Page 1 of 2 12 LastLast
Results 1 to 15 of 21
  1. #1
    5 Star Lounger
    Join Date
    Jan 2011
    Location
    Seattle, WA
    Posts
    1,070
    Thanks
    42
    Thanked 132 Times in 86 Posts

    Defying Feds, MS tries to keep user data private




    TOP STORY

    Defying Feds, MS tries to keep user data private


    By Woody Leonhard

    Microsoft is currently fighting a federal search warrant demanding that the company release emails stored in Ireland.

    Here's why you should be extremely concerned by a U.S. court's actions and what you can do about it.

    The full text of this column is posted at windowssecrets.com/top-story/defying-feds-ms-tries-to-keep-user-data-private (paid content, opens in a new window/tab).

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.

  2. #2
    New Lounger
    Join Date
    Sep 2010
    Posts
    13
    Thanks
    0
    Thanked 2 Times in 2 Posts
    Is the person in question (the one who set up the @msn.com email account) an American citizen or has he/she a non-US identity?
    If he/she is an US-person, the court might be right; if he/she is a non-US person, the court should follow the normal international rules for collecting information from abroad.

  3. #3
    Star Lounger
    Join Date
    Dec 2009
    Location
    UK
    Posts
    60
    Thanks
    0
    Thanked 20 Times in 2 Posts
    There are far worse examples than Germany - which is a democratic country with a reasonable justice system and reasonable protections for its citizens.

    What about if we substituted a China or North Korea or Russia or ... for Germany.

  4. #4
    New Lounger
    Join Date
    Sep 2013
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    The data is functionally here

    Imagine a long piece of paper 8-1/2" wide that reaches from Broadway in New York City to Dublin, Ireland. Imagine also the paper only has writing on the part of the paper in Ireland. The government issues a lawful subpoena for the paper for the infomation on it. It is entitled to the entire sheet, as it and the information on it are functionally here. The server in Ireland is not an isolated stand-alone entity. It is part of a huge machine called the internet and is an integral part of the Redmond based machine owned by Microsoft. The data is functionally here and must be turned over.

  5. #5
    Lounger
    Join Date
    Dec 2009
    Location
    South Dakota
    Posts
    36
    Thanks
    8
    Thanked 9 Times in 6 Posts
    Quote Originally Posted by Eclectic1 View Post
    Imagine a long piece of paper 8-1/2" wide that reaches from Broadway in New York City to Dublin, Ireland. Imagine also the paper only has writing on the part of the paper in Ireland. The government issues a lawful subpoena for the paper for the infomation on it. It is entitled to the entire sheet, as it and the information on it are functionally here. The server in Ireland is not an isolated stand-alone entity. It is part of a huge machine called the internet and is an integral part of the Redmond based machine owned by Microsoft. The data is functionally here and must be turned over.
    Imagine a long piece of paper 8-1/2" wide that reaches across the Pacific from Beijing China to San Francisco in the U.S. Imagine also the paper only has writing on the part of the paper in San Francisco. The Communist Chinese government issues a lawful subpoena under Chinese law for the paper for the infomation on it. It is entitled to the entire sheet, as it and the information on it are functionally in Beijing. The server in San Francisco is not an isolated stand-alone entity. It is part of a huge machine called the internet and is an integral part of the any server owned by anybody anywhere. The data is functionally in Beijing and must be turned over.

    Is that what you meant? Are you content with China, North Korea, Iran, or any other nation having access to your information just because it is stored on a server that "is part of a huge machine called the internet"?

    Good luck with that, you may get what you ask for.

  6. #6
    Star Lounger
    Join Date
    Mar 2010
    Location
    northern new jersey
    Posts
    50
    Thanks
    1
    Thanked 3 Times in 2 Posts
    Another good reason why all your data on the internet should be encrypted. Not encrypted by some entity that you "trust" but by your own encryption key.

    Ignoring encryption for this topic, what happens if your data is controlled by an American company but the data is dispersed across the internet and does not exist in any particular country? I do not believe that technology is currently deployed but something similar to a torrent could easily encompass that idea. (I believe that it does exist but is not usefully deployed right now)

    I believe that we should not get hung up on where the data technically is stored, we should draw stricter boundaries over what constitutes a company entity. An American company will have to respond to an American subpoena and a German company will have to respond to a German subpoena. We need to have a more formal definition of an American branch of a German company.

