back to article Feds want to fine companies that refuse wiretap requests

Draft legislation to impose fines on companies that refuse to provide wiretap facilities to US federal agents is in the planning stages, government officials have told the Washington Post under condition of anonymity. Initial plans are for an automatic fine for refusal in the range of tens of thousands of dollars, an amount …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Dangerous thinking ..

    It's no wonder that so may cloud providers are now promoting the fact that their data centers aren't in the US.

    It's not the physical location of the servers that puts them under federal jurisdiction. It's the fact they are operated by US-based companies.

    If Microsoft (for example) were slapped with a request for data, then they would have to comply. No matter where their servers were.

    Personally, I've suggested avoiding any dealings with US companies that could hold our data - and a regular review to ensure that the takeover waltz doesn't change things in the background.

    Oh, yes, and *all* data to be encrypted before leaving our network.

    1. localzuk Silver badge

      Re: Dangerous thinking ..

      I don't know that that is completely true. If the servers were operated by a foreign subsidiary - like is done for tax purposes, then that subsidiary wouldn't fall under the US's jurisdiction I don't think? Not to mention, if the US request would breach local laws, the company could be in serious trouble for complying.

      Eg. EU data protection laws as compared to this.

      1. Anonymous Coward
        Anonymous Coward

        Re: Dangerous thinking ..

        Well. So much for the US Constitution.

      2. Anonymous Coward
        Anonymous Coward

        Re: Dangerous thinking ..

        You are totally wrong.

        congress passed a law extending the jurisdiction of all Federal US laws to the whole planet. Thus the operations in the EU by a company that even just has a small office in the US is subject to US laws.

        If said company wants to continue to do business in the US then they will kneel down and take their shafting nicely.

        Do not have anything to do with a company that trades in the US when it comes to your data. It is fully open to access by Uncle Sam and there is sod all you can do about it.

        1. Anonymous Coward
          Anonymous Coward

          Re: Dangerous thinking ..

          > congress passed a law extending the jurisdiction of all Federal US laws to the whole planet.

          The US congress can say what they fscking well like.

          In practice, they have no means to implement those laws in foreign countries. They could take their ire out on companies that operate in the US, but they cannot compel a US company to make a foreign company break the laws of another country where they are operating.

          1. Anonymous Coward
            Anonymous Coward

            Re: Dangerous thinking ..

            you have obviously never lived or worked in the US.

            all sorts of pressure (legal)can be applied making it very difficult for that company to continue to operate in the US.

            In practice companies just roll over and give the Feds everything they want especially if the company is Incorporated in the US.

            All it takes is for one Fed dept to make one phone call to say the IRS and you will be knee deep in tax inspectors for the next year. Or to the DHS/INS and suddenly all your key workers green cards are invalid, key personnel can't travel because they have appeared on 'No-Fly' lists.

            You bank accounts become frozen for no apparent reason making you unable to pay your workers.

            Photoshopped pictures of you with your 'mistress' appear in the press.

            etc

            etc

            etc

            Do not underestimate what Uncle Sam can do if they put their mind to it.

            There have been cases where even German Records have been turned over to the Feds despite German Privacy laws and the courts prohibiting it. By the time they got involved, the damage was done.

            The moral is, never put any of your critical data outside your own direct control and most certainly not under the control of hosting/cloud companies such as MS or Amazon. You might as well just sign that data away from day 1.

            1. Yet Another Anonymous coward Silver badge

              Re: Dangerous thinking ..

              Ironically the safest place to put your data would now be on a cloud server owned by a Cuban/Iranian/Russian company

          2. Terry Cloth
            Pint

            Would that it were so.

            I don't know what law the grandparent poster (AC) is referring to, but you only have to look at ACTA (http://en.wikipedia.org/wiki/ACTA) to see an example of the U.S. using its economic weight to force other countries to do the bidding of American corporations. For rampant privacy invasion, check the PNR (http://en.wikipedia.org/wiki/Passenger_Name_Record) history, in which the U.S. pressured the EU into sending passenger info to the TSA before the flight leaves. They ``promised'' it would be used only for anti-terrorist purposes, but they've reneged on that, and roughly the entire federal government now has access to the data.

            So long as the U.S. packs sufficient clout to present a credible economic threat to its subject nations, we're all screwed. The way things are going, though, maybe the U.S. economy will weaken so much that no one cares anymore.

            [Beer because that's what I'm drinking now. Maybe it'll help me feel better about all this.]

          3. Cpt Blue Bear

            Re: Dangerous thinking ..

            "They could take their ire out on companies that operate in the US, but they cannot compel a US company to make a foreign company break the laws of another country where they are operating."

            Don't be naive - they can and they have. Just ask a Canadian bank or the government of a Caribbean island..

      3. Vimes

        Re: Dangerous thinking ..

        Don't rely on your own national laws to protect you.

        http://www.computerworld.com.au/article/413379/australian-based_data_subject_patriot_act_lawyer/

        From the article:

        Data located in Australia but owned or operated by a US company could be accessed under a Patriot Act request, even if this violates National Privacy Principles, a legal expert has warned.

