EFF Unveils Plan For Ending Mass Surveillance

An anonymous reader writes: The Electronic Frontier Foundation has published a detailed, global strategy for ridding ourselves of mass surveillance. They stress that this must be an international effort — while citizens of many countries can vote against politicians who support surveillance, there are also many countries where the citizens have to resort to other methods. The central part of the EFF's plan is: encryption, encryption, encryption. They say we need to build new secure communications tools, pressure existing tech companies to make their products secure against everyone, and get ordinary internet-goers to recognize that encryption is a fundamental part of communication in the surveillance age.

They also advocate fighting for transparency and against overreach on a national level. "[T]he more people worldwide understand the threat and the more they understand how to protect themselves—and just as importantly, what they should expect in the way of support from companies and governments—the more we can agitate for the changes we need online to fend off the dragnet collection of data." The EFF references a document created to apply the principles of human rights to communications surveillance, which they say are "our way of making sure that the global norm for human rights in the context of communication surveillance isn't the warped viewpoint of NSA and its four closest allies, but that of 50 years of human rights standards showing mass surveillance to be unnecessary and disproportionate."

And does Slashdot understand the threat?

[Anonymous Coward]

So, Slashdot, should we expect your support?. https, when?

Re:

[Anonymous Coward]

So, Slashdot, should we expect your support?. https, when?

Be thankful that AC posting is still legal here.

Or anywhere on the internet for that matter.

Re:

[nehumanuscrede]

While AC posting might obscure your username, the IP address that's likely logged will not.
( Unless you're coming in via proxy )

Long time users can be matched up by the style in which they write. How well they phrase things, sentence styles, etc.

Re:

[StripedCow]

You seem to be under the impression that https is secure.

http://blog.cryptographyengine... [cryptograp...eering.com]

Re:

[lesincompetent]

They're not even IPv6 capable. Give these poor lazy fuckers a break.

Re:

[Roodvlees]

Let's hope the EEF is going to solve that problem.

#4 - Reform Executive Order 12333

[Trax3001BBS]

Executive Order 12333
https://www.cia.gov/about-cia/... [cia.gov]

(forgot to refresh...)

Re:

[Chas]

Ahhh... the 1981 Regan years started this order. Continued by Obama for 8 years and Bushes for a total of 12 years before him. What a sad state our country is in now.

Oh. I see! Clinton was just too busy getting blowjobs during his tenure right?

Support the EFF

[OldSport]

Seriously, to put it simply, these guys are the shit. I figure most Slashdotters are well aware of what the EFF does, but if you aren't, definitely check out their website, blog, etc., look at what they've done, and consider donating to support them. (FWIW, I am in no way affiliated with the EFF. I just think it's a great organization.)

Re:Support the EFF

[Xest]

Agreed, but it's worth noting that they're very US-centric (and that's not a criticism, just a statement of fact) so if you're not from the US you may find your money better spent elsewhere.

For example, in the UK, the Open Rights Group is far more relevant and helpful towards dealing with these issues in the UK than the EFF is. Presumably the options in countries like Sweden and Germany would be the much better organised respect Pirate parties there.

Re:Support the EFF

[TheRaven64]

I'd also like to plug the FFII [ffii.org] for anyone in Europe. They have a few MEPs among their members and have had some important successes. Less relevant in this particular issue, but they have a lot of overlap with the EFF in other places.

Re:

[OldSport]

Absolutely, thanks for the extra info.

Good Luck! You'll Need It!

[TrollstonButterbeans]

Good Luck! You'll Need It!

And what I mean by this --- the average Joe likes to post all his stuff on Facebook. He knows his communications aren't private and he doesn't care.

You aren't going to make him care either.

And is this a worthy cause? Cheap/free services depend on a revenue stream from something and exploiting the user ("You are the product") is not a horrible trade-off for the wide availability of cheap/free services.

How is a company going to support end-to-end encryption for free and still make money selling your information and metadata to third parties?

Keep in mind that means Google too. Or are you going to come up with a plan for Google to not be able to read your emails? Because if Google can read your emails, the government can.

Re:

[IamTheRealMike]

This is very true. However, WhatsApp appears to be a counter-example. They are deploying full end to end encryption and instead of ads, they just ..... charge people money, $1 per year. WhatsApp is not very big in the USA but it's huge everywhere else in the world.

The big problem is not people sharing with Facebook or Google or whoever (as you note: who cares?) but rather the last part - sharing with a foreign corporation is currently equivalent to sharing with its government, and people tend to care about

Re:

[AmiMoJo]

the average Joe likes to post all his stuff on Facebook. He knows his communications aren't private and he doesn't care.

