There are different incidents here.
The first one where the police uploaded videos and wanted viewer information is absolutely egregious and makes me wonder how a court could authorize that.
The next one, which I didn’t fully understand, but appeared to be in response to a swatting incident where the culprit is believed to have watched a specific camera livestream and the police provided a lot of narrowing details (time period, certain other characteristics, etc) appears far more legitimate.
I don't understand how either of these are remotely constitutional. They sure aren't what is in the spirit.
They asked for information about a video watched 30k times. Supposing every person watched that video 10 times AND supposing the target was one of the viewers (it really isn't clear that this is true), that's 2999 people who have had their rights violated to search for one. I believe Blackstone has something to say about this[0]. Literally 30x Blackstone's ratio, who heavily influenced the founding fathers.
I don't think any of this appears legitimate.
Edit: Ops [0] https://en.wikipedia.org/wiki/Blackstone%27s_ratio
Cell phone tower data has been used for a decade now in pretty much the same way.
Did you happen to pass by a cell tower in a major city around the time a crime was committed? We all have.
Well, your IEMI was included in a cell tower dump. Probably dozens of times.
Did you happen to drive your car over any bridge in the Bay Area lately? Did a municipal vehicle pass you and catch your license plate with their ALPR camera?
Guess what? Your name went through a database of an LEO search if they wanted to find a perp for that time/location.
Privacy has been dead for a long time. The worst part is people don’t care.
The Snowden files changed nothing. If there was ever a point in history where people would have given up their cell phones for their civil liberties, that would have been the time to do it.
I was mad then. I'm more mad now. Stop these arguments because it isn't like one implies the other. And who the fuck cares if someone wasn't but is now. What's the argument, that you're a hipster? That's not solving problems. I don't want to gatekeep people from joining the movement to protect rights. I don't care if they joined as a tin foil hat or just yesterday after having literally been complacent in these atrocities. If you're here now, that's what matters.
Bull, and bull.
There are plenty of people fighting back. I'm pretty sure me getting ads in languages I don't speaks is at least some good sign. Maybe I can't beat the NSA, sure, but can I beat mass surveillance? Can I beat 10%? 50%? 80%? 1% is better than 0% and privacy will die when we decide everything is binary.
People care. People are tired. People feel defeated. These are different things. If people didn't care Apple (and even Google) wouldn't advertise themselves as privacy conscious. Signal wouldn't exist and wouldn't have 50 million users. It's not time to lay down and give up.
Cell phone tower data has been used for a decade now in pretty much the same way.
Did you happen to pass by a cell tower in a major city around the time a crime was committed? We all have.
Well, your IEMI was included in a cell tower dump. Probably dozens of times.
Did you happen to drive your car over any bridge in the Bay Area lately? Did a municipal vehicle pass you and catch your license plate with their ALPR camera?
Guess what? Your name went through a database of an LEO search if they wanted to find a perp for that time/location.
Privacy has been dead for a long time. The worst part is people don’t care.
They didn't change enough, but that isn't nothing.
The biggest change IMHO was the entire industry got off their collective assets to finally move to HTTPS.
I wonder who's going to have to end up hiding out in a US-hostile part of the world for us to read this part of the cloudflare FAQ: https://developers.cloudflare.com/ssl/troubleshooting/faq/#w...
The world’s largest MITM
Tech bros love it. And tailscale. And saas as a whole. Data sovereignty means you can’t be kind by the adtech industry so it’s not cool.
Calling out tailscale here is odd considering it's peer-to-peer and encrypted.
With keys controlled by a central entity
do you have a source for that?
Tailscale [0] says the private keys never leave the device.
“Security
Tailscale and WireGuard offer identical point-to-point traffic encryption.
Using Tailscale introduces a dependency on Tailscale’s security. Using WireGuard directly does not. It is important to note that a device’s private key never leaves the device and thus Tailscale cannot decrypt network traffic. Our client code is open source, so you can confirm that yourself.”
0. https://tailscale.com/compare/wireguard
To add to that, they also provides Tailnet lock [0], which protects from the only way the coordination server can mess with the tailnets, by connecting unauthorized nodes.
[0] https://tailscale.com/kb/1226/tailnet-lock
Not sure what the issue is with Tailscale, especially since you can self-host Headscale server locally to get the same effect.
Lol, I'm a bit slow ... some USA TLA runs Cloudflare, right?
a single encryption is for the stone age.
if [pecadillo] must remain secret when your nieghbour is investigated for [crime?] then encrypt at least twice, and obfusicate the original message
See https://github.com/justjanne/stickers/blob/main/designs/ssl%...
Had nothing to do with Snowdon but with Google ranking algo changes. Google has a commercial interest of hindering competitors in the add brokering market from observing info on the wire.
It had everything to do with Snowden. Source: I was at Google at the time he started leaking.
Before Snowden encryption was something that was mostly seen as a way to protect login forms. People knew it'd be nice to use it for everything but there were difficult technical and capacity/budget problems in the way because SSL was slow.
After Snowden two things happened:
1. Encryption of everything became the companies top priority. Budget became unlimited, other projects were shelved, whole teams were staffed to solve the latency problems. Not only for Google's own public facing web servers but all internal traffic, and they began working explicitly on working out what it'd take to get the entire internet to be encrypted.
2. End-to-end encryption of messengers (a misnomer IMHO but that's what they call it) went from an obscure feature for privacy and crypto nerds to a top priority project for every consumer facing app that took itself seriously.
