lawful eavesdropping by governments - on you, via Google

John Gilmore gnu at toad.com
Mon Aug 2 19:40:36 EDT 2010 

> There is no guarantee, once an eavesdropping system is
> implemented, that it will be used only for legitimate purposes -- see,
> for example, the scandal in which Greek government ministers were
> listened to using the "lawful intercept" features of cellphone
> equipment.

And, by the way, what ever happened with the Google "lawful access"
system and China?  Inside the Google internal network is a whole
wiretapping subsystem designed to answer orders and requests from cops
and governments all over the globe (including US warrants, subpoenas,
National Security Letters, and court orders, as well as those of other
countries).  The trigger that gave Google the sudden courage to tell
the Chinese where to stuff it, was that they analyzed the malware
which had succeeded in penetrating their internal network, and
discovered that it was designed to specifically try to break into
Google's internal wiretapping system -- presumably so China could do
covert wiretaps into the mountain of up-to-the-minute personal data
that is Google -- wiretaps that wouldn't get reported to the US
government or to Google management or to anybody else.

So, six months later, Google and the Chinese government had a nicely
staged negotiated moment where each of them could claim victory, and
things have gone more or less back to normal on the surface.  But
nobody on either side has said anything about what kind of access the
government of China is getting to Google's internal network.  My guess
is that their detente also involved some negotiation about that, not
just about censored or non-censored searches.  Anybody know more?

	John

PS: One of the great things about having a big global company that
collects and retains massive data about individuals is that
governments can get that data with simple subpoenas.  Most of the time
they could never get a judge to sign a warrant, or the legislature to
pass a law, to collect the same information directly from the data
subject (i.e. you).  Why?  A terrible US Supreme Court decision
(California Bankers Association) from decades ago decided that you
have zero Fourth Amendment protection for data that third parties have
collected about you.  The government can't collect it themselves, by
watching you or searching your house or your communications, but they
can grab it freely from anybody who happens to collect it.  (In a
classic blow-a-hole-in-the-constitution-and-They-Will-Come maneuver,
numerous laws now *require* businesses to collect all kinds of data
about their customers, employees, etc, IN ORDER that governments can
later look at it with no Fourth Amendment protection for the victims.)
Google, of course, needed no law from the Feds to inspire them to make
a database entry every time you move your mouse from one side of the
screen to the other.  Or open your Google phone.  Or call their "free"
411 service.  Or read your email.  Or visit any web site (free "Google
Analytics" is on most, even if there are no ads).  Or ...

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list