        Connie Carnabuci, a partner of the law firm Freshfields Bruckhaus Deringer, said that under the Act which was passed in 2001, US authorities have the ability to pass orders for the disclosure of non-US data that is stored outside the country. “The basis for that disclosure is that you have to establish a sufficient connection with the US,” she said.

        “One is that you have a US company with foreign subsidiaries outside the US, such as a service provider setting up in the Asia Pacific. The second might be that you have a non-US company that sets up a US subsidiary.”

    2. LarsG
      Meh

      Re: Dangerous thinking ..

      Erosion of your rights by Big Brother who thinks he knows what is best for you.

      We live in dangerous times.

    3. JCitizen
      Facepalm

      Re: Dangerous thinking ..

      I've never agreed with the intrusive thinking in the Patriot Act - all we needed was inter departmental sharing to prevent the next 911, in fact we had the information to prevent the original 911 already! It is just ridiculous how we Americans "The land of the brave" got wimpy and caved to the alarmist gubbamint controllers on this!

      We in the US need to remember we are not a bunch of crybabies, and get rid of this waste of tax payer dollars. I don't care if it leads to the occasional Boston bombing, we should have guts enough to take in in the shorts once and a while - Did the Londoners whine and complain during the Blitz!?

      We are turning into a bunch of PANSIES over here!

  2. Roger Stenning
    Thumb Down

    Bloody dangerous move this.

    Not just for civil and criminal rights, but the thin end of the wedge for government to get at all personal data, how so ever innocent, without a properly heard warrant; privacy groups should be jumping on this like rabid Mongeese.

    1. Anonymous C0ward
      Coat

      Re: Bloody dangerous move this.

      Geese have Down syndrome too?

  3. Pirate Dave Silver badge
    Pirate

    But...

    ""We don't have the ability to go to court and say, 'We need a court order to effectuate the intercept.' Other countries have that."

    Eh, didn't most other countries also used to have Kings, Emperors, and other various despot rulers? But, um, not the US, right? So maybe since our FBI is saying we need what other countries have, we should allow $Deity to ordain our next leader, and he/she can be leader for life. Perhaps, even, we should model ourselves after North Korea, as they are a fine example of Democracy and Liberty done right. Pity the FBI, as the current Constitution has stripped them of far too many of the possible powers and abilities that they need to keep the sheeple safe.

    1. Paul Hovnanian Silver badge

      Re: But...

      "We don't have the ability to go to court and say, 'We need a court order to effectuate the intercept.' Other countries have that."

      I remember the good old days when we (the USA) used to have that as well.

      When it was a matter of waking up a judge to get a warrant signed before sending a technician to the telco central office to physically clip a tap onto a subscriber loop it wasn't an issue. The FBI worked with the limitations. Now that the technology allows 'drag and drop' tapping, suddenly the delay is intolerable.

      Sure, my ISP will comply. Just send in the work order (still on triplicate carbon paper) and our IT tech will chase the subnet under the raised floor and plug you in to the proper subnet router. Just wait your turn while he is crawling around under the secretaries desks, fixing the office PC drops. Priorities, you know.

    2. Tom 35

      Re: But...

      So what happens when they go to some ISP and are told their target is using encryption and the ISP can't provide the data?

      ISP gets fined?

      1. Justicesays
        Big Brother

        Re: But...

        Depends on how the encryption is implemented I guess.

        For your bog standard SSL , a stealth redirect of your DNS and IP traffic through a MITM snoop server that either fakes up the certificate, or they lean on the actual issuer to give them the private key using the same powers.

        Symantec (Verisign/Noron) are US based,

        Comodo? US Based

        Digicert? US Based

        Entrust? US Based

        GlobalSign? US Based

        GoDaddy? US Based

        TrendMicro are Japan Based, not sure that is going to help much though.

        For more serious encryption regimes, then I guess they will have to break in and put the bugs on your keyboard etc. as normal.

  4. Anonymous Coward
    Anonymous Coward

    Qui Custodiet Custodes

    For most of human history, no entity could look at people's mail, except in dictatorships. We are giving bureaucrats far too much power to control us, all for a little extra security.

    Note that this only impacts people in the US. Foreign bad guys and cyberspies are exempt. The NSA mission has expanded from extra-territorial communications to all communications, for no better reason than control is power.

    It's time to stop this before we all devcide we'd be better of in Russia or China!

    1. andreas koch
      Happy

      @ AC 1858GMT - Re: Qui Custodiet Custodes

      >

      It's time to stop this before we all decide we'd be better of in Russia or China!

      <

      That's OK, just go, as long as you keep buying iPhones.

  5. Barrie Shepherd

    More Scope Creep

    "Federal forces protest that they have been outfoxed by moves such as the shift to https and messaging encryption,"

    And they will continue to be so. If if they are outfoxed what is the point of additional laws? The crims they are after will always be one step ahead and the "Federal Forces" know that - but it seems like a good excuse for having laws which will scope creep so that the whole, nominally law abiding population, can be monitored and their privacy invaded..