The result was a massive increase in the amount of traffic that was encrypted. Maybe that would have eventually happened anyway, but it would have been far, far slower without Edward.
You were at Google at the time, but your memory of the ordering of events is off. Google used HTTPS everywhere before Snowden.[1][2] HTTPS on just the login form protects the password to prevent a MITM from collecting it and using it on other websites, but it doesn't prevent someone from just taking the logged in cookie and reusing it on the same website. That was a known issue before Snowden, and Google had already addressed it. Many other websites, including Yahoo, didn't start using HTTPS everywhere until after Snowden.[3] I know because this was something I was interested in when using public WiFi points that were popping up at the time. I also remember when Facebook moved their homepage to HTTPS.[4] Previously, only the login form POSTed to an HTTPS endpoint, but that doesn't protect against the login form being modified by a MITM to have a different action for the MITM to get your password, rendering the whole thing useless.
What changed after Snowden was how Google encrypts traffic on its network, according to an article quoting you at the time.[5]
[1]https://gmail.googleblog.com/2010/01/default-https-access-fo...
[2]https://googleblog.blogspot.com/2011/10/making-search-more-s...
[3]https://www.zdnet.com/article/yahoo-finally-enables-https-en...
[4]https://techcrunch.com/2012/11/18/facebook-https/
[5]https://arstechnica.com/information-technology/2013/11/googl...
Right, I remember (as an outsider to google) the push for https coming after Firesheep [1] and the google research on the actual CPU cost of https [2], both in 2010. Snowden's revelations came in 2013.
[1] https://en.m.wikipedia.org/wiki/Firesheep [2] https://www.imperialviolet.org/2010/06/25/overclocking-ssl.h...
That's nice and all, but the "why" is more important than the "what".
Google was driven not out of some panicked rush to protect user privacy, but to protect Google's collection and storage of user data.
Google has 10+ years of my email. It doesn't treat that like Fort Knox because it gives a shit about my privacy; it treats it like Fort Knox because it wants to use that for itself and provide services to others based off it.
You do know that Google was heavily seed-funded by the NSA, right?
There was literally a PowerPoint slide in the released docs implying they had backdoored Google's internal servers.
Google might just be the biggest advocate of https out there, certainly (from my recollection) post Snowden. There has been a lot of progress made over the years.
https://transparencyreport.google.com/https/overview
https://transparencyreport.google.com/safer-email/overview - transmitting email with some form of encryption is probably a bigger and completely unseen problem that is similar
I thought this was driven by ISPs inserting their own ads in normal HTTP.
…no, it was definitely “HTTPS added/removed here”
There is a distinction I tend to make here.
If some person was able to pick me out from a lineup because they physically saw me then that wasn't private and privacy laws don't apply.
So for instance capturing my face on CCTV in a public place isn't a privacy violation, same with my license plate in a pulic place.
However what happens on my private property is a privacy violation if it is recorded without consent.
Certian information isn't private, and that being stored is fine. Where the line gets drawn is what's up for debate.
I surely would want my contact details and name saved by a company that I intend to do business with in either direction. However if they spam me with information I should be able to lodge an harrassment claim against them. It's not a privacy issue but a decency issue.
That notion isn't universal. In Germany, for instance, I can't install a camera pointing to the street.
I understand that completely. Just wanted to give a different viewpoint on that.
I'm all for finding a balance, it's just that many times people are against surveillance that does actually improve security or enforcement but mildy infringes on their "rights" when in reality they never had privacy in that situation to start with and the use of technology didn't substantially change that.
Youtube being forced to give up personal information based on who viewed a video is something I don't see as an issue. How is this any different from any other website getting the exact same order?
If you are doing something shady you know how to obfuscate that information, if you aren't, sure your "privacy" was "violated" for sure but it was violated in a way that was legally allowed and by law enforcement at that.
Living in a surveillance state where I have no choice but for the government to be able to track every single transaction I make financially and being able to link my cell number amongst other details directly to me, I feel like if I had to try to fight that I would only be causing myself undue anxiety and I've got enough legitimate reasons to be anxious.
This is complete BS. Technology made it scalable to track where everyone is and query it historically. This used to require tailing someone so it couldn’t be done at scale.
That same technology has also dramatically increased the cost of doing that.
Data isn't free and processing big data isn't cheap. As much as Google has the data, that means they need to store that data.
You know what used to happen before and still happens now, an example. I live in a restricted access area. Restricted in the sense rhat to get in some guy needs to take your name and license plate.
For many many businesses parks in my country that is still the defacto. There isn't really a camera watching that other than general CCTV that probably doesn't have the resolution to pick up text on our license plates. It's cheaper for them to literally pay a guy to stand at a boom and get that information than to install the technology required to track that automatically.
The adtech industry made data and its processing not just free (as in more than covered by the ad revenue) but outright profitable.
This is frankly a one-in-a-lifetime gift to the government because we've not only built an unaccountable industrial-grade spying machine but the government doesn't even have to pay for it as it pays for itself and incentivizes its own expansion.
"Hunters don't kill the innocent animals - they look for the shifty-eyed ones that are probably the criminal element of their species!
If they're not guilty, why are they running?"
I never said any of that.
What I said is for this specific point a smart criminal won't get caught and you too can very easily obfuscate that very same data.
Thank you for so eloquently explaining the bootlicking and privacy not caring mindset I’ve never understood. Also sorry that I can’t come up with a less worse way to say that
Unless you're wealthy and powerful.
