Hacking Victim Can't Sue Foreign Government For Hacking Him On US Soil, Says Court

According to Motherboard, a court of appeals in Washington D.C. ruled that an American citizen can't sue the Ethiopian government for hacking into his computer and monitoring him with spyware. "The decision on Tuesday is a blow to anti-surveillance and digital rights activists who were hoping to establish an important precedent in a widely documented case of illegitimate government-sponsored hacking." From the report: In late 2012, the Ethiopian government allegedly hacked the victim, an Ethiopian-born man who goes by the pseudonym Kidane for fear for government reprisals. Ethiopian government spies from the Information Network Security Agency (INSA) allegedly used software known as FinSpy to break into Kidane's computer, and secretly record his Skype conversations and steal his emails. FinSpy was made by the infamous FinFisher, a company that has sold malware to several governments around the world, according to researchers at Citizen Lab, a digital watchdog group at the University of Toronto's Munk School of Global Affairs, who studied the malware that infected Kidane's computer. The U.S. Court of Appeals for the District of Columbia Circuit ruled that Kidane didn't have jurisdiction to sue the Ethiopian government in the United States. Kidane and his lawyers invoked an exception to the Foreign Sovereign Immunities Act (FSIA), which says foreign governments can be sued in the U.S. as long as the entire tort on which the lawsuit is based occurred on American soil. According to the court, however, the hacking in this case didn't occur entirely in the U.S. "Ethiopia's placement of the FinSpy virus on Kidane's computer, although completed in the United States when Kidane opened the infected email attachment, began outside the United States," the decision read. "[It] gives foreign governments carte blanche to do whatever they want to Americans in America so long as they do it by remote control," Nate Cardozo, a staff attorney at the Electronic Frontier Foundation, a digital rights group who represented Kidane in this first-of-its-kind lawsuit, told Motherboard.

What's good for the goose is good for the gander

[Anonymous Coward]

The CIA has been doing this for ages.

Re:What's good for the goose is good for the gande

[Luthair]

The gander I'm wondering about are people who have hacked US government systems while not on US soil. Seems like the US should not be able to extradite them either....

Re:

[Anonymous Coward]

No, it only applies to governments and those working for them, not individuals.

Re:

[zlives]

be a mouse that roared.

Obviously this requires new legislation

[Baron_Yam]

Look at what would happen if you shot an American on American soil from Canada or Mexico.

Now get your lawmakers to apply that same logic to digital aggression and draft some new legislation for what happens if you commit a computer offence against someone across legal jurisdictions.

Re:

[Anonymous Coward]

Nothing is stopping them from suing in Ethiopia. Or, in your case, in Canada or Mexico.
Plus, this is about a citizen suing a foreign government, not another individual. Totally different laws.

Re:

[fred6666]

Or, in your case, in Canada or Mexico.

Of course nothing is stopping him from suing, except for the slight annoyance of being dead.

Re:

[dbIII]

Liberals like George Washington and Thomas Jefferson?
It's by design to stop things like absolute rule by a King and balanced by other powers.

If you want something other than what's in the constitution then feel free to go ahead and try to get it changed.

Re:

[Nephandus]

Seriously? They were libertarians using modern terminology. "Classically" liberal isn't "socially liberal". "Socially liberal" isn't really liberal at all but owns the word now. The "living Constitution" is the notion that the judiciary can rewrite ("reinterpret') the Constitution without bothering with amending (even when history has them dead to rights about the original intent). It's how the 1st's "no law" becomes any law they feel like with a clear obscenity exemption, which supposedly prompts the need

It is a threaded discussion with posts above

[dbIII]

Take it up with the GP poster who blamed the entire US system, devised by Washington, Jefferson etc on liberals.
I thought I was being obvious enough but perhaps I should have put liberals in quotes.

Re:

[Nephandus]

"Living constitution" isn't the proper US system. It's a wink-wink-nudge-nudge farcical revisionism that ignores original intent gleefully. The socially liberals ARE heavy proponents of the lie, though conservatives didn't help. They love their illiberal nanny and police state, which are both unconstitutional, unless you squint then look at some other document completely.

Re:

[dbIII]

Once again, perhaps it's best to take it up with the person using such a ridiculous phrase instead of the person that is being critical of them. I don't really see anything in your post to disagree with apart from perhaps blaming the left for the majority of it. What could possibly be more "nanny state" than passing laws about what adults can do in their bedrooms? What could be more "nanny state" than treating miscarriages as murder?

