "yes," because the password is not "testimonial" in nature. The magistrate in U.S. v. Boucher found differently, but I think he was mistaken (as did the District Court that reversed his ruling), but the facts in that case don't lend themselves well to the general case.
"under current law is, "yes," because the password is not "testimonial" in nature"
Give me a break! If I give you the password, the contents may well be "testimonial" even if a physical mouth didn't say it.
It's just an interpretation of the law in favor of the control freaks.
"Given NSA's large-scale warrantless eavesdropping, and the previous administration's continual insistence that it was necessary to keep America safe from terrorism, is it still reasonable to expect that our phone conversations are private?"
The answer to this is quite simple...
The unreasonable and probably illeagal activities of one or more third parties, irrespective of who they are and what rights they belive they have, should not ever, and never should be used as an excuse to change the reasonable expectations of any individual.
When the constitution was written most people had a very real expectation of privacy even in a public place.
That is two people having a quiet conversation a reasonable distance from others have no expectation that others will be privy to their conversation (unless they are paranoid). Therefor they have a very reasonable expectation of "privacy from all others".
The fact that modern technology is quite capable of picking up your spoken words from your standing at ground level horizon should not be used as an excuse to do so.
Likewise I expect that within a short period of time computers will be able to make reasonable attempts at lip reading.
And if you do the mental calculation of the resolving power of space based survalence cameras (better than a meter from 500Km up). You will realise that similar equipment would have sufficient resolving power to read lips at around 8Km distance (ignoring other effects the majority of which could be corrected by adaptive software).
Therefor as long as you could get line of sight to a persons face from that distance you could work out what is being said. Therefore are we to make the "paranoid" assumption it is being done and act appropriatly in our normal lives?
No I don't think we should, nor do I think the legislature should allow either elected or unelected authorities to make the argument that "because we can do it we should be alowed to do it".
For society to function people need the right of privacy and the expectation that their everyday failings should not be brought up at any time to haunt them.
The enshrined in the law is the very reasonable expectation that people can and should be alowed to redeam themselves and that after a suitable period they should be alowed to assume that their transgretions are behind them.
If either the expectation of redemption or the right to privacy is removed then it is difficult to see how society as we currently know it could survive.
@John Jenkins: "There is real debate here, and I think the right answer under current law is, "yes," because the password is not "testimonial" in nature. The magistrate in U.S. v. Boucher found differently, but I think he was mistaken (as did the District Court that reversed his ruling), but the facts in that case don't lend themselves well to the general case."
I agree with you that he was mistaken.
I also think it should be acceptable to mandate someone decrypt files with a warrant for several reasons that I won't go into, but one I'll mention specifically is my fear of what the government will do if people can avoid investigatin through encryption. Last thing we need is the government mandating a back door on encryption software (which would then be exploited), outlawing encryption too strong to break (therefore making it easier for attackers to break it), or some other strategy to enforce warrants. After all, it isn't like a safe where someone can call a locksmith if the owner refuses to open it.
Requirement of producing passwords/keys/iv/etc should be thought of as a perfect truth injection drug, and asked any and all questions.
Privacy is essentially gone in the modern police state.
The movie, "Live Free or Die Hard" is not far from happening, what stage are we on?
>the password is not "testimonial" in nature."
What if I use a passphrase that in itself would incriminate me? (Although I suppose they could force me to just type it in, rather than tell them.)
@Rusty and HJohn
The content/non-content was specifically relating to privacy in cyberspace.
The content case would be such as an e-mail or a file transferred actually contains specified data where as a url entered into a browser does not contain data or a destination email address does not contain data.
This thought of course needs to step out side of the technical realm just a bit as anyone could argue that the packets sent contain data so anything within a packet would be considered content and need to be protected.
Interesting question about mandated password disclosure. If you were to use a large, randomly generated password and place the flash chip that contained this password in a hidden location (and thus don't know the password) can they force you to reveal where that location is? If so, can they also force you to reveal the location of paper documents that you know the location of?