I guarantee the very wealthy or politically powerful have plenty of very-well-hidden cameras surrounding their properties.
Those rules are to keep you from catching and proving the powerful doing something they shouldn't.
So, when your in your own property, cellular tower shouldn't be allowed to allow your mobile phone to register? Because they will record your IMEI while you are in your private property.
Yeah but the electro-magnetic spectrum is a limited public good. You don’t own your broadcasted radio waves in the same way you own your house. Your cellphone is a pollutant.
Both the radio waves his cell phone emits, and the information (voltage change of an ADSL line or photons moving in an optic fiber) used to communicate over the Internet, actually leave his home, and then are registered. So I think in nature it's the same as sending a letter. So let's symmetrically consider that you send a letter, and police/agency asks the post office to attach to each letter information (from, to, weight, stamp...) the phone number from their database. If that happens for all letters going through a given sorting room, I can understand how that's an abuse.
It’s not an invasion of privacy. But it is a problem for other reasons
https://nobaproject.com/modules/eyewitness-testimony-and-mem....
And the biggest enablers of violation are things like ring doorbells and dashcams. There is no comeback in my country, don’t know about the US.
Governmental and commercial cctv has checks and balances. Domestic just goes onto planet wide databases with no control.
A lack of privacy is integral to the technocratic future that has been long planned. I think AI, smart (spy) devices/meters/etc are part of the control structure, de-anonymised internet (why Elon bought twitter) are all part of this fine grained control grid.
you honestly think there is some masterplan? I love a good conspiracy theory but that is nuts.
Nobody has a made a plan so it hasn't been long planned. Shit is just happening and we as a society, a culture and a race are adapting to it like we've always done.
Not a masterplan, but definitely guides. I mean there are all sorts of meetings that occur where the rich and powerful meet and arrange this or that - eg Bilderberg, WEF, Trilateral Commission, UN, WHO, etc. These aren't elected bodies, but somehow all the governments act in tandem according their pronouncements. Its as if voting doesn't matter, as if its merely a pressure release valve.
Elsewhere I posted about technocracy inc - which Elon's grandfather was involved with. (https://newsinteractives.cbc.ca/longform/technocracy-incorpo...). Just 2 generations later, and you have this guy apparently putting out electric cars, space ships, neural laces, etc. Its more coherent than you think. Bill Gates's father headed Planned Parenthood.
It seems to me that there are a group of very rich individuals that try to shape policy and direct this or that. Its really a very natural state I think - we see this everywhere - eg a headmaster of a school will direct the school towards this or that, a CEO does the same in their company. This is the same principle, except at a far higher level. I don't think its even debatable that this is the case, tbh.
We know of the ruling class regularly getting together to plan, and surely they meet and collude far more often than we know about. Of course they are making plans.
Well, I guess we're just naturally evolving and adapting into enslaving ourselves, just following nature's course... There doesn't need to be a "master plan", but clearly there are some working themes
You can have privacy and many of these things. You may be interested in homomorphic encryption or the weaker version differential privacy. There are such things as zero knowledge proofs.
But I think it is far easier to have these technologies without doing the encrypted aspects or protecting privacy. Then it is more a "never let a tragedy go to waste" situation. Paved with good intentions, right? This will always happen though as we rush and are unable to do things the right way. Often the right way can take the same amount of time but generally appears to take longer and that is enough, even if the wrong way actually takes longer. Because it also matters at what resolution we're concerned with.
So I'm saying it is mostly stupidity, not evil. Though evil loves and leverages stupidity.
It's been long planned. Look into technocracy Inc and Zbigniew Brzezinski, co-Founder of the Trilateral Commission, and former National Security Adviser wrote about it - Between Two Ages: America's Role in the Technetronic Era
https://newsinteractives.cbc.ca/longform/technocracy-incorpo...
The concept introduced by the Supreme Court regarding Pen register is consistent with all the examples you have given.
Anytime you willing share data with a 3rd party the law assumes you aren't keeping it private.
https://en.wikipedia.org/wiki/Pen_register
If you want to keep something private don't share it outside of your house.
Except that existing in modern society requires giving immense amounts of personal information for even basic transactions.
It's beyond absurd and desperately needs to be addressed. Too bad both the government and corporations stand to loose too much that I doubt it will be treated seriously.
I personally think that the Apple anti-trust is being pushed due to their privacy stance.
Apple looked at the pen register cases and realized the best position to be in as a third party is to not possess usable data.
The US case from my point of view is trying to fore Apple to share user data with third parties.
We all have choices to make. I avoid all sorts of things people consider indispensable.
2 examples are not having an amazon prime account and running my own mail server.
This sounds scary, and yet I seem to be unharmed.
Shall we wait on the laws until you personally come to some harm?
A case is criminal gangs buying from data brokers to scam elders
Then they came for me. And there was no one left to speak out for me
IMHO the problem here is really transparency. There IMHO can be situation in which it could be reasonable. But the concrete cases might be questionable as we are probably not talking about capital crime.
In Berlin there used to be a notification system if you were subjected to cell surveillance in Berlin. It was recently stopped [0]. IMHO we need the same for all IP assignment or account lookups. The problem IMHO is that we, individualy, and particularly vulnerable groups like journalists and activists, might be subject to far more of such activities than we know.
[0] https://netzpolitik.org/2024/rolle-rueckwaerts-berlin-beende...