    Once we have a firm definition of an American entity that has control of data, they are required to comply with an American subpoena. An American branch of a German company would not have to comply with a German subpoena. The next question would be how to define if an American entity has “control” of data that exists in Ireland.

    Even if you are a foreign person existing completely outside American borders, if you contract data storage with an American company, your data is subject to an American subpoena even if the data is physically stored in some random foreign location.

    It is not about the data, it is about how you define the entity in control of the data. Even if you redefine the question to a physical item in a physical box, it is about who has control of the box and what jurisdiction the entity in control of the box answers to, not where the box physically sits.

  7. #7
    New Lounger
    Join Date
    Apr 2003
    Location
    Cincinnati, Ohio, USA
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Media tendency to present alarmist and exaggerated claims with a story and "facts" to back them is usually absent in your articles. Privacy and security issues related to the internet are extremely serious but hyping government involvement as you did seems an overreaction compared to the hacking and data theft occurring.

    Your articles are generally very well reasoned, covering both pros and cons of issues but your argument and entry into the legal "weeds" on this issue greatly exaggerate the threat as compared to unlawful access to our data. Just my thoughts.
    Dan

  8. #8
    Lounger
    Join Date
    Feb 2010
    Location
    Boston, Massachusetts, USA
    Posts
    44
    Thanks
    1
    Thanked 4 Times in 2 Posts
    I've got very mixed feelings about speaking to my Congressman or Senators about this issue. Congress's track record when dealing with privacy isn't all that great, and its record dealing with technology is abysmal. Asking Congress to legislate to fix this situation could easily backfire. I'm not sure I want to take the chance.

  9. #9
    Lounger
    Join Date
    Feb 2010
    Location
    Boston, Massachusetts, USA
    Posts
    44
    Thanks
    1
    Thanked 4 Times in 2 Posts
    Quote Originally Posted by danprtrr View Post
    Media tendency to present alarmist and exaggerated claims with a story and "facts" to back them is usually absent in your articles. Privacy and security issues related to the internet are extremely serious but hyping government involvement as you did seems an overreaction compared to the hacking and data theft occurring.

    Your articles are generally very well reasoned, covering both pros and cons of issues but your argument and entry into the legal "weeds" on this issue greatly exaggerate the threat as compared to unlawful access to our data. Just my thoughts.
    Dan
    Did you read the references linked to in the article? There's not much, if any, exaggeration at all. We already know how far-reaching, or over-reaching, the U S government can be, and increasingly is. Why would you think other governments wouldn't be? Because some Europeans appear to have strong privacy protection? There's a lot more to the world than Europe. Because no equivalents of Edward Snowden have come forth from other countries? The countries most likely to want the sort of data from the U S that the U S wants from Microsoft are those most likely to execute Snowden-equivalents simply on suspicion. Or maybe they'd just hack into the servers of interest and take what they want.

  10. #10
    Star Lounger
    Join Date
    Mar 2010
    Location
    northern new jersey
    Posts
    50
    Thanks
    1
    Thanked 3 Times in 2 Posts
    It is not about privacy. It's about who has control of the data. Does the US have control over companies with branches outside of the US and on the flip side do foreign countries have control over branches inside the US.

    I think it's very likely that US government will allow foreign branches to be outside US control in order to claim that US branches are outside of foreign control.

    I think there will be a lot of wrangling over just how far outside US borders the US can control without allowing any foreign control to seep inside US borders.

  11. #11
    New Lounger
    Join Date
    Sep 2013
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    It is not a question of what I want or don't want. It is a problem with the way the law is written. The information is on an integral part of the Redmond machine that provides the service. It is not an isolated entity. You cannot access it directly. The information is functionally here. This is the law as it currently stands as I interpret it. I would like the law to be changed through due process and not as a result of some judge deciding what should be over what the law is. If you don't like the law, contact your representative requesting them to change the law. I will support that.