"Given NSA's large-scale warrantless eavesdropping, and the previous administration's continual insistence that it was necessary to keep America safe from terrorism, is it still reasonable to expect that our phone conversations are private?"
Yes it is. We have been assured that this program isn't directed toward ordinary citizens, but rather only toward malefactors. Therefore, we *should* be able to assume that our conversations are private unless we have a specific reason to believe that the government is eavesdropping for national security purposes.
While this may not change the reality of whether or not someone is (or may be) actually listening, the status of the conversation itself may still be protected as "private" because the government can't argue that ordinary citizens "should already know" that the conversations may be recorded. To do so would not only blow the cover of the previous assurances, but most likely lead to the repeal of the PATRIOT ACT - or so we can hope.
With the knowledge that the NSA is monitoring everything at all times, it is *not* reasonable to expect that our phone/email/web communications are private.
All we can do is hope that our "private" lives are too boring for NSA analysts to bother listening to.
It occurred to me that pressing the hot button of child pornography may conceal a hidden agenda. If some government outfit suspects you have collected evidence that would incriminate them, they could trump up a 'probable cause' warrant and force you to decrypt your files. Given the excuse that the files might be child pornography, they would not show the results in court, but would remove the computer 'for analysis', wherein they swap out your unencrypted drive with the goods you have on them for an unencrypted drive full of kiddie porn from their own collection.
Off you go to prison, and their bacon's been saved, hooray!
Funny that the public has no corresponding power to force government agencies to decrypt their own files so that citizens can assure themselves their government isn't up to any hanky-panky.
That sounds like a movie plot to me.
". First, the government's action can't contravene an individual's subjective expectation of privacy; and second, that expectation of privacy must be one that society in general recognizes as reasonable."
I say if it's not legal for me to do it, it's not legal for the government without a warrant. Hardware hacks like tapping cables and mirroring ISP router ports is snooping, plain and simple. Should be forbidden to government except for specific target named in warrant.
This article misses the largest hole in the Fourth Amendment - that it doesn't apply unless there is a "search." For example, a drug-sniffing dog is not a search according to the Supreme Court. Passing luggage by a drug-sniffing dog at the airport NEVER invokes the Fourth Amendment because it is not a search even if there is a reasonable expectation of privacy. What about an electronic equivalent of a drug-sniffing dog, such as an email agent that detects language in an email that sounds like illegal activity?
A bit off topic. Delete if useless (or uninspiring).
The easy stuff : would anybody send anything private in the mail if it wasn't in an envelope?
I'll tell you a story. To communicate with my family I wrote an unbreakable little encryption algorithm. Then, I found out that my family would be considered international weapons smugglers if they went across a border if their computer had my program on it.
Now, you know the tests : given a bunch of inputs and a bunch of outputs - can you break the algorithm? Of course, but not if several algorithms are wrapped several times, each wrap padded with syntactic and semantic noise. To mention a few techniques. Especially if the password is a rolling password. Not to mention (which I did not use) temporal tests and message sequencing control.
Perhaps I am wrong. I just whipped up the code in a couple of hours of my spare time.
Now, let's make it easier. Even basic PGP encryption slows down the sniffers. Breaking encrypted messages costs Teraflops. So, why is it that using an envelope isn't enforced as a default by standard email programs? Twenty friggin years later - wish you were her postcards?
And why does the Preview Pane still run the embedded code? Why doesn't it show the message as a text file - a list of images, programs, links etc - and the text of the message. Why does a person (like me) have to use 'View Source' on any suspect messages - even from people I know?
Imagine : I get an email. It's not encrypted? It gets deleted at the server. It is encrypted? Fine. If I am a target then my virus scanner will catch it upon decryption. If my virus scanner doesn't catch it - I can look at it as plain text. If they message gets by all of that, well - not bad.
So, even two simple ideas in email programs (standard encryption enforced and text-only preview) would go a long way to helping privacy. Make sense?
Thanks for your great blog. I understand that you are involved in the deeper waters of all this - but hey - the average bozo is defenceless. Not even an envelope.