I don't think anyone is saying that rights can't be infringed upon for any reason. The issue is that there needs be sufficient reason. Is this sufficient reason? I think the action is sufficient reason were it specifically targeted at the individual under suspicion. But a dragnet is not. Those innocent people were not under suspicion and were not doing anything wrong or illegal.
More-generally, imagine if every citizen was entitled to a yearly report on all how many times law-enforcement received records containing their names or personally identifying information, except in cases that are formally unsolved and in-progress.
So a line item might be something like:
Most people don't know. Or if they know, they don't understand the implications. As Computer Scientists, part of pur whole shtick is to try to spread that lnowledge far and wide. Most, I hazard, spend precious little time on that particular responsibility.
"people do not care" - Please stop repeating this false statement. When you repeat it you give it legitimacy, and take the time when other statements could be made.
Most people are helpless to make change. Greater than one million adults serve in uniform services of some kind where they literally must comply. The ad budgets and massive, overflowing volumes of money generated by "surveillance capitalism" buy the consent of the mercenary finance occupations. None of this means "nobody cares"
I would argue “people don’t care” because… there isn’t a high enough number of people who suffer negative consequences from “their privacy being invaded”.
You play right into their hands by being demoralised (and trying to spread that to others)
Blackstone: "It is better that ten guilty persons escape than that one innocent suffer"
So not sure where you got the impression he's okay with up to 100 people being disturbed so we can catch one bad guy.
But then, he wasn't really talking about that was he? Better the guilty go free than the innocent suffer what? He was, essentially, talking about the principle of innocent until proven guilty; that innocent people shouldn't suffer by being punished for a crime unjustly.
2999 innocent people, in your formulation, though, are not being punished for a crime. They're not even being accused of a crime.
They are, however, being harmed.
It's easier to use historical examples because they're not afflicted with modern politics.
The FBI was known to investigate and harass civil rights leaders during the civil rights movement. Suppose they want to do that today.
Step one, come up with some pretext for why they should get a list of all the people who watched some video. It only has to be strong enough to get the list, not result in a conviction, because the point is only to get the list. Meanwhile the system is designed to punish them for a thin pretext by excluding the evidence when they go to charge someone and their lawyer provides context and an adversarial voice, but since their goal here isn't to gather evidence for a particular investigation, that's no deterrent.
Step two, now that they have the list of people interested in this type of content they can go on a fishing expedition looking for ways to harass them or charge them with unrelated crimes. This harms them, they're innocent people, therefore this should be prevented. Ideally by never recording this type of information to begin with.
There is a reason good librarians are wary about keeping a history of who borrowed a particular book.
No they're not. Which ones will live a day less of their lives?
If I'm on surveillance footage near a crime scene, police have the right to look for me and question me. This isn't any different. It's just different sets of photons and electrons.
I respect the rights to privacy, but a crime happened, and the police have the tools to investigate. It's barely an inconvenience.
The burden of proof will still be on the investigators and prosecution to find out and show beyond a shadow of a doubt who performed the swatting.
There are cases like the bombing in Madrid where the US agencies cast out a wide net over possible suspects using data about people who converted to Islam and then used a bad finger print match (which everyone told them was garbage) to terrorize one suspect for weeks. They had no evidence that the guy was involved, they had no evidence that any of their suspects was involved, but they had a narrative and where happy about every bit of data that supported it. Meanwhile Spain convicted the actual bombers.
What's your point? Someone wrongly being detained/prosecuted/charged/hung/etc in the past does not make it right now. It doesn't make it any less wrong then. Nor are people of a government homogeneous. Especially America. The great American past time is shitting on America. But if you're going to dismiss wrong because wrong was done in the past (or even let it slide or be apathetic) that is enabling. Being upset and angry is very different than apathy.
My point was that it was wrong. I do not agree with casting wide nets in the hope that someone might fit whatever profile the police or other agencies have pulled out of their asses.
Your point came off as whataboutism. This may not be what was intended, but this is how I interpreted it and it appears that others did as well. Thank you for clarifying and I'm sorry we miscommunicated.
Some hyperbole in your telling of the story and failure to mention that he was awarded restitution. According to Wikipedia:
Brandon Mayfield (born July 15, 1966) is a Muslim-American convert in Washington County, Oregon, who was wrongfully detained in connection with the 2004 Madrid train bombings on the basis of a faulty fingerprint match. On May 6, 2004, the FBI arrested Mayfield as a material witness in connection with the Madrid attacks, and held him for two weeks, before releasing him with a public apology following Spanish authorities identifying another suspect.[1] A United States DOJ internal review later acknowledged serious errors in the FBI investigation. Ensuing lawsuits resulted in a $2 million settlement.
https://en.wikipedia.org/wiki/Brandon_Mayfield
What point are you trying to make with this example?
That it should never have happened?
The ones who, having had their political inclinations revealed to adversarial law enforcement, then become subject to harassment for those views which should have been private.
The question is whether they should have the right to seize the surveillance footage by force if the proprietors would rather protect the privacy of their users. The third party doctrine is wrongful.
And given that it exists, so is keeping records like this that can then be seized using it.
This is assuming they're trying to prosecute a particular crime rather than using a crime as a pretext to get a list of names.
And it's about the principle, not the particular case. Suppose a protester commits a crime and now they want a list of all the protesters. Any possibility for harm there?
If there was a crime committed outside your home and you have surveillance footage that has captured passers by, you would not offer it to the police because you would rather protect the privacy of the all the anonymous passers by when one of them is likely the culprit?