  12. #12
    New Lounger
    Join Date
    Dec 2009
    Location
    Vancouver, B.C. Canada
    Posts
    23
    Thanks
    1
    Thanked 0 Times in 0 Posts

    It's About Privacy and What We Want

    Quote Originally Posted by Eclectic1 View Post
    It is not a question of what I want or don't want. It is a problem with the way the law is written. The information is on an integral part of the Redmond machine that provides the service. It is not an isolated entity. You cannot access it directly. The information is functionally here. This is the law as it currently stands as I interpret it. I would like the law to be changed through due process and not as a result of some judge deciding what should be over what the law is. If you don't like the law, contact your representative requesting them to change the law. I will support that.
    Attention Eclectic1 and edmcguirk: It is about privacy and it is about what we want! Why agree to give away our precious privacy if we do not absolutely have to? And even then we should not. The cry of every oppressed true freedom fighter used to be "Give me freedom or give me death." The media has been lying to us for so long with their brainwashing nonsense about the masses oppressed by large corporations run by unfeeling white demagogues. In recent riots we see rioters burning and looting small businesses owned by hard working black American entrepeneurs. They too are oppressing the people? Al and Michael (you know who) and his kind would have you believe this. World history shows that one of the hallmarks of a totalitarian system is the loss of all freedoms including privacy. So this is not what we want by any means! This world is heading for a total totalitarian system called a New World Order out of which will come total enslavement by all peoples to a world dictator.

  13. #13
    Star Lounger
    Join Date
    Mar 2010
    Location
    northern new jersey
    Posts
    50
    Thanks
    1
    Thanked 3 Times in 2 Posts
    Um, all those things might be important but they don't really have anything to do with this topic. If this whole issue was entirely inside the USA, there would not even be a question about what to do. All the data would have been handed over long ago.

    The whole purpose of a subpoena is to ensure that the law is followed. The police cannot randomly grab anything they want, they have to go before court and justify that their needs are legal. That was all done in this case but there was the little detail that the data happened to be stashed outside of US borders. My belief is that the physical location is not important if the entity with real control of the data is inside the US. If it turns out that the real control is actually outside of the US, then I believe the US courts cannot command it to be delivered. Apparently the current laws do not explicitly state what entity has control and which court has authority across borders. That needs to be thrashed out.

    If you want privacy, encrypt your data. Keep ultimate control inside your own hands. However your right to privacy is not absolute. When an issue goes to court, facts need to be proven and the courts can demand facts to be exposed in court. Sure, there are times when power oversteps its bounds but this issue has nothing to do with privacy, it is only about whether the US courts can claim authority outside of US boundaries (and the reverse, can foreign courts claim authority inside the US).

    If you want to worry about privacy invasion, totalitarianism, oppression, brainwashing, riots, or a New World Order; go ahead, they all sound like real bad things. But real democratic governments with real working legal systems still need to command people to do things they don’t want to do in order to uphold even the good laws. And the enforcement of even the good laws has to stop at the borders but we still need to define where those borders are when some of the control is in the virtual world.

  14. #14
    Star Lounger
    Join Date
    Mar 2010
    Location
    northern new jersey
    Posts
    50
    Thanks
    1
    Thanked 3 Times in 2 Posts
    Quote Originally Posted by Eclectic1 View Post
    It is not a question of what I want or don't want. It is a problem with the way the law is written. The information is on an integral part of the Redmond machine that provides the service. It is not an isolated entity. You cannot access it directly. The information is functionally here. This is the law as it currently stands as I interpret it. I would like the law to be changed through due process and not as a result of some judge deciding what should be over what the law is. If you don't like the law, contact your representative requesting them to change the law. I will support that.
    In my opinion the current problem is that we don't know where the border is. The border will be decided by a judge's interpretation of the current law or he will choose the nearest precedent he thinks is relevant. Either we like which way the judge rules or we don’t. Either way, the lawmakers will probably get involved writing new laws to try to define how we want these issues handled In the future. (write your congressperson)

    I’m not terribly worried about where the border is defined. Wherever it is defined, companies will shift their structure to run their businesses the way they want them to be controlled. People will then decide who they do business with based on the new landscape.

    Maybe new businesses will crop up offering better encryption methods. Once the data is encrypted, the entity who owns the encryption key is where the subpoena gets served. Problem solved. (kidding)

  15. #15
    2 Star Lounger
    Join Date
    Jul 2001
    Location
    Hepler, Kansas, USA
    Posts
    151
    Thanks
    6
    Thanked 0 Times in 0 Posts
    News of Microsoft's concern for the privacy of users information came at about the same time those of us who have used Microsoft Money Portfolio Manager for years got the news that it would be discontinued on December 22. Despite an abundance of protests and cries of dismay from thousands of loyal users of Microsoft products, Microsoft is going ahead with plans to discontinue the Portfolio Manager. They have advised users to migrate their data to Microsoft Money My Watchlist. Problem is that for most of us the migration didn't work and we lost years of investment data. So much for loyalty to Microsoft.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •