US government says online storage isn't protected by the Fourth Amendment

[MrGuvernment]

US government says online storage isn't protected by the Fourth Amendment


http://www.engadget.com/2014/07/14/fourth-amendment-online-data/

A couple months ago, a New York judge ruled that US search warrants applied to digital information even if they were stored overseas. The decision came about as part of an effort to dig up a Microsoft user's account information stored on a server in Dublin, Ireland. Microsoft responded to the ruling and challenged it, stating that the government's longstanding views of digital content on foreign servers are wrong, and that the protections applied to physical materials should be extended to digital content. In briefs filed last week, however, the US government countered. It states that according to the Stored Communications Act (SCA), content stored online simply do not have the same Fourth Amendment protections as physical data:

Why would it not...

 

[MacLeod]

A total guess but maybe it comes from an "expectation of privacy"? If you keep something in your house, then you expect it to be private and the feds cant just come in and take it without a warrant. If you bury something down the street in the woods on property that you dont own, well thats something they could just go take because I dont expect me lying my diary under the neighbor's deck to be private. Putting stuff on Apple's cloud server could be looked at the same way I guess.

 

[RanceJustice]

While the EFF and others campaign for sane laws regarding privacy, I think it is important to note that when it comes to protecting your own data there are ways to resist these sorts of intrusions, both technically and legally.

For instance, from both a technical and legal standpoint, you'll have much better chances of privacy avoiding "cloud' storage, especially proprietary cloud storage where the company or their servers are hosted in the US or a "Five Eyes" country. If you want to have online storage of some kind, I suggest renting some web hosting of your own colocated in a nation with stronger data privacy laws (Switzerland is a good place to start. Luxambourg. Hong Kong. Malta. not to mention many island-nations like the Isle of Man). These places often require a local court filing exclusively and there has to be proof a crime has been committed and a warrant secured under the local jurisdiction of the nation. This benefits you legally immensely.

From a technical standpoint, you'll want to "roll your own" cloud storage in one of these nations, using exclusively Free and Open Source Software. Something like OwnCloud, Seafile, Pydio, or Kolab can all be installed on any web server you set up and have control over. Of course, there are also webhosts in these nations that will set up an instance of that software for you, "prefabbed", if you wish (ie www.mykolab.com hosts Swiss Kolab installs and you contribute to the development of Kolab itself. OwnCloud has links to various hosting partners on their website etc..). You can also go about configuring your private server as you like for another level of privacy and security, such as requiring encrypted connections or encrypting your files client-side with another "nested" encryption scheme, before upload which creates a zero-knowledge state even if for some reason your server was compromised.

For the average user who wants to ensure that their content and metadata can't just be swooped up and stored for eternity by the NSA or turned over with a rubber-stamped, overly broad FISA letter directed at some provider (or just wants to make an ideological stand - after all, there more people encrypting and acting with privacy in mind, the better!), you can gain a lot of privacy by avoiding the use of popular, proprietary "cloud" services where the server is out of your control, and encrypting where possible. If you have a reason to believe you'll be targeted for one reason or another, ranging from activists to whistleblowers, there are further steps that can be taken as well (like some I describe above), but the costs, both monetarily and in terms of convenience exponentially expand.

 

[Zepher]

Here is a short article talking about the ruling as well as safe deposit boxes, which in my view is the same as using cloud storage for your personal files.
http://www.opednews.com/articles/Cl...mining_Fourth-Amendment_Rights-131228-77.html

 

[xX_Jack_Carver_Xx]

How many times do we have to deal with some fucking pinhead attorney or judge or prosecutor, who suffers from reading comprehension issues, and a lack of understand of Legislative Intent. It really is simple, even though it was written in 1790 it covers ALL EVERY ALL forms of technology then, now and in the yr 2525 ......

Amendment IV

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.


... your EFFECTS refer to every single paper, note, email, FB post, safety deposit box content, instant message,phone conversation, shortwave radio chat, EVERY FUCKING THING you own, said, wrote, typed, thought ... ever. There are NO EXCEPTIONS, no new technology that is somehow exempt, not now not EVER.

I've gotten to the point where the way to handle lawyers and government personnel insisting on claiming every new technology that comes along as exempt should be ...

YOU TRY, YOU DIE.


Make violating the 4th Amendment by Government or Corporate officials a Death Penalty Offense. Maybe then we can rest assured our privacy is secure.

