Some Concerns About Feds' Ability To Get Twitter Info
from the any-right-to-protect? dept
We already wrote about the judge allowing the feds to get info from certain Twitter users. I didn’t find it all that surprising, but in a blog post with thoughts from lawyers Venkat Balasubramani and Eric Goldman, some big questions are raised. Venkat points out that the judge seemed to rely on the terms of Twitter’s privacy policy as “evidence” of what users are willing to give up as information. However, that seems pretty questionable, since there’s little evidence that the vast majority of people actually read privacy policies, leading to serious questions about how binding they are, or how instructive they are about what people have “willingly” given up. Goldman builds off of this, by noting that people should realize that privacy policies really aren’t just between users and sites, but that governments will “trawl through a site’s privacy policy to cite terms against the site’s users as part of the government’s rapacious desire to know everything about its citizens.”
Separately, Goldman raises a number of serious questions about the judge’s ruling and what it means. He points out that, similar to file sharing cases where there’s “file sharing law” and “real law,” there may be “Wikileaks law” and “real law,” where judges bend over backwards to make rulings against Wikileaks:
The government’s request for Wikileaks-related information from Twitter very well may be lawless, but this judge–like so many others confronted with Wikileaks-related issues–is willing to roll with it using highly formalist reasoning. In this respect, Wikileaks may be the new Napster–whenever its name is invoked, the rule of law gets suspended in an overall effort to kick the unwanted enterprise out of the ecosystem; and everyone who touches Wikileaks gets tarred with the taint-by-association brush.
The court’s ruling on 2704 standing to challenge a 2703(c) request is a fine example of the problem. The court says that, based on the statutory wording, the affected subscribers lack standing to challenge the records request. OK, but when do the affected subscribers have standing to challenge a 2703(c) request? According to this ruling, the answer may be never. That can’t be right. Surely we as citizens have some way to fight back against overreaching government requests for non-public information about us…don’t we?
We encounter the same problem with the court’s discussion regarding IP addresses. The court makes a troubling categorical statement: “petitioners have no Fourth Amendment privacy interest in their IP addresses.” As with the 2703(c) records request, is there any circumstance where a subscriber could prevent his/her IP address from being disclosed to the government? According to this court, the answer may be no.
Definitely questions worth pondering.
Filed Under: government, privacy
Companies: twitter
Comments on “Some Concerns About Feds' Ability To Get Twitter Info”
“taint-by-association” – yeah but they were all nuts and a**holes anyway.
Ty Ty your a terrific audience.
lol… blame the users for not reading? Really? Wasn’t that already covered by the whole end-user agreement BS?
IP Disclosure
and I dont mean intellectual property,… If you don’t want your government rummaging thru your data, perhaps you should not have joined Twitter, MySpace, and/or Facebook to begin with. However, if your willpower was insufficient to resist posting about that new blackhead you discovered on your nose this morning, you can always implement VPN usage. This will allow the government(s) to access your IP without due process, adversarial hearing, or constitutional muster by just handing them an IP address that isn’t yours. Problem solved.
Re: IP Disclosure
The U.S. government is abusing laws and its own citizen’s rights and you’re saying it’s ok because they use the internet?
wow.
Re: IP Disclosure
This is the government taking private data from Twitter, not public data. If I post about my latest pimple on Twitter, the post is public and I have no basis to complain about the government accessing it. My personal account details, however, are private (between me and Twitter), and the government has no more right to demand access to them than they do access to any other data I privately share with select individuals.
In fact, they actually have LESS right to data I have shared with a company like Twitter, as there tend to be laws in place restricting how companies can share the data of their customers, while there generally aren’t any laws restricting how individual citizens can share information on other citizens. I.e. it’s illegal for the video store to share what movies I rent, but if I tell you “Hey, I rented Avatar last night” it isn’t illegal for you to share that information with anyone else.
Slaves Too?
Venkat points out that the judge seemed to rely on the terms of Twitter’s privacy policy as “evidence” of what users are willing to give up as information.
Hmm, that’s interesting. I wonder, could I own slaves as long as I somehow got them to accept an “agreement” to give up their freedom? Once upon a time I was told that that would still be illegal, but I guess the law has changed since then. I wonder how much slaves go for these days.
Re: Slaves Too?
about $90 according to CNN http://www.youtube.com/watch?v=fMf9BhvGY-0
Mike, can you point me towards the Techdirt privacy policy, I really need to check something.
my point was..
my point was the behemoth that is now our government is not conducting itself in the best interests of the people, but in the best interests of the corporations. This is not something that can be stopped, with ACTA, COICA, and TPP on its way, the only way to ensure the government does NOT infringe your first and fourth amendment rights is to inhibit their ability to do so in the first place. There was no condoning of their behaviour in my initial statement. I am a voracious copywrong infringer on a massive scale, justified or not, agree or not, but you should consider the precept of deterring your government from obtaining information that violates your ‘unnecessary search and seizure’ provision guaranteed by your constitution.
facts
look at the facts. If a citizen is accused of a crime, they are given an adversarial hearing within 72hrs, and considered innocent until convicted of said crime. They typically are even allowed the option to set ‘bail’ and be released. Even in murder cases. Where was the 72hr adversarial hearing for the 84,000 websites the government publicly accused of child pornography? where was the innocent until proven guilty. Its a double standard, the MAFIAA knows for a fact they are wrong having ICE pull these sites down, yet they ‘play’ the system to get what they want, when they want, at taxpayers expense. The primary basis for the confiscated URLs is based on bad implementation of existing law, stretching it beyond breakage. It is not a yacht, that could be moved and sold without enforcement intervention, nor does ICE mandate even cover criminal copyright infringement, which is what they are attempting to make it out to be. With the passing of TPP, they will make non profit file sharing criminal, to use as a bigger stick, even though study after study has debunked the actual impact of ‘piracy’, er file-sharing.