That strikes me as highly unlikely. And if you wouldn’t, I am willing to bet that most people would. Why care about the privacy of anonymous passers by when you can help catch the perpetrator and increase safety around your home?
These are not the same. You might think the difference is subtle, but I'll tell you that that subtly matters. And matters a lot.
And tbh, these two scenarios are quite different.
I think the analogy is rather strong. Where does it differ?
And a dictator is just another set of cells and organic compounds? You can't break things down into this because then literally everything is the same. Literally everything you see is just a different set of photons and electrons. But those things have real effects. They aren't fungible. I don't care that my partner sees pictures of me naked, but I sure do care if cops or "the government" is, despite it being "just a different set of photons and electrons."
The burden of proof is step by step. I don't think I should have to cite the 4th Amendment but
The setup was to treat the government as an adversary. Needing to understand positive rights vs negative rights[0]. Obviously rights are not infinite, but there should be friction. Doesn't matter if the thing is seemingly innocent or inconsequential, what matters is power. Perception shifts and creeps so this is why people take a stand at what might seem trivial. [1][0] https://en.wikipedia.org/wiki/Negative_and_positive_rights
[1] https://encyclopedia.ushmm.org/content/en/article/martin-nie...
+1 on citing the constitution's wisdom of treating the government itself as adversarial, due to the enormous power it has.
+1 on pointing at the difference between positive and negative rights in this context.
There was a swatting incident and they have a time window where they'd like to corroborate IP logs.
An IP address is no different from a license plate on camera. It's a lead and the evidence was gathered at a crime scene. Nobody's home is being entered into. Nobody's iCloud account is being unlocked and ransacked. Gathering these logs alone won't lead to those things happening either.
I'm all for limits on power, but this seems to be entirely reasonable. This isn't a fishing expedition. IANAL, but I don't see how the 4th would be violated with either a court order or willing third party handing over the logs.
If the investigators get the IP logs, they shouldn't then be able to take those logs and ask the ISP for everything that those people were doing. The burden will be on the investigators to find more evidence linking one of those IPs to the call.
More crime will happen digitally year by year. Swatting has already entered the public consciousness. Just wait until people start strapping bombs to FPV drones or calling grandma with your voice.
We shouldn't stop at the software stack as some kind of impenetrable legal barrier that shrouds investigation. We should respect and enhance limits on power, but we also need to modernize the judicial tools to tackle the new reality.
The framers couldn't have imagined "swatting". The law needs to understand this. It should provide scoped-down investigatory tools that simultaneously guard and respect our constitutional rights and privacy. Access to anything beyond the scope of an actual crime that took place should be restricted.
Your liberties encompass so much more than this and a government that treads on them recklessly does far more damage than to simply waste an individuals time.
You assume it's not. How would you verify this? Why should you have to?
You don't have a liberty from being investigated if they have evidence. They're not snooping around in your home without cause. The swatter was watching the live stream, and the timestamped IP logs can corroborate.
Just because it was an IP address and not a face or license plate on camera doesn't make it any different. You can't hide behind a chosen technology stack as a shield when the fundamentals of the case are the same.
Surely you are not contending that Blackstone was of the position that no innocent person should be investigated, however briefly, unless it results in at least 10 convictions.
I very much agree that (some, probably minimal) harm is being done to these people. Pretending that they "suffer" in the sense Blackstone was using the word is disingenuous.
Being investigated is a red herring. The problem is from the other end. Your premise is that a person being investigated when they're innocent of the original crime is basically harmless because the investigation will come to naught. The actual issue is that if they can find a pretext to get a list of all of the people who viewed some content they don't approve of, now they have a list of targets with which to play "bring me the man and I'll find you the crime" and that is a harm in need of preventing.
Not at all. I would say that it's usually (not always!) small in the particulars but adds up in aggregate, and that we should be a lot more careful with how much surveillance we allow.
I just would also say that the kinds or amounts of harm being done there are manifestly not what Blackstone was talking about in his "formulation" as it leads immediately to absurd conclusions that go very well past the present case.
I will not here that "there is a concern here analogous to Blackstone's ratio" is a different thing than, paraphrasing what was up thread, "this is substantially more extreme than Blackstone's ratio should forbid".
And in case I haven't said it in thread anywhere, I share concerns about surveillance. I just think if we are enlisting support from historical figures, we should find a quote where they're talking about the question or acknowledge the distance, rather than pretending the quote means something it didn't - that will only turn off those who might be persuaded.
I agree with this. What's happening here is different than the scenario in the original ratio, even though it's a similar concern.
If we direct ourselves to the case at hand, I'm not sure that a general rule that the government can't compel innocent bystanders to assist an investigation against their will would even be a net negative, much less cause serious problems. When a crime is committed people will generally be inclined to help bring the perpetrators to justice, because who wants thieves and murderers and so on going unpunished? Whereas if someone is disinclined to help, we might consider that they could have a reason, e.g. because the law being enforced is unjust or they believe the investigation is not being conducted in good faith, or they simply don't trust the government with the information, at which point the ability to refuse acts as a reasonable check on government power.
I feel like historical quotes tend to detract from discussions in general, because they're effectively an appeal to authority and then the discussion turns to exactly where we are now, debating whether the current situation can be distinguished from the original, which is a separate matter from whether what's happening in the modern case is reasonable or satisfactory in its own right.
Correct me if I'm wrong, but I'm pretty sure Blackstone wrote about negative or natural rights.
