Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Microsoft Government Privacy Security The Courts United States

Microsoft Can't Shield User Data From Government, Says Government (bloomberg.com) 193

Microsoft is now arguing in court that their customers have a right to know when the government is reading their e-mail. But "The U.S. said federal law allows it to obtain electronic communications without a warrant or without disclosure of a specific warrant if it would endanger an individual or an investigation," according to Bloomberg. An anonymous reader quotes their report: The software giant's lawsuit alleging that customers have a constitutional right to know if the government has searched or seized their property should be thrown out, the government said in a court filing... The U.S. says there's no legal basis for the government to be required to tell Microsoft customers when it intercepts their e-mail... The Justice Department's reply Friday underscores the government's willingness to fight back against tech companies it sees obstructing national security and law enforcement investigations...

Secrecy orders on government warrants for access to private e-mail accounts generally prohibit Microsoft from telling customers about the requests for lengthy or even unlimited periods, the company said when it sued. At the time, federal courts had issued almost 2,600 secrecy orders to Microsoft alone, and more than two-thirds had no fixed end date, cases the company can never tell customers about, even after an investigation is completed.

This discussion has been archived. No new comments can be posted.

Microsoft Can't Shield User Data From Government, Says Government

Comments Filter:
  • by JcMorin ( 930466 ) on Monday July 25, 2016 @08:03AM (#52574471)
    I'm pretty sure the government in going into the direction of using only secrecy orders ALL THE TIME. Easier, no complain, no report, no end date... why using the "normal" process anyway?
    • by jellomizer ( 103300 ) on Monday July 25, 2016 @08:33AM (#52574633)

      The problem also extends that there is no consistent political representation on the issue. Democrats and Republicans are equally bad at this, and are too afraid to stand up and say. "American Rights are more important than American security." Especially as the suffering from our Rights being taken away is not showing any real benefit of security gains.

      If you are going to do something that you don't want to get caught, technology will allow you to do this, and there isn't anything that Microsoft, Google, Apple or the Government can do it stop it. However we need to be Brave enough to stick up to our rights and say, I am willing to accept less security to insure my Rights are valued.

      • by CrimsonAvenger ( 580665 ) on Monday July 25, 2016 @08:47AM (#52574697)

        Democrats and Republicans are equally bad at this, and are too afraid to stand up and say. "American Rights are more important than American security."

        Fear has nothing to do with it. They're the Rulers, and they like it that way. Keeping the peasants from getting uppity is a good thing as far as any of them are concerned.

        Remember, the more power you give a government, the more attractive it is to people who like to tell other people what to do....

    • by myowntrueself ( 607117 ) on Monday July 25, 2016 @09:55AM (#52575165)

      I'm pretty sure the government in going into the direction of using only secrecy orders ALL THE TIME. Easier, no complain, no report, no end date... why using the "normal" process anyway?

      Whats going to end up happening is that all the tech companies that are currently headquartered in the USA will move offshore. They will move all management staff offshore as well; they may have some contractors still in the USA but no high level employee will be in the USA, so there will be no one to whom a national security letter can be delivered. This would render this method of demanding secret access effectively neutered.

  • by dbIII ( 701233 ) on Monday July 25, 2016 @08:11AM (#52574515)

    The U.S. says there's no legal basis for the government to be required to tell Microsoft customers when it intercepts their e-mail

    Not really the problem, which is the legal basis of forbidding Microsoft from telling their customers that their email has been intercepted by a third party despite what agreements were in place between Microsoft and their customers.

  • If you keep your mail local you will know when the government gives you a warrant to access your server.

    • by XXongo ( 3986865 )

      If you keep your mail local you will know when the government gives you a warrant to access your server.

      If you keep your mail local it doesn't work.

      Mail is only useful when you exchange it with somebody else.

      • by I75BJC ( 4590021 )
        The implication that I understood was: RUN your own Mail Server and Domain. Don't use Google, Microsoft, Apple, Yahoo, etc. If you are in control, you will be notified (and the Feds probably won't notice that they sent the paperwork to the target).
  • by account_deleted ( 4530225 ) on Monday July 25, 2016 @08:21AM (#52574565)
    Comment removed based on user account deletion
  • Bad headline. (Score:3, Informative)

    by Anonymous Coward on Monday July 25, 2016 @08:31AM (#52574615)

    Microsoft is not in this case making any argument about shielding data from the government. This isn't a challenge to NSL's, overbroad warrants, the business records doctrine, or any other tool the government uses to access data. This shields nothing.

    This is about notifying the user AFTER the data has been accessed. The government argues even that shouldn't be allowed.

  • Why doesn't someone sue the government over this? They are circumventing Constitutional rights with this type of behavior but until it gets before the SCOTUS nothing will change.

    • Re:So, why? (Score:5, Insightful)

      by tsqr ( 808554 ) on Monday July 25, 2016 @09:03AM (#52574777)

      Why doesn't someone sue the government over this? They are circumventing Constitutional rights with this type of behavior but until it gets before the SCOTUS nothing will change.

      Probably because the people whose rights are being violated, don't have any specific knowledge that their rights have been violated. The people who know other peoples' rights are being violated (Microsoft in this example) aren't having their own rights violated. Thus, nobody has standing to sue.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      The problem comes down to a lack of standing.... unless you can be shown to be impacted by a specific action, you lack standing to sue. Since the orders are secret, no one who has tried to bring suit can be demonstrably shown to have standing, so the cases get thrown out. It's a clear demonstration of why secret orders like this make a mockery of our legal system.