Re:

[Nephandus]

Oh sure, "crimes against nature" as defined by what were grassroots/localized-pockets of christfags is insane and violates the spirit of the constitution but doesn't come close the "New Deal" conspiracy from on high. Abortion? Uh... if you actually believe what most of the country supposedly believes, then majority of the US are hypocrites on that issue. Funny how sacrosanct feely mojo makes fetal death in preggo assault to be murder, but holy mothers are suddenly another matter for signing up to destroy th

Re:

[CrimsonAvenger]

Look at what would happen if you shot an American on American soil from Canada or Mexico.

Better, look at what would happen if a Mexican soldier shot an American on American soil.

Hint: "Act of War" comes to mind, but "I'll sue, I'll sue!!" doesn't....

Re:Obviously this requires new legislation

[Impy the Impiuos Imp]

There's a case winding its way through courts right now where a US agent, inside one of these border airlock areas, controlled by the US but partially on Mexican soil, shot at a someone and the bullet accidentally killed a Mexican on the Mexican side inside. Can his estate sue the US?

You'd be surprised what a mess the case is.

Re:

[Anonymous Coward]

>accidentally (??!!??) I'm not sure you know what that word means,

http://ct.fra.bz/ol/fz/sw/i57/5/10/9/frabz-you-keep-using-that-word-i-do-not-think-it-means-what-you-think--06b6e3.jpg

The reason this is getting so much press is the boarder officer purposefully shot three times at the mexican juvenile, because he was mad the kid originally evaded him. The officer did not 'accidently' anything. He was hot under the collar, the kid ran away, and while hiding behind a cement pillar from the

Re:

[sit1963nz]

But when an American shoots over the boarder and kills a mexican teenager the USA refuses to hand the person over for prosecution

Re:

[coofercat]

What would happen if this case went ahead? Would the Ethiopian government send a representative to the trial? Probably not. Let's say then that they're convicted in-absentia. Now what? Do you arrest the Ethopian Ambassador next time he comes out of the embassy until he pays up the damages/fines? Is he/she responsible? Of course not. So do you jail him/her for non-payment? Do you expel them from the country? The actual government of Ethopia can quite reasonably state that they don't recognise the US courts,

Re:

[Anonymous Coward]

What would happen if this case went ahead? Would the Ethiopian government send a representative to the trial? Probably not. Let's say then that they're convicted in-absentia. Now what? Do you arrest the Ethopian Ambassador next time he comes out of the embassy until he pays up the damages/fines? Is he/she responsible? Of course not. So do you jail him/her for non-payment? Do you expel them from the country? The actual government of Ethopia can quite reasonably state that they don't recognise the US courts, and so unless the case is tried in Ethopia, no judgement stands. So exactly what would a case 'won' in the US actually do?

I realise the law doesn't really concern itself with practicality, but you have to wonder what good it would do to allow this case to go ahead.

Pass a law allowing those who've won lawsuits against foreign governments to garnish aid money.
If your government harms our citizen, know that our citizen will be made whole before we aid your government.

Re:

[Impy the Impiuos Imp]

Most high foreign officials keep money safely in US banks even as they decry how ebul the US is.

Re:

[silas_moeckel]

You can seize fund help by the Ethiopian government in US banks or ones in countries we have treaties with that allow such judgments. Or more realistically you take it out of the pile of cash we send them in aid.

Re:Obviously this requires new legislation

[Jaime2]

It goes both ways. We are currently using the principle behind this law to shield drone pilots from repercussions. There's also this [cnn.com] case where the US says a border guard was within his rights to shoot a man in Mexico.

Given what we have to lose, it's unlikely that the US government will change its position on this issue.

Re:

[Ritz_Just_Ritz]

I doubt you'll see any real action in that regard since that would force them to deal with the rampant cybercrime (financial and other) coming from China, Russia, and Eastern Europe. With the exception of a few pin pricks here and there, that has been allowed to continue for years.

Re:Obviously this requires new legislation

[Ranbot]

There actually is a precedent allowing American citizens to sue other countries that support terrorism under the Foreign Sovereign Immunities Act of 1976, but I assume the court decided Ethiopia's hacking was not an act of terrorism.
Wikipedia: https://en.wikipedia.org/wiki/... [wikipedia.org]
Flatow v. Iran case details: http://www.leagle.com/decision... [leagle.com]

I only point this out because the degree of legislation or judicial interpretation might be much less than people assume.