If you want access to something, go to a Judge, get a WARRANT based on tangible probable cause based on evidence presented to that Judge.

 

[dave99]

Just one of the numerous reasons I use an app that encrypts locally before sending anything important to dropbox. The program has apps for android etc, so I still get all the convenience of dropbox and anywhere access, with added security that nobody besides me can easily access it.

 

[devman]

Something smells about this article. A search warrant is a compliance with the 4th amendment. If they were requesting it without a warrant or subpoena that would be different.

EDIT:

After reading the article I see nothing inconsistent with the governments position. A subpoena requires the respondent to bring something/someone court, the court doesn't care where it or they are, the fact is Microsoft has control of it and they are US company. If Microsoft wanted to quash the subpoena on it's merits they should do that, but arguing this technicality wasn't going to get them far. You either produce the item or person or show cause why you cannot (i.e. you do not have possession of it).

 

[LoneThrasher]

eh. When in doubt, dont connect to the interwebs. *tin foil hat*

 

[Aesma]

US companies bully people and governments worldwide everyday about not caring for local laws since they're based elsewhere. Now they're arguing for the opposite in that case, how convenient.

 

[Tsumi]

How many times do we have to deal with some fucking pinhead attorney or judge or prosecutor, who suffers from reading comprehension issues, and a lack of understand of Legislative Intent. It really is simple, even though it was written in 1790 it covers ALL EVERY ALL forms of technology then, now and in the yr 2525 ......

Amendment IV

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.


... your EFFECTS refer to every single paper, note, email, FB post, safety deposit box content, instant message,phone conversation, shortwave radio chat, EVERY FUCKING THING you own, said, wrote, typed, thought ... ever. There are NO EXCEPTIONS, no new technology that is somehow exempt, not now not EVER.

I've gotten to the point where the way to handle lawyers and government personnel insisting on claiming every new technology that comes along as exempt should be ...

YOU TRY, YOU DIE.


Make violating the 4th Amendment by Government or Corporate officials a Death Penalty Offense. Maybe then we can rest assured our privacy is secure.

If you want access to something, go to a Judge, get a WARRANT based on tangible probable cause based on evidence presented to that Judge.

There was a valid subpeona/warrant. The issue here is that the information was stored overseas, and since the US government technically does not have juridstiction overseas, Microsoft argues they have no right to request that information. Microsoft's argument was that since the US does not have physical access to the server, they do not have the right to access the information on the server under the 4th amendment. This ruling states that physical access is not required for digital content.

The 4th Amendment isn't invalidated for digital content. Just the physical access part of it is invalidated.

Misleading article is misleading. Although, of course, there is the matter of international relations of such a ruling.

 

[devman]

There was a valid subpeona/warrant. The issue here is that the information was stored overseas, and since the US government technically does not have juridstiction overseas, Microsoft argues they have no right to request that information. Microsoft's argument was that since the US does not have physical access to the server, they do not have the right to access the information on the server under the 4th amendment. This ruling states that physical access is not required for digital content.

The 4th Amendment isn't invalidated for digital content. Just the physical access part of it is invalidated.

Misleading article is misleading. Although, of course, there is the matter of international relations of such a ruling.

Microsoft position is absurd. If a person receives a subpoena for business records and they respond with "I'm sorry it is stored in foreign country", the reply will be "So what, go and get it." The court doesn't care where the item is, only that respondent has control of it and thus the ability to produce it.

If it were that easy to evade a subpoena multi-nationals would do it all the time.

 

[Tsumi]

Microsoft position is absurd. If a person receives a subpoena for business records and they respond with "I'm sorry it is stored in foreign country", the reply will be "So what, go and get it." The court doesn't care where the item is, only that respondent has control of it and thus the ability to produce it.

If it were that easy to evade a subpoena multi-nationals would do it all the time.

That is exactly what the court said. It was Endgadget that misinterpreted (either intentionally or unintentionally) what was stated.

Here's the actual court quote:

Overseas records must be disclosed domestically when a valid subpoena, order, or warrant compels their production. The disclosure of records under such circumstances has never been considered tantamount to a physical search under Fourth Amendment principles, and Microsoft is mistaken to argue that the SCA provides for an overseas search here. As there is no overseas search or seizure, Microsoft's reliance on principles of extra-territoriality and comity falls wide of the mark.