In fact, let me pull out more context around the exact quote. He specifically addresses direct punishment but immediately after is the nature of having the duty to defend one's innocence. Which is exactly the case here.
I would not be surprised if Blackstone found the act of investigation without the qualification of sufficient suspicion as gross injustice and directly relevant to his intent. As this is a less inconvenient version of locking everyone in a room and interviewing them checking their pockets for stolen goods before they leave. The negative or god given right of innocence is innate. The punishment is the accusation and search, which is an explicit infringement on the natural right. Yes, rights can be infringed upon, but not without due cause and not simply because one is in a position of authority.I know that this is a point of contention in this (these) discussions, but I stand by that a right is being violated and harm is being done by the simple act of investigation. Mass surveillance (which is mass investigation), is an infringement on our god given rights. The point is to have friction for the infringement of rights. All rights can be violated, but they must need sufficient reason. It does not matter if these rights seem inconsequential or not. Because at the end of the day, that is a matter of opinion and perspective. Blackstone was writing about authoritarian governments and the birth of America was similarly founded on the idea of treating government as an adversary. These were all part of the same conversation, and they were happening at the same time.
I do not think I am taking the historical quote out of context. I think it is more in context than most realize. But I'm neither a historian nor a lawyer, so maybe there is additional context I am missing. But as far as I can tell, this is all related and we should not be distinguishing investigation (or from the other side of the same coin, exculpation) from punishment as these are in the same concept of reducing one's rights. They are just a matter of degree.
https://oll.libertyfund.org/titles/sharswood-commentaries-on...
The issue is that the ratio can't mean much outside the realm of a criminal conviction when any of the rest of it would need a different standard.
Suppose we want to evaluate if it's reasonable for the police to search your residence for a murder weapon. Should we let 100 guilty people go free to avoid one search of an innocent person? That's probably not right, a search is enough of an imposition to require probable cause, but if you had to prove the crime to the same level as would be necessary for a conviction in order to get a warrant then searches would always be superfluous because they could only happen in cases where guilt is already fully established without the results of the search.
Conversely, with this YouTube kind of situation where the police want data on large numbers of people, the majority of whom are fully expected to be innocent, they're not even reaching probable cause for those people. Which is a lesser standard for justifiable reasons but it's still not one which is being met for those people. And so it's still a problem, but it's a different problem with a different standard.
I find this interpretation odd. I do not see the numbers as meaningful in a literal sense but rather in a means of making a point and a grounding for the surrounding abstraction. I think the point is to explicitly discuss these bounds and view them as a spectrum. To think of them in the abstract but to push back against authority.
Certainly Blackstone was not saying that infringement of rights (punishment) should not happen under any circumstance. Rather that there should be significant friction and that we should take great care to ensure that this is not eroded.
This is true of literally any investigation though
It isn't. If the police are investigating John Smith and they get a warrant for the files of John Smith then they don't also get the files of anybody else along with them.
How do police find out that John Smith is the person whose files they want to get a warrant for?
Maybe because John Smith was one of only eleven people who signed in to a building on the day a crime took place, and he signed out right after the crime happened.
But should the police not look at the sign-in sheet at the building because that will infringe the privacy of ten innocent people?
And importantly, there has to be sufficient reason for investigating John Smith. It can't be arbitrary (he looks funny, has a limp, is black, is gay, plays Doom, is a Muslim, etc). Rights can be infringed, but they need reason. And they need good reason.
I would contend that Blackstone was of the position that no innocent person who was not of sufficient suspicion of committing a crime should be investigated.
These are innocent bystanders. There is nothing suspicious about their activities other than they did something that a suspected criminal did. A perfectly legal activity? To take this to the ridiculous side, are we going to investigate everyone who took a poop at a specific time because a criminal did?
https://www.youtube.com/watch?v=DJklHwoYgBQ
I expect so. But pretending that's what he was talking about in the quote you were referencing is going to undermine your (our, probably) position with those not already convinced.
I'm not convinced I am taking him out of context[0]. Was Blackstone not also discussing natural rights? I see him as viewing punishments as infringements on ones rights. As a spectrum. And those rights even including the simple aspect of presumption of innocence. My best understanding is that so much is literally about the mundane and simple. Because natural rights are... well... natural. They are things we have until we don't. That's why they are called negative rights, because they need be removed, not given. Punishments (infringements) can be extremely minor to major. But they are still one in the same because it is about the concept in the abstract. Or rather, in generalized form.
As far as I can tell, this is explicitly within the context of the quote.
That said, I do see your point and appreciate your feedback. Maybe this can be an opportunity to turn this into a lesson? It seems too cumbersome to bring up from the get-go and similarly backfire. But discussing in the abstract is a difficult task when it is neither a natural way of thinking nor is it a common way that is taught. But I still think it is an important tool and something that does distinguish humanity. I am open to suggestions (I think HN of all places is more likely to be successful when discussing things in the abstract, but it is still general public).
[0] https://news.ycombinator.com/item?id=39798280
Wait. Aren't "innocent bystanders" literally the first people the police wants to get ahold of, to interview and yes, potentially investigate if there's something off? People don't spontaneously become suspects, as if by radioactive decay; some degree of investigation comes first and is what turns "innocent rando" into a suspect.
Yes. But that's not the same
If you're asking information from people who witnessed a crime *and volunteering information* (which is not investigating that person and not accusing them of a crime, nor is lack of volunteering information a suspicious activity) and they then generate suspicious evidence, then yes, that enables capacity for investigation. It is true that things are not static, time exists, and entropy marches on.