Oh well. I'm a practical guy.
Many people know the old truisum about the NSA of "Never Say Anything"...
Well we know from events like 9/11 and Verona that it could equaly stand for "Never Scrap Anything".
What the "NSA sees the NSA saves" all of the information collected during the Bush Administration is sitting in some data valt some place just waiting to be looked at.
The simple fact is once conversation was ephemaral now it is persistant and we have no choice on this.
And even if the authorities are not alowed to see the "content" without due cause, the fact that they can see whom is talking to whom when and from where is probably more valuable than the actuall content.
A simple case X phones Y from a known location (their office) the conversation is brief. A litle while later X's phone switches cell site and is therefore probably on the move. A little while after that Y's phone switches cell. A few cell switches later it is obvious they are moving towards a common point. You do not need to have the content of the conversation to realise that it was probably about meeting up.
Actually hearing X say to Y "you up for cards to night" and Y replying "Yeh see you there at the usual time" is actually of less use.
A look back through X and Ys phone records shows that their phones have been at the target cell at the same time before. A look in survalence records shows that they have both been to the same bar at the same time, and they both switched of their phones in the early evening and did not switch them on again till either late or the following day.
If this is a regular activity you know something is different if they don't go.
Now realise that with the data the NSA has on mobile phones they have a fairly good idea of who knows who and when things in their lives changed, without ever having to have heard a single word spoken or actually seen the person in any way...
Content is therefor actually quite irrelavent most of the time. And if somebody is up to no good then they are not likley to talk about it plainly on the phone so it is likley to be of little or no use at all. But as can be plainly seen peoples "actions speak louder than words" they might exchange...
How is one's "expectation" of privacy downgraded if you have an ISP that routinely intercepts all your communications at source? Will BT customers be assumed to have already surrendered their right to privacy by staying with a DPI-using ISP? Or those of VM, TalkTalk or now Korea Telecom?
As always, it comes down to...
"Who watches the watchers?"
At one time the US Constitution kind of implied that "We, the people..." get to watch the watchers... and the 2nd Amendment existed to make sure we could get redress.
Mind you, I keep referring back to that out-moded document so I'm obviously barking up the wrong tree.
There is of course a solution to the encrypted files and password problem, where the suspect / defendant claims that the files are not related to the enquiry but are confidential for other reasons.
To resolve the issue you need to realise that there is actually no need for the police, prosecution or judge to see the file contents. And likewise there is no need for the defendant to give up the password either.
The court simply reviews the warrant against the evidence the police or prosecution have and decide what legitimatly falls within the context of the warrant and if the warrant is overly broad or not.
The judge and defence representatives then agree on an impartial legal representative and the judge informs the impartial representative of the requirments of the search.
The defendent and the impartial legal representative then go to an agreed place and the defendent then uses their password to unlock the files in question. The impartial legal representative can then go before the judge and simply state if the files where unlocked, and if they where, if the contents fell outside the terms of the warrant.
If the defendent or their representative refuse to follow this procedure then the defendent had better have a good explanation as to why. The judge can then decide to hold the defendent in jail on contempt of court untill they decide to unlock the files.
There is of course an objection to this in that the suspect / defendent can claim legitimatly that they do not have the password. It is then up to the court to decide if this is credable or not and take the appropriate action.
However that being said it is always possible for a sufficiently knowledgable person to hide something in plain sight (stego) or show that they genuinly do not have the key and why.
Oh Bruce, by the way;
What if a hijacked morphic virus was smart enough to wash itself with another simple algorithm?
Content is king. That's the rule on the Internet, isn't it?
You know, my entire theory of learning (called ATOL) is based on the power of the question. It allows you to quantify knowledge. It is to knowledge what the invention of the second is to time. Figure out the right question : you've go 90% of the answer?
It's like the old joke that musicians like so much? We'll fix it in the mix?
"The trick here is to realize that a normative definition of the expectation of privacy doesn't need to depend on threats or technology, but rather on what we -- as society -- decide it should be."