  6. David 45

    Paranoia

    Sheer paranoia......That is all. Over and out.

    1. O RLY

      Re: Paranoia

      Who is being paranoid, exactly?

      And just because you're paranoid, doesn't mean they're not after you.

  7. Rukario

    > "...There are a number of serious unintended consequences with this flawed proposal."

    Fixed:

    "...There are a number of serious intended consequences with this flawed proposal."

  8. Anonymous Coward
    Anonymous Coward

    Rights of citizens must be equally upheld

    Our governments have a history of misusing their 'right' to spy on us which doesn't inspire confidence that they are working for the public good.

    I think we need an independent, elected overseer who is provided details and motive for every wiretap / search warrant etc. (they must be bound to keep those details secret). If there are indications that those rights are being misused they can raise a general alert to the public and an investigation can be requested.

  9. ItsNotMe
    Unhappy

    What the heck...

    ...we don't need no stinking Constitution anyway.

    Bush II (a.k.a. The Shrub) did a pretty good job of circumventing it for the 8 years he was on the throne, and now it seems like Obama is carrying on the same path.

    What a country.

  10. Henry Wertz 1 Gold badge
    Trollface

    Is that what it's really about?

    Is it really about companies refusing court orders and warrants? Or is it (as I suspect) about companies refusing illegal warrantless wiretaps and various "letters" and "procedures" (which are also illegal) that the feds now like to use? If so, well, those are illegal and if I were running a company I would refuse them too.

    1. PT

      Re: Is that what it's really about?

      those are illegal and if I were running a company I would refuse them too.

      Indeed, and the world would applaud you for it. Then you would pay, like Joseph Nacchio, former CEO of Qwest.

      1. Henry Wertz 1 Gold badge

        Re: Is that what it's really about?

        "Indeed, and the world would applaud you for it. Then you would pay, like Joseph Nacchio, former CEO of Qwest."

        This is true. And people should read about this. Pretty ridiculous. He followed the law (advised those requesting warrantless wiretaps that he and his company would be open to fines and sanctions without proper warrants and they would not do it.) A few large contracts were cancelled and given to AT&T instead. Then, he was brought up and convicted on insider trading charges related to claims he knew ahead of time these contracts would be cancelled.

  11. 404

    Freedom of Information Act

    *Just* read a story somewhere that Federal officials are using a communications loophole by texting rather than email or paper trail.

    Double standards and exemptions from the law is getting real old, real fast.

  12. Anonymous Coward
    WTF?

    > effectuate the intercept.

    Only in America would the English language receive so much torture.

    1. Irony Deficient

      immanentize the eschaton

      skelband, … so much torture enhanced interrogation. Dayorder is unownlifewise consume prolefeed.

  13. tempemeaty
    Big Brother

    Big Brother is Now

    Good old fashion Tyranny now has arrived in the USA, it's the Corporate-Federal collaboration Government.

    1. Eddy Ito

      Re: Big Brother is Now

      It's been here for years but it's only now that they have become so brazen where they really don't give a shit if everyone knows about because it's far too late. One of the reasons they have paid so close attention to the Arab spring uprisings is to learn what countermeasures are the most effective.

  14. Anonymous Coward
    Unhappy

    Sigh.....

    "We don't have the ability to go to court and say, 'We need a court order to effectuate the intercept.' Other countries have that. Most people assume that's what you're getting when you go to a court."

    I remember when this country used to be free.....

  15. Aitor 1

    Avoid the US

    My point is: avoid getting your business data into us controlled datacenters, or in posession of us/ik companies.

  16. Anonymous Coward
    Anonymous Coward

    End to end encryption...

    ...communication methods are the only way forward - even then some have back doors. Review the code. ;)

    Basically if you use your intelligence and expertise in helping others be free, the US government will want you bagged. So if you are going to do that, make sure you make no money off of it, and there is nothing central about it - public key encryption etc. Then they can get all hissy about it while we laugh and show them to be who they really are - a bunch of commies. (Sorry to use such old and incorrect terminology there. I just don't like tyrants - for the people or not.)

  17. skeptical i
    Pirate

    judicial review

    "After 90 days, a judicial review would be held which COULD double the monetary reparations and POSSIBLY impose extra charges." [emphasis added]

    Does this also mean that the judicial review could result in the judge telling the feds to get stuffed? Some judges take the tenth amendment (generally, against federal commandeering of state apparatus) seriously and pro'ly won't look more kindly on federal commandeering of private corporate data/ systems/ stuff.

    <-- pirates are bad when they're not gubmint.

  18. Number6

    Balance

    In the interests of fairness and balance, perhaps the people should be allowed to go read the contents of FBI emails on request. Similarly for those of politicians.

    Any government performing wiretaps should be obliged to disclose to the subject of that tap its existence and nature no later than two years after starting it, unless extended (with a time limit) by a judge. I'm sure that might make them think twice about asking for a tap, at least once the scale of the activity came to light as disclosures were made. (Of course, this assumes that they wouldn't find a way to 'lose' records.)

    At some point they'd perhaps get a clue.

This topic is closed for new posts.

Other stories you might like