That's the difference. There is nothing that these people did that warrants suspicion. These people are not being asked or questioned. This was not done voluntarily. They didn't even know this was happening to them. This was a thing imposed upon them, full stop.
I want to give a scenario to help make things clear. Suppose I send nudes to my partner. The government intercepts these without my knowledge, looks at these, and deletes them, and literally nothing else happens. Is this okay? I did not know this happened to me. No "harm" has fallen upon me. And as far as I know, nothing has changed in my life. But then later I find out this happened. Let's say 20 years later. I feel upset. Do you not think I am justified in being upset? I think I do. My rights were violated. It is worse that it was done in secrecy because it is difficult for me to seek justice. It is because I have the right to privacy. It is a natural, de facto, negative, but a god given right. They put my information at risk by simply intercepting it and making a copy. It was unnecessary and unjustified.
In your story, the injustices are 1) the police going on a fishing expedition, and 2) the police using the data gained through an investigation to unjustly harass people. Those are bad things and we should have laws to prevent that and punish people who do so.
I agree it would be bad if they were making the request in furtherance of a conspiracy to do either of those things.
But the police asking Google for a list of people who viewed a video, though, is in itself not one of those things. It’s similar them asking a business owner whose business has a camera overlooking a street near a crime scene to hand over surveillance footage (which will include innocent passers by) or a business that sells a product which was known to be used by a criminal to provide a list of purchasers of that product (which will include innocent purchasers).
Many such businesses will voluntarily hand over such information to assist with an enquiry. Some businesses might refuse, or might choose not to have such information.
And this is why judges are involved in the process of issuing warrants and grand juries in the process of issuing subpoenas when the police or a prosecutor want to compel the production of evidence of that sort.
But it just seems inevitable that, at the beginning of an investigation into a crime where the perpetrator is unknown, the first step is to identify possible suspects; by definition not all of the people so identified will end up being investigated. How are the police to do that if they can’t ask anyone for information that might bring innocent people’s names to their attention?
I appreciate it seems idealistic maybe, but it feels to me that we need rules that ensure ‘coming to the attention of the police in the course of an investigation’ is genuinely harmless; not rules that assume it automatically exposes you to harm.
Well I forgot to link but from the wiki
I went with Franklin because we are specifically talking America but let's be honest, the number doesn't matter and it seems you agree. Let's focus on that. Because I'm 100% with you, this isn't even people who have been accused. Which even those accused have rights.https://en.wikipedia.org/wiki/Blackstone%27s_ratio
You've still got the ratio backwards. Franklin says if you know 101 people watched a video, and 100 of them are guilty of a crime, you can't just round up all 101 and throw them in jail. I.e., if you have a standard of punishment that would convict even one innocent person for every 100 guilty people it catches, it's not a good standard.
Which I think we can all agree with.
But that's not what's happening here, is it?
Yes. "100 people" (or whatever) had their rights violated. Sure, not as bad as jail, but it is still in the spirit. I'm not sure why you think I have it backwards, I think we're just using different perspectives.
But I'm not into being pedantic if we understand one another.
so it is considered punishment to have the watch information revealed to the state?
If it is an order by a court, then i think it is ok. Then it is no mass surveillance and for solving a crime it is useful.
I wonder what kind of video it is. Maybe a shared link, so only people who secretly know about it knew about it, and they have become suspects. Is it mentioned in the forbes article?
And i wonder if people abuse videos on youtube by encrypting the content with a key and the key is then shared.
Why can't a court order be mass surveillance? In these cases, the videos were viewed 30,000 times and more than 130,000 times (if I understand the latter correctly). How is that not mass? Nobody suggests that more than a few of those people are suspects.
My understanding of mass surveillance is, that masses are surveilled. :) But here its a court, that allows extracting log data for a specific case and it happened after the fact.
I make a difference between leaving loggable traces of living (which we leave all the time, no matter what) and sometimes filtering to recapture the past.
That's right even if the sample size N=30,000, it is still a one-time point event controlled/approved by the proper legal authority. There will be an audit trail of said approval and the process will be documented.
In contrast mass surveillance is just "oh, we have a BIG database, and we query whenever for whatever purpose, and nobody knows who searched for what and when and why, and nobody EXTERNAL TO THE AGENCY needs to approve it (lack of control). And today, Bob, who works for the police, background-searched his new girlfriend as well."
I agree that it's egregious, but Sir Blackstone was talking about punishment, especially relating to execution, and I think perhaps the ratio can be adjusted significantly downward when the cost to the innocent is much lower. Otherwise, the only reasonable search would be when a government official is already certain of your guilt.
I'd consider your rights being violated "punishment."
Blackstone was talking in the abstract. Clearly Franklin was too considering many of the other things he's known for saying.
You are wrong. Punishment is when you impose a penalty as retribution for an offense.
You can call me wrong, but maybe first ensure you understand negative rights.
I understand why you think I'm wrong, but I hope you understand why I think that way. We can disagree, and that is fine, but let's not act as if there are objective answers in social constructs.
Because, I do think punishment is an imposed penalty. In this case, on your rights. Rights are abstract, and these are not binary nor clearly discrete. House arrest is not jail, nor are fines. But as communicated to you elsewhere, the 4th amendment is about ensuring friction for removing someone's negative rights.