This makes me wonder what the newest generations of U.S. citizens would prefer? Those born with what we consider new technolgy may not have the same concerns about privacy because they really haven't lost anything. They are growing up with public exposure (content or non-content)and may prefer it. The values are changing, aren't they?
"The simple fact is once conversation was ephemaral now it is persistant and we have no choice on this."
To expand on that point a little further because it is a pet peeve - not only is conversation no longer ephemeral, but so too are any actions.
People are used to the argument that "what you do in public is, by definition, public." What you do in public has also been ephemeral too. Meet someone in the park and then leave, the meeting is "gone." Witnessed only by other people in the park. But we are rapidly approaching the point where dragnet style surveillance will make all public actions of all people permanently recorded (and cataloged and searchable).
It is kind of like a permanent pen register for everybody in both the real world and the network world.
My take is that any sort of dragnet-style recording of "public" actions, online and off, should require a warrant (with all the typical requirements of a warrant like specificity, etc) if it would take more than X number of humans to do the equivalent work without the aid of computers where X is somewhat smaller than the average number of police working out of a "typical" police office (in other words, made 20 or so).
...the only 'problem' is that we citizens have allowed Federal bureaucrats (especially ones in black medieval costumes) to "interpret" the 4th Amendment into practical non-existence.
Simply following the plain meaning of the 4th Amendment would eliminate all the confusion. The 4th Amendment states absolutely NO exceptions for alleged "government's interest in public safety" nor the government's opinion
of "expectation of privacy" ... those are illegal dodges, specifically invented to avoid complying with 4th Amendment law.
The 4th Amendment guarantees a fundamental legal 'right' to all of us -- to be secure in our persons, houses, papers, personal property, and personal communications ... against unreasonable government searches and seizures.
An "unreasonable" government search is any warrantless search of a free citizen's person or stuff. An unreasonable search is a crime.
'General' searches & surveillance (like internet data mining, aerial surveillance, airport passenger screening) are expressly prohibited by the 4th. Probable cause against 'particular' persons, places or things MUST be demonstrated to the satisfaction of a judicial officer... for each government search (to get a warrant).
Stick to the basics. The U.S. Constitution and Bill of Rights was written in plain language for all citizens to read & understand. You don't need a meteorologist to know which way the wind is blowing... and you don't need a lawyer or SCOTUS judge to know what the 4th Amendment means.
The U.S. Supreme Court is legally 'supreme'
only over other Federal courts -- nothing in the Constitution grants it any authority to interpret the 4th Amendment.
Something seems to be missing in the clause "the contents for example".
Regarding encrypted data and the comments that an individual would be required to "give up" their password, I always wonder...
What if the individual gives them the correct password and it doesn't work? The resulting data is just gobbly-gook.
So, is it the wrong password? Maybe it's the right password, but the file/disk is corrupt. How would anyone be able to determine the difference?
Hash of password is one check, before decryption and potential data lose. All the crypto programs I have used, prevent wrong decryption. Nothing like manual operation/scripts. Watch those hashes!
A read of man cgd for netbsd, implies it will decrypt wrong, if set up for this.
NetBSD cgd, read transparent partition based crypto, seems to be reasonable. FreeBSD geom/geli, is still too complex and experimental.
Would be interesting to read any comments on NetBSD cgd. I'm waiting on NetBSD 5, hopefully out soon, to play with cgd. Cgd is in NetBSD 4.0, as well.
Bruce, I think you got the law wrong when you talked about Katz and "reasonable expectation of privacy" (REP). This is one place where the Courts have used the language in a way that is highly confusing for a non-legal expert.
Think of the term REP as technical jargon that doesn't mean what it sounds like it should mean. You'd think that to tell whether there is a "reasonable expectation of privacy", we'd ask what an ordinary person would reasonably expect to be private, right? Wrong. Nope. That's not what the term means, in the legal literature.