If anyone is interested in the Flatow v. Iran case and it's aftermath NPR's Planet Money did a great podcast on it: http://www.npr.org/2017/01/12/... [npr.org] (I swear it's not left or right leaning story)

Re:

[Ranbot]

If anyone is interested in the Flatow v. Iran case and it's aftermath NPR's Planet Money did a great podcast on it: http://www.npr.org/2017/01/12/... [npr.org] (I swear it's not left or right leaning story)

Apologies... I posted the wrong NPR link. Here's the full Planet Money podcast: http://www.npr.org/sections/mo... [npr.org]

Re:

[Anonymous Coward]

Look at what would happen if you shot an American on American soil from Canada or Mexico.

Obviously you sue them in Canada or Mexico, or request their extradition?

A federal judge in Arizona has ruled that a Mexican family can sue the Border Patrol over the death of a 16-year-old boy who died in Mexico but was struck by bullets fired from the U.S. side of the border. Jose Antonio Elena Rodriguez, 16, was shot eight times in the back by Border Patrol Agent Lonnie Swartz on Oct. 12, 2012. [latimes.com]

But apparently some think that shouldn't happen absolutely anything.

The Border Patrol argued through its agent’s union attorney, Sean Chapman, that Rodriguez had no right to sue in the United States because a Mexican national killed on Mexican soil is not entitled to protections of the U.S. Constitution.

Re:

[aicrules]

You wouldn't be able to sue them in US Court.

Re:

[CaptainDork]

Nah.

Legislation is not appropriate.

The word you're looking for is, "treaty."

Legislation by America is one-sided and has no standing in jurisdictions of other sovereign countries.

Re:

[Baron_Yam]

Legislation is appropriate. Half the crime happened in the US. Or, to be more accurate, a crime happened in the US and (depending on the foreign nation) may also have happened elsewhere. Legally, separate crimes.

Treaties come up once you've locked down the legislation component and you're worried about extradition.

Then again, there should already be a law on the books to cover the US side of this issue. It's not like enough of this kind of thing hasn't happened within the country.

Re:

[CaptainDork]

Moot.

The United States can write legislation all it wants to, but without cooperation from the foreign government, it's legislative masturbation.

Re:

[sjames]

It would have standing here in the U.S. where Ethiopia keeps a fair bit of money.

Re:

[CaptainDork]

The attack came (allegedly) from the country of Ethiopia, not

here in the U.S. where Ethiopia keeps a fair bit of money.

Re:

[sjames]

It doesn't matter if the suit is allowed to take place in the U.S. where the courts have jurisdiction over the U.S. banks where the Ethiopian government keeps it's money. If the Ethiopian government loses, the courts can order the banks to transfer the award to the plaintiff.

Re:Obviously this requires new legislation

[sit1963nz]

Or, as has actually been the case, an American shot and killed an unarmed Mexican teenager on Mexican soil and the US government has refused to extradite him for criminal prosecution in Mexico.

US airforce pilot breaking the rules/laws in Italy while hot dogging hit and broke the cables for a gondola killing some people, the US very quickly returned the guilty parties to the USA and refused to extradite them to face criminal charges.

Yet the USA is demanding Kim Dotcom be extradited to the USA when he (at the time) broke no New Zealand laws.

Re:

[dcw3]

No...

Italian prosecutors wanted the four Marines to stand trial in Italy, but an Italian court recognized that North Atlantic Treaty Organization (NATO) treaties gave jurisdiction to U.S. military courts.

Re:

[BitterOak]

Look at what would happen if you shot an American on American soil from Canada or Mexico.

The key word in the above sentence is "you". The basis on which the judge dismissed this claim is the Foreign Sovereign Immunities Act, which immunizes foreign governments from suits by Americans in U.S. courts except in cases where the complete tort occurred on U.S. soil. The key word there is governments. Private citizens can still be sued, so I don't recommend you personally shoot someone across the border unless you are doing so as a government agent. As other posters have pointed out, this kind of

Re:

[knorthern knight]

> Look at what would happen if you shot an American on American soil from Canada or Mexico.

Or how about a US Border Patrol agent killing a Mexican teenager on the other side of the border? He's been indicted http://www.npr.org/2015/10/09/... [npr.org]

It's not the first such incident, but it is the first indictment. Shit like this may convince Mexico to build a border wall in self-defense.

They have to protect the British Government

[Anonymous Coward]

If the US wants spy on a US citizens computer, they contact the British Government, allow the British Government to hack and break in and collect all the data necessary.

100% legal since the US government doesn't do it. But then the British Government hands all data over to the US agencies and parallel construction method is dreamt up.

If they allowed this case for Ethiopia they would have to allow it for the British Government. Can't have that happening.....

Captcha: poetic

Re:

[Anonymous Coward]

If the US tasks the Brits to do it, it's still illegal. If the Brits manage to scoop up the data based on their own independent collection plans and efforts, then it would be legal.

But if a Jack Ryan at the CIA calls up MI6 and asks M to have 007 hack and spy on you and then turn the results over to Jack Ryan, 007 is acting as an agent of the US government and the collection of intelligence is illegal. If M tasks 007 to hack random US citizens looking for evidence of terrorist links that are a threat, or

Re:

[Anonymous Coward]

CIA: "MI6, please don't spy on Jack Ryan, he is not a person of interest."
MI6: "Sounds pretty interesting to us."
CIA: "Oh. I guess you can do whatever you want independently. We'll let you know the next time we have someone uninteresting for you to not spy on. Is there anyone in UK you want us to avoid spying on?"

Re:

[sjames]

Call up MI6. "You don't happen to have any dirt randomly collected on AC, do you?", "Well should you totally at random happen to collect info on AC in the future, could you send it along? Thanks!".

The law is for peons.

Re:

[AHuxley]

Project MINARET https://en.wikipedia.org/wiki/... [wikipedia.org]
"The GCHQ handed over intercepted data of Americans to the U.S. government."

Re:

[sasparillascott]

On the one hand you're correct, it appears the British vacuum up whatever the NSA / FBI don't already of U.S. citizen communications etc. and then pass that information back to each other - that is their five eyes partnership, getting around any legal monitoring your own citizen laws (violating the spirit / intent of such laws though).

However this just looks like the Judges are limited by the way the law was written that they are having to use - which says the whole thing has to happen on U.S. soil - w

Re:

[CaptainDork]

A change in our legislation won't do it.

We can write laws until we're blue in the face.

The foreign, sovereign government can tell us to get fucked.

It can, and does, work both ways.

They protect their citizens from foreign laws just as we do.

Re:

[dcw3]

Except that there have been numerous cases of the U.S. seizing assets of foreign governments. They've done so with Iran, Russia, and others. Do you really think they'd be afraid to do so with Ethiopia?

Re:

[CaptainDork]

... they'd be afraid ...

Hacking Victim Can't Sue Foreign Government For Hacking Him On US Soil, Says Court

There is no "they," right?

Re:

[dcw3]

A change in our legislation won't do it.
We can write laws until we're blue in the face.
The foreign, sovereign government can tell us to get fucked.

There is no "they," right?

Doh

Re:

[unixisc]

Actually, that's how the Obama administration may have spied on Trump Towers w/o involving any of the agencies that now report to Trump. They must have realized that had Trump won, all the secrets of their chicanery would have been there at his fingertips, enabling him to toss their sorry asses in jail. So they may have had UK's GSHQ to spy on Trump and report back directly to Obama or the Hilary campaign, keeping US Intel totally out of it so that they'd have credible deniability when Trump tweeted what

Re:

[unixisc]

The last point is BS, but the 2nd one is plausible - they may have had go-betweens in order to have plausible deniability

Also, correction to my above statement - I should have typed GCHQ rather than GSHQ - forgot the exact initials

BTW

[Anonymous Coward]

The US government uses foreign governments to spy on US citizens, just because the US isn't allowed doesn't mean the NSA/CIA/FBI don't use foreign governments to do their work for them...
People in the US are the most tracked people online by foreign countries, because many white extremists fund Islamic terrorism just because that is in their best interest (even though you're more likely to get killed by thunder than by a terrorist, about 100,000 people die of extremism each year ON THE WORLD!!! 56 million d

Re:

[Nutria]

Different country, different laws, different crime (civil vs. criminal).

Now imagine the opposite...

[JasterBobaMereel]

What if they allowed this, and then massive numbers of people sued the US government in their own courts

Re:Now imagine the opposite...

[ledow]

Exactly the reason they know they can't allow it.

I - as an EU citizen - would be perfectly entitled to sure the US government if there was any hint they were accessing my data (e.g. Facebook, Microsoft, etc.) - as they have requested of a number of multinational tech companies.