But I disagree that punishment is imposed as a penalty as retribution for an offense. You imply that this requires an actual offense to have been made. I assure you that punishment can be imposed for any arbitrary reason. I can also assure you that punishment is a spectrum, from extremely minor (as I think we'd agree is in this case) and extremely harsh.
Did you forget the link to Blackstone?
yes
https://en.wikipedia.org/wiki/Blackstone%27s_ratio
The second one seems a lot more narrow and more legitimate
I remember Larry Ellison (Oracle) in the news saying that Privacy Is Dead a quarter century ago, long enough the article merely referred to it as famous (no date needed) in 2018. It was written six years ago...
https://securitycurrent.com/privacy-is-dead-long-live-privac...
I think whether their rights are violated depends entirely on what sort of information is handed over. Consider acquiring surveillance footage that has plenty of foot traffic, but a suspect is known to have passed by. The police are typically permitted to review that footage even though plenty of innocent people were captured on that video.
It isn't.
Democracy is fake.
Our justice system is fake.
Everything is fake.
(Where "fake" = "not what they are advertised or perceived to be.)
If all of the same things were occurring in another country, or even better: in a video game, you would have little difficulty and zero aversion to accepting these facts.
However: put a person into these things, and the brain malfunctions.
If you are a reasonably normal person, your mind will now be filled with objections to this proposition, reasons why I am incorrect. But if you were to state those objections, I can punch holes in every single one of them without even breaking a sweat.
We live in a literal simulation, but not the kind that everyone has been hypnotized to believe is the only kind possible - have you ever noticed that when the notion of simulation theory comes up, it is always The simulation theory (Nick Bostrom's)?
This is a pretty neat trick eh? And there seems to be nothing that can be done about it, because people will fight tooth and nail (using Meme Magic, aka "The Facts", "The Reality", etc) against being extracted.
Thankfully, it is simultaneously hilarious. Well, except the part where millions of children are dying, but nobody cares....but oh boy when a big scary "pandemic" comes along, pull out all the stops.
I hope that there is a Hell, because I would like to see every single member of this despicable 21st century society end up there some day. Seeing justice finally being served for once would be worth suffering for eternity.
OP explicitly agrees with you that the 30k is illegitimate, but that's the only one you address. What's your take on the one where the police became aware that they were being watched on a YouTube livestream while responding to a bomb threat and obtained a court order asking for information about who was viewing a set of local livestreams at the specific times where they were searching for the bomb?
What makes that one different than a court order demanding that a business release security footage that covers the scene of a crime for the time window in which the crime occurred? Or would you consider such a court order to also be illegitimate?
Any kind of search can be deemed constitutional if it goes through a warrant process, which is the point of warrants. This story is less about the how the information was taken and more about whether or not the warrant process and 4th Amendment rights were properly followed.
This would then be mixed in with the question of whether or not new forms of data (like video views) would equate to previous forms of similar data searches that police have obtained warrants for (like reviewing CCTV).
I certainly concur with this.
On the one hand, a narrow warrant that reveals a lot of people (classic example are warrants on motels to provide the names of everyone who checked in on a certain date, or was registered on a certain date) are certainly constitutional and have been upheld many times.
The first seems, odd.
Wait, what? So is Bitcoin illegal to use as a currency now? Special casing exchanges for cash seems completely pointless if you could just buy some of <any commodity> for cash and then turn around and sell it back to the same person for the same amount in Bitcoin, but if every customer has to do KYC of the merchant when they're paying with Bitcoin, how is that ever going to be feasible?
I think a charitable interpretation is that they were suspicious of the money being used illegally. But I'm not sure there's enough information here to make this clear. Because clearly there's misinformation being spread. Claiming bitcoin is anonymous...
More likely they wanted to seize the bitcoin under civil asset forfeiture and buy some high-end cars for their D.A.R.E. program.
Charitably speaking that is.
https://www.autoweek.com/news/a2055556/venom-law-police-put-...
The first is a somewhat clever attempt to unmask someone ann undercover investigator was already talking to. Police should have narrowed scope of the warrant by only asking for data on viewers within a narrow window after they sent the link.
Even better might have been to directly link to some service that they already control on a honeypot URL, and then gone after the ISP for customer details.
Nah actually pretty dumb overall. And sending an open link when a private one looks the same is even more dumb.
> The first one where the police uploaded videos and wanted viewer information is absolutely egregious and makes me wonder how a court could authorize that.
The police didn't upload they videos. It's not entrapment, and it doesn't sound like the actual content of the videos is illegal.
Instead, they had an open communication channel with their target and were able to send them various links to youtube videos.
Their theory being if they can find any user who clicked on all (or most of) those links, it's probably their target. And it's unlikely some random user would have accidentally viewed all those videos.
The actual request for the raw list of all viewers seems unconstitutional to me. Too broad, gives the police a lot of infomation about all users who watched just one of the videos. But I suspect a much narrower request where google identified the target user and past just that user's info on would be constitutional.
Isn't that worse? Essentially making Google do the job of the police and the police having to trust the work of Google for it.
I don't see any problem with trust.
The police will still get the exact same raw data of that one target user. The change just means that they won't get any data on other users.
If you see a YT which is remotely dodgy, don’t watch it… It very well could be planted there as bait.
And that’s great Google are trying to fight back, a little. Though I wonder that for us Non-American Brits that they’d do the same for us too (doubtful)
A person from rdrama managed to find the FBI victim's anon reddit profile (public information), and apparently it was IRS evasion? https://rdrama.net/h/slackernews/post/255754/google-ordered-...