Re: facts
Where was the 72hr adversarial hearing for the 84,000 websites the government publicly accused of child pornography?
Nowhere. The government didn’t accuse 84,000 websites of having child porn on them, they seized one domain. If that had 84,000 pages, 84,000 images, or 84,000 pdf files doesn’t change what content was out there.
What hasn’t been talked about here is how much stuff the moooo.com people removed. Any ideas?
Re: Re: facts
84,000 websites displayed the HSA/ICE takedown page due to child pornography. I would call that accusation, defamation, libel and potentially criminal in nature.
Re: Re: Re: facts
Nope, 84,000 pages showed it. Third level “sub-domains” are not registered, and thus aren’t websites in any legal sense that I can see. They are part of the moooo.com website.
Re: Re: Re:2 splitting hairs
Obscuring fact with minutiae is dribble, and shows ignorance on your part. Let me rephrase the response so you cannot indulge idle speculation..
84,000 businesses were in fact, accused of child pornography due to the reckless abandon, and incredible overreach of HSA/ICE.
Several businesses were drastically affected (read integrity devastated, doors closed, people laid off) in South America, specifically Argentina and Brazil due to the lack of diligence.
Therefore, you argue the legal ramifications of the technicality of a defined ‘website’ in support of a radically unconstitutional seizure to begin with?
Re: Re: Re:3 splitting hairs
84,000 businesses were in fact, accused of child pornography due to the reckless abandon, and incredible overreach of HSA/ICE.
Is that a smoke machine I see near those mirrors?
First off, anyone who basis their business off of something they don’t control doesn’t earn much respect. For a very few dollars ($1.99 if you want a dot info domain) you can have your own domain and do what you like. These people instead decided to join a group of people on a single domain, something they don’t control, and without the ability to choose who else they would be sharing that address with.
Some child porn or other illegal activity got onto the address, and it was seized (for a short period of time).
If they closed their doors to their businesses for the domain being down for a few hours, perhaps they didn’t have a very good business to start with.
Your arguments are very weak. Would you like to take another swing at it?
Re: Re: Re:4 so..
so your argument is ‘awwwwww’ too bad for them?
impressive, most impressive.
saw it coming..
I personally saw this coming back in 1999. I have meticulously preened my IRL (in real life) online persona that I use for business purposes for over 15 years now, and If you had my real name, you would get one search result, my LinkedIn profile, nothing more. All other online activities are pseudonym-ed or anonymous behind proxies and vpns to ensure my IRL cannot be attached to my ‘web presence’. If you had access to the IP addresses I have used to make comments on Mike’s board, you will see at 8:07am local, I was in Florida; 10:15am local, I was in France; 10:33AM, still France, and this posting will look like it came from Amsterdam. This type of subversion may still be ‘geek’-only, or for just power users, but so were alot of things over the ages, take automobiles for example. This subversion effort will be a direct response to the government’s persistent invasion and violation of your personal freedoms and rights granted citizens according to the Constitution. Our government is not even trying to hide the fact that they are f*cking over its constituents at every possible chance they get. I, personally have friends all over the world, and it’s sad to admin being ashamed of being an American. The US of A currently has an impressively bad reputation globally, and it gets worse every day. So expect power users like myself to continue to foil my government’s attempts to subvert me to oligarcy control, and others will follow..its happening right now, has anyone heard of the un-group Anonymous lately?
Re: saw it coming..
Actually, all that looks like you have something to hide.
Re: Re: agreed
I agree, however, just as there are people that disregard the speed limit while driving, it really is nobody else’s business that you like to speed, or were, in fact, speeding.
Hiding my activities is not an ipso facto guarantee I am doing anything nefarious. In my situation, I am, yet that does not diminish the validity of keeping one’s privacy, well, private. Keeping one’s rights upheld, and my constitutional privileges intact these are the very tenets of democracy, whether I am ‘up to no good’ or otherwise.
Privacy Policies and EULA's
Surely one of the issues is the ridiculous format of Privacy Policies and EULA’s, each is unique, outrageously verbose and largely impossible to assess against every possibility. Users know that and sign them in disgust but also hoping they will never breach them with normal use, what else can one do?
Is it not about time a standard Privacy Policy and EULA was developed that is succinct (1 page max), specifies intent rather than hair-splitting specifics (ex. It is The Company’s intent to … and if The Company fails in this intent it can be held liable.) and is approved by the Gov’t (they need to be partners in this contract so their position is known – it is no good them ambushing someone after the fact!).
This standard-contract mechanism is not unique but is not as widely used as it could be, and yes there will be issues but frankly it will solve many more issues than it creates.