Rather, REP is a term that refers to a diffuse collection of precedent for how to analyze Fourth Amendment cases. It's not a single test, or a single principle, but a bunch of different approaches to the question -- which were developed in an ad-hoc way, and which can even conflict. Until I understood this, I found the Supreme Court's doctrine on REP confusing or absurd -- now that I understand the word games they are playing, it's easier to understand what's going on in these court cases. I still think the Supreme Court's doctrine is incoherent and poor policy, but at least it's not absurd and not as ridiculous as I once thought.
See Orin Kerr's writings. e.g., his short one-liner:
``you appear to be assuming that a "reasonable expectation of privacy" is what a reasonable person would expect would remain private. It's not.''
And his longer exposition:
When privacy is outlawed, only outlaws will have privacy.
@Nemke von ...
> So, why is it that using an [encryption] envelope
> isn't enforced as a default by standard email programs?
Secure key exchange is a problem, even for public key cryptography.
>And why does the Preview Pane still run the embedded code?
Because you use a stupid email client. If you want secure email, don't use Outlook.
>nothing in the Constitution grants it [the Supreme Court]
> any authority to interpret the 4th Amendment.
Article III Section 2:
"Judicial power shall extend to all cases, in law and equity, arising under this Constitution..."
Interpreting what the law, including the Consititution, means is precisely what courts are supposed to do. Consider: how is a law supposed to be enforced if there is disagreement about what it means? You argue that the 4th amendment declares all warrantless searches to be unreasonable, but I can read it to imply a "Reasonable Man" test for a search instead. I note that it says that a warrant requires probable cause, but it does not say that a reasonable search requires a warrant.
Reminds me of the time I was called into a marketing department because their inbox was overflowing with spam. Not a day had passed after resolving those issues when the same people asked for help in ensuring massive amounts of unsolicited email could be delivered for them based on detailed personal info. Perhaps the first lesson of technology philosophy covering privacy should be something like pot, kettle, black.
I've been wondering about how people perceive privacy when confronted with an algorithm versus a live person. Subjectively, I feel more open to an algorithm, such as Google's, "reading" (parsing) my email for keywords to display advertising, but I would strongly object to a human reading my email to select advertising keywords.
However, basing privacy rights off of who/what is doing the violating seems dangerous and ripe for abuse.
@ Dave C.
"For example, a drug-sniffing dog is not a search according to the Supreme Court. Passing luggage by a drug-sniffing dog at the airport NEVER invokes the Fourth Amendment because it is not a search even if there is a reasonable expectation of privacy."
The Supreme Court is simply wrong. Authorities deploying a drug sniffing dog to *search* for the scent of drugs in passing lines of luggage are conducting a search. It is a search without a warrant, with no probable cause, and without a specific suspect.
Take a frame from eg Paris Hilton's
bedroom movie, then make it look
like a cellphone camera snapshot of
a terahertz imaging screen.
How will the TSA claim its not theirs?
Much fun to be had.
The rapid advancement's in technology and law present many new arguments and gray areas within the American Judicial system. Recently one case is unfolding in Dallas Texas, after the FBI raided four datacenters, taking down approximately 400+ companies. The raids came after an investigation by Special Agent Allyn Lynd of the Dallas FBI, into an alleged conspiracy of two companies Core IP Networks and Crydon Technologies, LLC who allegedly defrauded AT&T/Verizon out of $6.0 million in phone service.
The president Matthew Simpson wrote in a post to his customers “"'Currently nearly 50 businesses are completely without access to their email and data. Citizen access to Emergency 911 services are being affected, as Core IP's primary client base consists of telephone companies.' If you run a datacenter, please be aware that in our great country, the FBI can come into your place of business at any time and take whatever they want, with no reason."”
One of the third party companies that purchased bandwidth and were not associated with the parties allegedly associated with the fraud, filed a civil lawsuit against the Agent and USA. The companies involved assert that the government violated the company's fourth amendment rights to unreasonable searches and seizures.
Since they did not provide access to the machines to the companies who where the focus of the raid.
Full details are available at http://www.securityfocus.tv/dallascolo/
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.