Not true. You should have heard the reactions when Snowden broke in the UK. There was a woman on a national TV debate programme who was upset that GCHQ had access to her Facebook profile which she had set to "private".

It's not that people don't care, it's that they don't understand. How many people still using Skype or Yahoo webcam chat with their girl/boyfriend do you think realize that that they they flashed something was recorded and reviewed by a GCHQ officer? When people realize this, when they realize

Overreach vs. Explosive Reaction

[Kevin Fishburne]

The problem is that while trying to survive and maintain some kind of social normalcy most people don't take an active role in shaping their local/regional/national/world topology until men in black are infiltrating their home at night and killing/disappearing them and/or raping their wife while their children watch. Complacency lies in the middle, and we're ("civilized" countries) still in the middle. The middle's that slippery slope between the crest and trough of utopia and North Korea. Hopefully the EFF will have some success before momentum takes us to that dark point where we have no choice but to answer with drastic measures. Ironically, the goal of both sides is peace and order. I suppose the difference in opinion about the road to said peace and order is what puts us at such unenviable odds.

SIP Replacement?

[AftanGustur]

One of the big pieces of the puzzle that needs to be solved is a replacement for the SIP protocol.

Almost no one has a public IP address directly on their workstation at home and it is preventing free open source telephone to be widely adopted.

What is needed is a telephony protocol that and can easily be proxied or tunneled and/or that does not need extra measurements for surviving NAT.

Re:

[IamTheRealMike]

RedPhone is free and open source end to end encrypted telephony that works OK (not amazingly, but as well as a typical commercial VoIP app does). People authenticate each other using their voices.

Re:

[AftanGustur]

RedPhone is only for Android although iPhone compatible version exists. But this is not what I was talking about.

The problem is that there is no telephony system that you can use cross-platform, that is open source and the clients are easy to install and use for the average user.

No other heavily-used protocols have this problem, FTP, HTTP, SMPT, DNS, Torrent, Cloud Storage, VPN, SSH all have cross-platform, free and open source clients that are easy to set up and use for the average user. Telephony i

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[locofungus]

why would providers go from IPv4 to IPv6 when soon there will be a shortage of numbers

They'll drag their feet but, eventually, there will be services that people want to use that are only available via IPv6 and then there will be little choice. (Although they'll try to proxy[1] popular IPv6 sites first)

[1] fake 10.x.x.x dns records that they serve to their customers and then forward the traffic over IPv6

Re:

[tlhIngan]

Would IPv6 not solve that? OTOH, why would providers go from IPv4 to IPv6 when soon there will be a shortage of numbers and they can charge (even more) extra for those who want a fixed IP with the excuse that they had with dial up.

IPv6 will, ironically, make the situation worse.

Because SIP assumes complete connectivity between hosts, but if you have a firewall in the way, that model breaks. And IPv6 firewalls will probably be the norm, so you'll end up with situations like the days of early NAT gaming - eve

Re:

[Dagger2]

For example, you can't run a Minecraft server on an IPv6 address.

Yes you can! This worked fine the last time I tried it.

What didn't work fine was the client. The client actively disables IPv6 support in Java. The bug report is here [mojang.com] if you wouldn't mind adding another useless request for them to fix their shit.

Re:

[roca]

WebRTC:
* Proper open, royalty-free standard (IETF)
* Encryption (DTLS)
* Opus CBR mode for high resistance to traffic analysis
* Standardized NAT traversal (ICE, STUN, TURN)
* Supported in Chrome and Firefox, plus other products
* Coordinate WebRTC sessions with any Web site

Re:

[AftanGustur]

Interesting concept and without a doubt very useful.

But there is no open source server-side yet.

Encryption is only part of the solution

[binarstu]

From the summary:

The central part of the EFF's plan is: encryption, encryption, encryption.

Encryption everywhere is great. But as long as the majority of us remain willing to hand over everything about our personal lives to Facebook, Google, etc., then mass surveillance by either private entities or governments will remain ridiculously easy. To me, that seems like the really hard problem to solve. There is no way those companies will deny themselves access to their users' unencrypted data.

Re:

[Roodvlees]

When they have an alternative business model to make money they might.

Re:

[msobkow]

More to the point, there is no need to crack the communications to a client if you are in bed with the service provider and have access to their databases and logs.

Client-server encryption is about keeping the bad guys and only the bad guys from sniffing your data. It's up to the service provider to determine how secure your data is actually going to be in light of warrants and subpoenas.

Encryption, encryption, encryption

[Blaskowicz]

I will guess :
- certificate errors that people will have to click through ten times a day
- people lock themselves out, accidentally lose their data (lost keys, lost cellphone needed to receive an SMS)
- interoperabiliy problems of old versions and unpatched browsers, libraries, software
- encrypted ads and encrypted malware will infect your encrypted browser and mess with your encrypted data.
after non-root computing and port 80 computing, meet encrypted computing, same crap one more layer down
- bad guys will

Technology is a first step..

[Coolfish]

They're absolutely right to suggest the first thing we have to do is increase widespread use of encryption technology. But the NSA and others have already said if we do that, they'll step up their game. We need to not just take our technology to the next level, we need to take our governance to the next level.

Politicians have proven themselves to be complete failures in working for the people. Sure, some countries have more luck than others - but there's nothing to suggest that that luck won't run out. Look at even the Scandinavian countries - their agencies are working for the NSA, their politicians are playing the exact same games. We need to reform our political system to reduce the amount of fuckery to a bare minimum. How do we achieve that? Complete and total transparency is vital, but not enough. Politicians are willing to openly defraud citizens in many countries already - it's not enough to know what's going on, we have to be able to hold them to account. And that's where I think elections are a farce. We don't choose who runs. We don't choose who gets to be on the final ballot. All of that is taken care of by big money interests, and even in the off chance we do get a good person into the system, they're outnumbered 100 to 1. And then the system starts to chew them up, convince them that their ideals are worthless and principles be damned, the system needs to continue operating as it has, as it will, with no real changes. Yea, one batch of idiots might do a slightly better job on one thing or the other, but in the end, as long as we continue to feed the system, it's no wonder we get governments abusing their power.

We need to have a government. We need to have a monopoly on violence, otherwise it gets to be dog eat dog very quickly. But a government that isn't held to complete account by the people is just another mad dog. The failures of our political systems have shown themselves clear. Institutional corruption. Control by a tiny minority. Ridiculous squabbling over issues that are settled science. Is this really the best we can do? I don't think so. Why are we still using politicians? Professional ones? We can have representatives, but I think it should be clear to anyone that a random person off the street will demonstrate as much intelligence and thought as an elected official - perhaps even more, as an elected politician has demonstrated the ability to say anything to get to that position. Why not do a sortition? Randomly selected individuals, and give them 1 year to govern. They can propose laws, but nothing passes until there's an approval vote by the citizenry. If the sortition does a good job (as judged by the people), they get a huge bonus. If they don't, they get the median wage, and the next sortition tackles the problems. How is this worse than giving a tremendous amount of power to a group of people who've constantly demonstrated themselves as a bunch of liars, power hungry, war mongering liars at that, and giving them free reign for 2, 4, 6 years?

Absolutely, increase and improve the technology. But don't ignore the technology running our governance. It's tremendously outdated, with countless flaws and bugs that have remained unpatched for millennia. It's time for a new release of Government.

Re:

[Anonymous Coward]

As with any proposed solution, you forget the most important fact: human nature.
With one year to govern, and no experience in the particular field and little or no interest to match, the new governors require background information, historical precedent, comparative analysis of existing implemented policy, summaries of related and effected fields, current data, survey results etc. etc.
They will revert to being influenced to either a) take the easy option, b) take the corruption option or c) take the idiot o

Re:

[Coolfish]

I'm not sure I follow your argument. You're basically saying that we need professional politicians, because if we didn't have professionals, then people wouldn't know what to do - they'd have to actually study the problem, look at the history, figure out the data, and then propose a solution. All the while knowing that even with the best intentions, stuff can and will go tits up. Yea, wow, that sounds like a terrible approach. Instead we should get people who just pretend to know the answers!

a) The easy op

Re:

[CrimsonAvenger]

We need to have a monopoly on violence, otherwise it gets to be dog eat dog very quickly. But a government that isn't held to complete account by the people is just another mad dog.

So, just curious, how do you hold the guys with a monopoly on violence to "complete account by the people"?

Won't work

[Errol backfiring]

Governments will make encryption illegal (they want to do that now, if they haven't done it already) and will stop giving the companies who support this government contracts. No self-respecting company will support this.

encryption is a false sense of security

[ruir]

When you use ROMs, firmware, operating systems and software designed by americans, with backdoors to all the three letters national agencies you can think off.

DONATE

[brunes69]

Donate

Donate

DONATE

If everyone who posted a reply to this story donated to the EFF with their dollars in addition to their words, that would be pretty substantial in aggregate, and they could do some real work with those funds.

Donate to the EFF. They have been fighting this fight for as long as I have been alive and are one of the only groups to has maintained the fight. While I have donated to them on and off over the years, I have been lax for quite awhile. I just donated to them and challenge everyone else to do the same.

PS: And, this comes from someone not in the USA who DOES NOT get a tax break from his donation since they are not registered in my country, but who recognizes the global impact of the EFF.

Ending mass surveillance

[aglider]

Or better trying to hide it?

Spying on the world is unconstitutional in the US

[Kirth]

Actually, the constitution not only forbids spying against citizens of the USA, but against everyone:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Notice, it says "people" there. It's speaking of "citizen" in the context of el

Re:

[CrimsonAvenger]

When they use "people" in the Constitution, they mean "people subject to the laws of the US". It does NOT apply to, say, UK people in the UK, though it DOES apply to UK people in the US.

Basically, anyplace that a search warrant by a US government agency will work, the Fourth Amendment applies. Anywhere else, not so much.

How do we get vendors to support this?

[jonwil]

Its all well and good to talk about "encryption, encryption and more encryption" and to invent new protocols to help keep stuff from the eyes of those who would try to access private information (whether they be criminals, law enforcement, intelligence agencies or otherwise) but unless you can get vendors to adopt your new technology its not going to see widespread enough use to make a difference.

Take SSL/TLS for example. Right now when you visit a https site, your browser retrieves a certificate and checks that the certificate has been signed by a root certificate in your browser's local root trust store. There are a number of proposals out there to change this so that the public keys used for https connections are obtained in a way that doesn't rely on the broken CA model but as of yet none of those proposals have been implemented into any of the mainstream web browsers.

Why isn't more being done to get these new security ideas into the mainstream browsers? (especially the open source ones like Chrome/Webkit/Blink/Firefox). DANE (an RFC for storing https certificates in a DNSSEC secured DNS record) has a patch for Firefox posted in 2011 that has gone nowhere and vague mentions of work for Chrome but nothing else.

Re:

[nehumanuscrede]

This will be difficult because while the government has unlimited funds / budgets to bribe / coerce the vendors with, the rest of us do not.

" We would like you to use THIS protocol as the new standard in your product. "
" That would weaken the entire system. "
" How does a a few million sound in exchange for your cooperation / silence / immunity ? "
" It sounds insulting actually. "
" Ok, how about a few HUNDRED million ? "
" :| . . . . . Done. "

That's pretty much how it works. Everyone has a price. Once the

Control the bureaucracy?

[PeterM from Berkeley]

I've pondered sortition government, but I wonder how you would reign in the power of the bureaucracy.

As an AC said, the random citizenry isn't going to have the depth to really write good laws, so it'll probably largely fall to a bureaucracy, which might end up with all the real power. I can scarcely see that as an improvement.

However, the sortition has the big benefits you mention:
1) Actually representative of the people, because they ARE the people
2) Don't arrive in office corrupt, aren't beholden to d

Re:

[CrimsonAvenger]

I've pondered sortition government, but I wonder how you would reign in the power of the bureaucracy.

Rein in.

What makes you think anyone has managed to rein in the power of the bureaucracy with current government types?

Face it, the larger the government becomes (relative to the population/economy), the more the government is dominated by its own bureaucracy. Note by the by, that the US Government's budget is ~20% of GDP. So one dollar in every five spent in the US is spent by the government....

Whose encryption?

[rickb928]

I'm guessing Bitlocker is not useful for encrypting my data sufficiently to keep the government(s) out of it.

And the Truecrypt substitutes are all marginally trustworthy, as well as not quite so fully functional.

Not many good alternatives here.

Re:

[Anonymous Coward]

People like you are the real problem. If you truly cared about your family, you'd do something to ensure your children's freedom.

As it is, your words mark you as selfish and cowardly.

Re:

[msobkow]

I mean, seriously you call the GP "cowardly" and you can't even identify yourself. What a fuckin' hypocrite.

Re:

[hawkinspeter]

Why do you think it takes balls to log in? Just be thankful that your safe and comfortable life means that you don't need anonymity. (I also don't need anonymity, but at least I have some understanding that other people are in different situations).

Re:

[msobkow]

I don't log in because I have "balls". I log in because I take responsibility for my comments and opinions. But you wouldn't understand anything about that, would you? No, you're just going to anonymously preach to people and demand that they respect and adjust to your viewpoint on security.

I pity you paranoid losers. I'm bi-polar. I know what paranoia is like. You need medication for that.

Re:

[Slashjones]

I log in because I take responsibility for my comments and opinions.

By having an account on Slashdot? Well done. That's such a difficult thing to do!

Re:

[msobkow]

If you're not willing to take responsibility for what you say and accept the heat if people disagree with you, you shouldn't be saying what you are in the first place. Only cowards need to hide behind masks, the same as KKK and ISIL members. :(

Re:

[mrchaotica]

Only cowards need to hide behind masks, the same as KKK and ISIL members

Or Christians in ancient Rome, or Jews in 1930s Germany, or educated people in 1970s China, or (soon) freedom-loving people in 2010s America.

Re:

[msobkow]

When you walk the streets of your home town, do you wear a mask and costume to hide your identity? No -- your face is visible. You are a private citizen, you have the right to be left alone or to interact with others as you choose, but you are always identifiable by your face. I feel the internet should be the same way -- you should always be identifiable.

Re:

[msobkow]

And you've never heard of private chat clients? Peer-to-peer communications? Encrypted emails?

You don't have to talk about the personal details of your life on Crackbook where there is a record.

Your whole argument is premised on the theory that everything is recorded and tracked, regardless of encryption, regardless of HTTPS, regardless of SSL. All I'm saying is that you should be required to log in to a server to make public comments or to send messages to an individual. That's not to say you need t

Re:

[BarbaraHudson]

see drunken pictures from USask? Or to know that you're bipolar?

We all have stuff we're embarrassed by.

Really? Times have changed. There's no reason to be ashamed of either of those things.

Re:

[mrchaotica]

Here's the thing: although you're entitled to your opinion, that doesn't change the fact that it's both wrong and un-American. In fact, the United States wouldn't exist without anonymous public comment [wikipedia.org]!

So, if you hate freedom that much -- and make no mistake, freedom requires anonymity, so if you hate anonymity then you hate freedom -- then by all means continue to think that way. But please do the rest of us a favor and GTFO of the USA!

Re:

[msobkow]

Go walking down the street of your hometown with a mask/costume or KKK robes on and see how that works for you. "Private citizen" does not mean anonymous in pretty much any part of the real world or real life. You can always be identified by your face.

Re:

[Slashjones]

Go walking down the street of your hometown with a mask/costume or KKK robes on and see how that works for you.

I'm pretty sure you could, unless you live somewhere with draconian laws. And I *will* have to start doing that if the government starts really making use of mass surveillance of public places.

Re:

[Slashjones]

Also, comparing faces to names is ridiculous. No one is going to remember your face. A name on the Internet is easily searchable, so it's a different world altogether. Encouraging anonymity allows far more people to say unpopular things that challenge the status quo.

Re:

[msobkow]

It's a trade-off. No one is going to punch you in the face on the internet for mouthing off.

Re:

[Slashjones]

Say something unpopular (like disagree with the "for the children" crowd) and you may find yourself the target of a lynch mob, or you may find that many employers might decide to not give you a job.

But arguments stand on their own merits in the first place.

Re:

[Blaskowicz]

Look at what Greece just did : they changed their government by voting.
It's doubtful the same can happen in the US but I hope you can keep a glimpse hope.

Re:Now using TOR after WH threats to invade homes

[pbjones]

if enough people were serious about TOR, they would crash it while trying to avoid NSA.

Re:Now using TOR after WH threats to invade homes

[vux984]

Starting using TOR browser bundle after White House threats in previous Slashdot article

WTFBBQ?!

Ok... White House threats?

The ones made by Sir David Omand
former head of GHCQ
in the UK (the "sir" and "GHCQ" should have been clues)

That guy is now a policy making executive in the White House?

Look I agree with your sentiment, but your total ignorance ruins your credibility here.

Some retired guy in the UK explaining that without surveillance spies will need to do more intrusive spying to get at intelligence does not amount to White House threats, even if he was the head of the British equivalent of the NSA. He's still just a retired guy rendering an opinion.

What's more what he is suggesting will happen is actually a good thing. We want the NSA to make intrusive spying efforts at targeted individuals, under warrant and court supervision. That's their job, and we all more or less agree with them doing exactly that. What we don't like is them sitting back and tapping everything from everyone, everwhere. But if they literally have to go somewhere and physically plant a bug in some suspected terrorists laptop to get at his info ... GREAT.

We should be raising Omand on our shoulders and parading him around as the voice of reason.

Re:Now using TOR after WH threats to invade homes

[vux984]

It is a catch 22; You can't get a warrant without evidence and you can't get evidence without a warrant.

No. Its really not. Its called regular police work. And police have been identifying suspects, building cases against them, culminating in search and arrest warrants for a hundred years now without "mass surveillance".

Will the EFF be the ones who apologize to the families of those killed by attacks that could have been stopped?

Where are these unicorns? Has there ever been a single verifiable case of this?

And even if they do exist? So what? Why should the EFF apologize for pushing for policies that make us all more free; even if a tiny handful of people die as a result?

Should the police be allowed to just randomly stop and frisk you? Maybe give you an anal probe right on the street? Maybe come into your house at night, and search the place for evidence of terrorism? No? You don't think that's ok?

Will you personally apologize to the families of those killed by attacks that could have been stopped if these searches had been allowed?

Re:

[BarbaraHudson]

Will the EFF be the ones who apologize to the families of those killed by attacks that could have been stopped?

Where are these unicorns? Has there ever been a single verifiable case of this?

I don't know about elsewhere, but here in Kanuckistan the RCMP has been working, with the cooperation of the muslim community, to deradicalize people, with some success.

Re:Now using TOR after WH threats to invade homes

[vux984]

Where are these unicorns? Has there ever been a single verifiable case of this?

I don't know about elsewhere, but here in Kanuckistan the RCMP has been working, with the cooperation of the muslim community, to deradicalize people, with some success.

"With the cooperation of the muslim community. Meaning; the RCMP were alerted to potential bad eggs from within the muslim community by volunteers; thanks to the RCMP being accessible and opening channels of communication. Its an example of truly good police work.

That's exactly what we need, and more of it.

But the unicorns I'm talking about are the terrorist attacks stopped by the panopticon, by the mass surveillance of everybody.

Re:Now using TOR after WH threats to invade homes

[Slashjones]

Surveillance does not make people less free.

Violating your privacy infringes upon your freedoms, so yes, it does. The United States constitution's fourth amendment mentions that you are secure in your papers among other things. The papers themselves? No, what is really protected is the information on the papers.

If repressive things happen with the gathered data then that would be a problem but not the surveillance itself.

You can't separate the two, you insufferable moron. One inevitably leads to the other, as history shows. Information is power, and mass surveillance is a means of crushing democracy [gnu.org] and destroying people who challenge the status quo. They tried to do that with MLK, they tried it with nearly every anti-war movement, they try it with nearly every movement that challenges the status quo, and now with mass surveillance, they'll be that much more efficient at crushing those who challenge authority.

Re:

[tburkhol]

Surveillance does not make people less free. Does an audience at a theater make an actor less free?

What? Are you seriously trying to suggest that the role of police/security forces is comparable to a theater audience? Because I'm pretty sure that the audience pays actors for the privilege of watching them, whereas I am paying the police. I talk about my boss, my wife or my mother very differently when they're standing next to me, so I claim that an observer absolutely does restrict my freedom.

If repressive things happen with the gathered data then that would be a problem but not the surveillance itself.

OK, so when it's a private citizen, we should watch them closely, all the time, in order to identify when they

Re:

[coofercat]

Let's say I hire a PI to follow you around and take photos of everything you do in public, and perhaps through the windows of your house, maybe using a laser microphone to listen to what you say in your house, and make notes of everything you do. At no time will you be physically obstructed by any of this. Do you honestly not feel that impinges on your freedom at all?

Amazing.

Re:

[dave420]

You made some good points.

Of those hundreds of years there has only been thirty where large numbers of people can communucate and plan operations without ever meeting. The criminals are allowed to use modern technology by the police are not?

The police can use the same technology - they can cooperate with their counterparts the world over, they can communicate with their agents in the field, they can send video and images around the world in seconds. Being able to use modern technology and being able to sub

Re:

[jklovanc]

Bank robbers used dynamite to blow open banks and their safes - by your logic you have no problem with police using dynamite to blow up your house looking for robbers.

False parallel as blowing something up causes physical damage while surveillance does not.

So you'd have no problem with government-sanctioned cameras in your bathroom filming everything

Another false parallel as I am generally alone and doing something very private. Anything that happens in my house is very private. Once it gets out of my house it is a different matter.

you not only risk them finding things you've done which they might not like (either now or in the future), but you give them the opportunity to put things there for them to find.

By that logic search warrants are also flawed because they could plant evidence.

Re:

[Slashjones]

Will the EFF be the ones who apologize to the families of those killed by attacks that could have been stopped?

Our fundamental liberties are more important than safety. Are you going to apologize to all the people whose rights you've helped violate in the name of safety? Are you going to apologize to all the people who are abused by corrupt governments? Not a single government throughout history has not abused its powers in horrendous ways. Instead of apologizing, maybe you should move somewhere more to your liking, like North Korea.

People who truly desire freedom realizes that it carries risks. I don't want 100% sa

Re:

[jklovanc]

You, though, are a coward, and don't belong in any free country.

Nice personal attack which negates anything else you said.

Re:

[Slashjones]

See a pattern? It's all about what *YOU* want.

Just like YOU want to feel safe at the expense of everyone else's fundamental liberties and the US constitution. Screw off. If you feel otherwise, you don't really belong in "the land of the free and the home of the brave," or any free country. You would rather the government unlimited power so you can have your perfect safety, all the while you pretend the people in the government are perfect beings. Move to North Korea and you'll have you ideal government.

It's funny how you hardcore authoritarians are alw

Re:

[dave420]

It's called "intelligence work", and it requires well-trained people gathering intelligence on these targets. They can infiltrate the groups, befriend suspected terrorists, etc, and gather information. This is how it was done for decades, and no-one had to have their entire lives rummaged through by default until they were shown to not be a "bad guy".

It's not a Catch-22 - it's abject laziness on the part of the security services. Plugging in servers is easy. Asking for money to protect people from "scar

Re:

[Pseudonym]

Will the EFF be the ones who apologize to the families of those killed by attacks that could have been stopped?

Really? Do tell. What are these attacks that have been stopped by mass surveillance and could not have been stopped by good old-fashioned detective work?

Terror attacks are rare in the United States. They are remarkable precisely because they are rare. This is why anti-terrorism powers are overwhelmingly used to investigate non-terrorism offences, and the vast majority of terrorist attacks foiled are ones that they made up [nytimes.com].

Re:

[Chess_the_cat]

"How do you get probable cause when everything up to the actual act is planned and discussed over the internet." The same way the cops did it before the Internet existed. Look, the police didn't listen to every single phone call between 1920 and 1995 to try to find crimes that were being planned on the phone. They didn't even listen in to every conversation in every pool hall and dive bar trying to find people planning crimes. What you do is you work off tips from the public, you solve crimes that have

Re:

[jklovanc]

If you are calling trying to stop things like the Charlie Hebdo a Nanny State then I think your definitions are a bit off.

Re: Now using TOR after WH threats to invade homes

[Slashjones]

Then the more people that use TOR, the more targets they'll have. You can provide cover for the people who really need protection. That's a good thing, not a bad thing.

Re: Now using TOR after WH threats to invade home

[Slashjones]

Then we need more people willing to stand up for their principles, not less. If you give up, your privacy definitely won't be protected.

Re:

[Slashjones]

Privacy is dead. Finished. Over. Nothing is going to change that.

Freedom is dead. Finished. Over. Nothing is going to change that.

Nice self-fulfilling prophecy. While you whine and cry about how we're done for, there are people actually doing something. I'm sure many people felt the same as you during the civil rights movement, but thanks to people not giving up, it had many successes.

Grow up.

I'm not going to tell you to grow up, because your age/height has nothing to do with the conversation, but I will tell you to grow a brain.

Re:I'm going to...

[monkeyzoo]

I heard a good quote from Glenn Greenwald. When talking with friends and others about mass surveillance, people often respond, "Well, if you're not doing anything wrong, you have nothing to worry about." To this, he replies, "Well, you're not doing anything wrong, right? So you wouldn't mind giving me the password to all your email accounts, and I will go through there and look for anything I find interesting and want to write about?" This makes people realize PRIVACY is not about HIDING bad stuff but about our fundamental write to keep our private communications from our private lives PRIVATE!

Re:I'm going to...

[Slashjones]

That's a good point, but it also misses the fact that there isn't a single government throughout history that didn't subject its citizens to horrible abuses of some sort, which includes the US government. Give normal humans nearly unlimited power and they'll abuse it. The people who say "If you're not doing anything wrong, you have nothing to fear." must be completely and utterly ignorant of history, and must have such faith in the 'normal' people in their governments that they not only believe that the current people in the government will not make mistakes or abuse their powers, but that everyone who will ever be in the government will always be that way. That is just plain stupidity.

Also, the fact that it's unconstitutional in the US should make people in "the land of the free and the home of the brave" oppose it instantly. Whatever happened to the idea that we should be extremely cautious of the government? Even many of the people who say they want a smaller government support mass surveillance, which makes zero sense.

Just reverse it

[Anonymous Coward]

"If you're not doing anything wrong, then you have no reason to hide"

That's what you say if you're the aggressor. If you're the victim, you say this:

"If I'm not doing anything wrong, then you have no reason to spy on me."

This forces the aggressor to come forward and admit that he doesn't believe in one of the most fundamental concepts of justice: that individuals are innocent before proven guilty.

Re:Just reverse it

[monkeyzoo]

While I agree with you, I find that people coming from a place of fear are not swayed by these philosophical, "high-minded" arguments. They tend to think constitutional principles are all well and good in theory, but in this new, scary world, it's better to spy on everyone to prevent terrorism. I trust the reader will understand I am describing a common opinion, not defending it. For people who think like this, you have to find a way to show the harm and make them feel personal *fear* of the surveillance to counter the fear motivating their support for it, and I think Glenn's question does that.

Re:

[Anonymous Coward]

> you have to find a way to show the harm and make them feel personal *fear* of the surveillance to counter the fear motivating their support for it,

If there is one thing I've learned about the human condition, it is that most people simply can't conceive of a problem until it affects them or someone they know and identify with. For example, conservatives who are anti-gay marriage until one of their own kids comes out as gay.

I used to think that such myopia made a person venal, but it is really just a b

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[BarbaraHudson]

Ah, but do you really trust Kim DotCom? For all anyone knows, this could be part of a backdoor deal to put in back doors he's hoping to sell to the government in return for having the charges dismissed on a technicality. His motivation is $$$, not principle.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[BarbaraHudson]

Thanks. I haven't got a clue myself, so I'm going to err on the side of caution. Then again, my life is an open book, so if the government wants to rummage around in it, I really don't care. After all, everyone knows that Google does it, Facebook does it, Twitter does it, and who knows how many others?

At least with the government, they're not doing it to make a buck by selling ME to others (which is basically what happens when you are the product).

Re:

[Wootery]

Here [ssrn.com] is a (freely accessible) paper on the matter: 'I've Got Nothing to Hide' and Other Misunderstandings of Privacy.

And here [slashdot.org] is the Slashdot thread on the paper.

According to the nothing to hide argument, there is no threat to privacy unless the government uncovers unlawful activity, in which case a person has no legitimate justification to claim that it remain private. The nothing to hide argument and its variants are quite prevalent, and thus are worth addressing. In this essay, Solove critiques the nothing to hide argument and exposes its faulty underpinnings.

Re:I'm going to...

[BarbaraHudson]

So you wouldn't mind giving me the password to all your email accounts

Go right ahead. There is literally almost nothing to see there - and Google has already seen it.

Just like Facebook has already seen the private messages people send each other.

Remember - three people can keep a secret only if two of them are dead. Sharing anything with anyone puts it out there - people learn in grade school that even kids like to gossip about each other.

It used to be that people could be shamed about stuff in their private lives. Today, not so much. A politician is gay or lesbian? So? An alcoholic? So? A crackhead (Rob Ford, I'm looking at you)? So? Cheats on his wife (Bill Clinton comes to mind)? So? Is being treated for a mental illness? So? Had an abortion? So? Nobody gives a damn.

The more open we are as a society, the healthier we are. There was a time that victims of rape hid in shame. That LGBT lived in fear of being outed, and thrown in jail (Turing). That someone with a mental illness was seen as "mental" and not "ill". That teenagers who had kids were "sent away."

Most of us have evolved. We see honor killings as seriously f'd up and totally dishonerable. We see female circumcision of children as mutilation and abuse. And we also understand that the best way to remove the stigma of a problem is to talk about it openly.

TL;DR: Unless you're a hermit, privacy is and always has been a convenient social illusion with an ugly unhealthy dark side.

Re:

[russotto]

Just like Facebook has already seen the private messages people send each other.

No human has. I'm sure of this, because the overall banality of facebook messages would, if read en masse, cause an epidemic of "death by ennui"

Re:

[monkeyzoo]

And you do know that in the Snowden docs, there are actual examples of agents misusing their powers to surveil personal acquaintances and read their secrets, right? Government abuse of surveillance power to harm people is not a hypothetical concern.

Re:

[BarbaraHudson]

This is akin to saying, "go ahead, put public webcams in ALL bathrooms". You are truly a fucking moron when logic and awareness meet up.

Comparing Google or the government reading my email to a peeping tom with a webcam is kind of stupid, don't you think?

Re:

[monkeyzoo]

This is akin to saying, "go ahead, put public webcams in ALL bathrooms". You are truly a fucking moron when logic and awareness meet up.

Comparing Google or the government reading my email to a peeping tom with a webcam is kind of stupid, don't you think?

Not really, Barbara. You've written that I shouldn't feel ashamed of anything if I'm not doing anything bad. But shame is very different than feeling a sense of privacy about some things. The obvious analogy here is exactly this: Everybody poops! There is nothing to be ashamed of in pooping. And yet [almost] no one, wants to poop while people are watching. The logical extension of your argument is webcams in bathrooms; after all, when everywhere else is surveilled, it will be the bathrooms where terrorists

Re:

[monkeyzoo]

Ah, our fundamental write..?

I see what you did there...

Ah ahha. Actually was just really tired, and made a typo. Noticed it too late.

Re:

[ruir]

Do you realise there have been alternative to Windows systems for quite SOME time, right?

Re:

[Slashjones]

It sounds like the major parties want to kill people's fundamental freedoms. Bad financial policies are second to fundamental freedoms.