    • by AHuxley ( 892839 )
      Re " They are circumventing Constitutional rights with this type of behaviour"
      Different groups have tried. http://arstechnica.com/tech-po... [arstechnica.com]
      Vast domestic spying by the NSA, CIA and other 5 eye nations as helpers should have all been fixed with the https://en.wikipedia.org/wiki/... [wikipedia.org] back in the 1970's.

      Color of law, rubber stamp courts for international collection are now been presented as useful for domestic spying.
      Also remember that vast amounts of US private sector staff looking over their own hardw
  • Canary (Score:5, Insightful)

    by Peter Mork ( 951443 ) <Peter.Mork@gmail.com> on Monday July 25, 2016 @09:08AM (#52574809) Homepage
    Sounds like Microsoft needs to start sending weekly messages to people letting them know that their data haven't been accessed by the government.
  • by Anonymous Coward

    "The U.S. says there's no legal basis for the government to be required to tell Microsoft customers when it intercepts their e-mail"

    Based on legal interpretations of the constitution you MIGHT have some bases when the targets are foreign citizens (even though the constitution doesn't mention a difference between citizen/non-citizen right most of the time) but the Fourth amendment pretty clearly intends for citizens to be notified when the government was snooping through their things (via a warrant). The go

  • by ooloorie ( 4394035 ) on Monday July 25, 2016 @09:27AM (#52574967)

    The software giant's lawsuit alleging that customers have a constitutional right to know if the government has searched or seized their property should be thrown out, the government said in a court filing... The U.S. says there's no legal basis for the government to be required to tell Microsoft customers when it intercepts their e-mail...

    The US Constitution is one of limited government and enumerated powers. I don't see a constitutional basis for the government to tell companies what they can and cannot tell their customers; which of the enumerated powers is that supposed to be?

    So, while customers don't necessarily "have a constitutional right to know if the government has searched or seized their property", the government certainly has no constitutional right to prohibit companies from telling customers anything they want.

    • Right, but how do we reverse the trend of consolidating and increasing power in D.C., at the expense of the people and the states?

      It seems no one (outside a small minority) cares about limited government, enumerated powers, the Tenth Amendment, or why we're in a state of perpetual war without a declaration from Congress.

      Since I don't see a Cincinnatus or Washington on the horizon, I suspect economic disaster, coupled with a deeply unpopular president (say Clinton or Trump), could force the people to finally

      • Right, but how do we reverse the trend of consolidating and increasing power in D.C.

        I think the US naturally tends to decentralize. New technologies tend to erode existing power structures (web, Bitcoin, designer drugs, 3D printing, sharing economy, etc.). It takes a lot of work to maintain consolidated, centralized power.

        I think the best way to disrupt centralization is through creating new technologies faster and faster. Think of it as Malthusianism applied to government: technology grows geometrically, b

    • So, while customers don't necessarily "have a constitutional right to know if the government has searched or seized their property", the government certainly has no constitutional right to prohibit companies from telling customers anything they want.

      https://en.wikipedia.org/wiki/Necessary_and_Proper_Clause

      If you grant that the government has a legitimate national security interest in keeping the inquiries quiet, the courts will rule that the Necessary and Proper Clause authorizes the gag orders.

      • If you grant that the government has a legitimate national security interest in keeping the inquiries quiet, the courts will rule that the Necessary and Proper Clause authorizes the gag orders.

        There is nothing in the article that suggests that these gag orders are limited to national security matters. And in fact, neither Microsoft nor I are arguing that the federal government can never impose gag orders. What they and I are saying is that the federal government can't just impose gag orders because it feels

  • How long until the Supreme Court settles whether encrypted text constitutes protected speech?
  • by Holi ( 250190 ) on Monday July 25, 2016 @10:13AM (#52575279)
    This is the very reason. For some reason my safety deposit box is protected from this crap, but if my documents are digital and are stored in the cloud equivalent then all my rights go away?

    SCOTUS somehow found a bunch of exceptions in this sentence:
    "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.".
    Not sure what language they are using for their interpretation but it must not be English.
  • by Shadow IT Ninja ( 3891909 ) on Monday July 25, 2016 @11:37AM (#52575973)
    I think there are two main reasons to agree with Microsoft. In legal terms, there is long established case law that Fourth Amendment protections apply equally to renters as well as property owners. Microsoft is in the same position with respect to on-line assets as a landlord is to physical property. The landlord has to respect the tenant's privacy.

    In terms of public expectations, I have discussed the issue of technical privacy concerns with non-technical people on many occasions and they expect the software vendors, on-line providers and other experts to protect them. That includes Microsoft. There is a popular belief among technical people that ordinary people must not care about their privacy because they do nothing to protect it. However, when I have pressed ordinary people to explain why they don't protect their own privacy, it boils down to two things. First, they don't know how to do id and presume any technical measure they take on their own behalf is likely to fail. Also, they presume that the experts have reviewed license agreements and privacy policies and won't let anything too outrageous stand for long. Second, many people are afraid that any (probably ineffective) measure they take to protect their own privacy is only likely to draw attention to them as someone who has something to hide. So, according to what I see, the consensus is that experts should be the ones to protect privacy and these protection measures should apply to everyone by default.
    • You forget the 3rd option: the government won't let you. The only way to protect your information is to encrypt it and the government does not want you to do that, go to the degree of saying you should not be allowed to encrypt your information since it might be involved in a criminal investigation.
  • Seems like we all need something evidentially tempting randomly added by us to our data that is way too good not to follow up, which is in actuality a honey trap.

    For example, buried in your email is a URL associated with something like "Don't tell the cops but this is where/how you get the good stuff". If LEO follow this up by browsing to this URL, it captures all the info it can about the visitor and sends it to you or a trusted third party. Which suggests to them that interception is occurring.

Understanding is always the understanding of a smaller problem in relation to a bigger problem. -- P.D. Ouspensky

Working...