That would be a can of worms that they would not won't opened.

Re:

[ledow]

God, my English has deteriorated beyond comprehension. Sorry!

Letter bombs... incoming!

[fgouget]

According to the court, however, the hacking in this case didn't occur entirely in the U.S. "Ethiopia's placement of the FinSpy virus on Kidane's computer, although completed in the United States when Kidane opened the infected email attachment, began outside the United States,"

So based on this decision a foreign government can also send letter bombs [wikipedia.org] to get rid of dissidents and be safe from lawsuits by any relatives since, in the words of the court, "although the bomb exploded in the United States when the recipient opened the booby trapped letter, the attack began outside the United States".

So besides squashing this lawsuit will the US do anything?

Been done as a car bomb, nobody charged

[dbIII]

Some years back the Chilean government murdered a guy they didn't like with a carbomb in Washington D.C. It somewhat annoyed the Reagan government but the perpetrators were released without charge. When governments break laws in other nations it tends to get sorted out with diplomatic shouting instead of anything related to the rule of law.

Re:

[dbIII]

I was a bit incorrect - it was in 1976 and the FBI worked hard at tracking down people that other agencies appeared to already be aware of (operation condor). Eventually diplomatic deals were made and some people did a token amount of time for the crime.

Retarded Summary

[Notabadguy]

"Hacking Victim Can't Sue Foreign Government For Hacking Him On US Soil, Says Court "

It SHOULD say "US Court Rules that it lacks jurisdiction to hear a lawsuit against a sovereign government by a private citizen."

It didn't say that the hacking victim can't sue the Ethiopian government, just that he can't sue the Ethiopian government in U.S. Court. Sounds like the U.N. or the African Council of Nations, or another international body - someone that has any purview over the Ethiopian government would be the place to go.

Otherwise, we'd have every-day, all-day long lawsuits of individuals against governments around the world - further clogging up our courts - with people expecting the U.S. to uphold their private agendas against other countries.

Re:

[Notabadguy]

" the African Council of Nations, .

Never heard of this organization.

https://en.wikipedia.org/wiki/... [wikipedia.org]

The African Union. Created in Ethiopia. Ethiopia....where this one guy is trying to redress a hacking problem.

Re:

[fish_sauce]

"we'd have every-day, all-day long lawsuits of individuals against governments around the world - further clogging up our courts - with people expecting the U.S. to uphold their private agendas against other countries."

This make me think of copyright cases and private companies agenda. How american companies are crapping allover the planet with "blah blah you must follow american laws because of we say so" and american government backs them up. Hypocrisy and double standard.
Another legitimate reason people

PERFECTLY OK

[Steve Jackson]

They are making RETALIATION HACKING legal very soon... Start Making Honeypot Systems, that do NOTHING but infect the systems that attack them. BAIT THEM OUT AND DESTROY THEM! (Soon to be Legal in your home town!)

The federal government won't side with him

[DeplorableCodeMonkey]

"[It] gives foreign governments carte blanche to do whatever they want to Americans in America so long as they do it by remote control,"

When a US citizen is meddling in the affairs of a foreign government, on their own soil, with their own people, the US government is stuck between a rock and a hard place. Whether or not to assist is no longer a matter of principle, but prudence. The court got it right because you cannot sit on US soil and remotely target a foreign government and then cry uncle when they re

No people should not be allowed to sue

[DarkOx]

No people should not be allowed to sue foreign governments for this type of attack. Its not a job for the courts. The Executive should treat attacking a US Citizen on our on soil and act of war however. This sort of thing out to trigger an immediate response, at the very least cessation of all foreign aide to the nation in question and a banking sanctions against the government.

Send a strong and clear message this WONT be tolerated!

Comment removed

[account_deleted]

Comment removed based on user account deletion

Stupid

[thunderclees]

I suppose the prices for bribing a judge have gotten down to the level where even the skinnys can afford one. This makes no sense since they are pushing to make it legal for foreign governments to be able to sue US citizens for piracy and possibly other breaches of us law.

This isn't new

[drew_kime]

For a while lots of telemarketing scams were located in Texas. Multiple people around the U.S. had tried to sue them for fraud, but the Attorney General of the victim's state would say they had no jurisdiction, and the Texas AG would say that his mandate was to defend citizens of Texas.

So as long as you made the call from Texas into another state, no one would take the case.

Note that yes, there were clearly interstate commerce laws being broken, but no one would prosecute.