On Thu, 2010-03-04 at 19:38 -0800, Lefty (石鏡 ) wrote: > On 3/4/10 6:08 PM, "Liam R E Quin" <l...@holoweb.net> wrote: > > On Thu, 2010-03-04 at 17:45 -0800, Lefty (石鏡 ) wrote: > > > >> In any case, I'm under the impression that a search warrant or similar > >> order > >> is generally required in the US to get information regardless of whether > >> it's from a hosted service or from your personal computer; certainly the > >> police can't simply call up Facebook and ask for information on random > >> people and expect to get it. > > > > They can and they do, as has been widely covered by the media. > > Well, given this wide coverage, which I've somehow completely missed, there > shouldn't be much challenge to your producing an actual citation
I was a little looser than I should have been in my wording. For media coverage of "warrentless wiretapping" (which includes monitoring of internet usage) see e.g. [1] and [2]. In addition, a subpoena from the FBI is different from a search warrant - it does not need to be signed by a judge[2]; supposedly "reasonable suspicion" is required, but no supporting evidence seems to be required, merely a claim. Similarly, financial transactions (I think in the US over $1,000) are reported automatically to the NSA. Facebook does have a stated 90-day data retention policy for IP logs, and I found a policy document relating to subpoenas [3] although it's not clear to me that it's authentic. There are (I discovered today) rumours that facebook was started by the CIA, because of indirect links from the original venture capital people [4], but that was not on my mind when I wrote (or meant to write) that information is indeed handed over without warrants. Facebook's privacy statement is specific that they do not require a warrant [5]: "We may disclose information pursuant to subpoenas, court orders, or other requests (including criminal and civil matters) if we have a good faith belief that the response is required by law" [...] "We may also share information when we have a good faith belief it is necessary to prevent fraud or other illegal activity, to prevent imminent bodily harm, or to protect ourselves and you from people violating our Statement of Rights and Responsibilities. This may include sharing information with other companies, lawyers, courts or other government entities" The Statement of Rights and Responsibilities [6] explicitly says that "You will not use Facebook to do anything unlawful, misleading, malicious, or discriminatory.", so if you break the law you have broken the terms of use of facebook and lost your right to privacy. I didn't really want to make a thread out of this, but I think it's important enough (even though I do not live in the US) that people do need to understand it. I don't really want to single out facebook; for me the primary issues are both about privacy and about owning one's own data: geocities closed down recently, and I expect that many people's personal photographs and memories went away. If facebook deletes your account, or (worse) refuses to delete it, you also lose out. Social networking is very much in its infancy, and it's clear that the implications of this technology are not yet well understood by anyone. But we do understand that there _are_ implications, legal as well as social. > >> The vast majority of people who use computers--and I'm not > referring to > >> people who download source and build their own versions of > things--are quite > >> happy to, for example, have Wordpress or Livejournal maintain their > blogs > >> for them, and there's absolutely no reason for them to attempt to > host it > >> themselves. > I wish evolution could reformat quoted messages better than this!) > > They are also happy to use Microsoft Word, and other proprietary > > software. But that does not mean we should abandon GNOME. > > Instead, we need to make it easier for people to follow the more > > open path. > > Nobody's suggested that anyone "abandon GNOME". It's an analogy, I'm sorry if it wasn't clear. "Most people are willing to do X, so that must be OK" isn't good reasoning. > [...]. In the case of [...] > a Livejournal, or a Flickr site, or Facebook, there's no alternative > that we > can offer, other than "Don't do that!", it would seem. Correct me if > you feel I'm mistaken here. A possibility I suggested would be to deploy a new peer-to-peer based distributed social networking system. For instant messaging the hardest part of such things is often "presence', determining when someone is online, without losing their anonymity; for social networking, that's less essential. A delay of a few hours may be fine. There are already systems to distribute one's files over p2p networks so that no-one can determine whose files they are storing; a local desktop service that gave a Web interface to such systems might be a way to start. When there was no Free alternative to Unix, the choices were to make a Free copy of Unix, or to stop using Unix, or to accept non-Free software. GNOME is of course a part of the resulting project. If there are no Free alternatives to centralised blogging that can preserve privacy, the choices are to stop blogging, to accept a lack of privacy (at some level that can be argued), or to create a new alternative. To say that there are no alternatives and that therefore we must accept the alternative that we don't like, is to admit defeat. I hope that's a clearer statement. Best, Liam [1] http://news.cnet.com/8301-13739_3-9864495-46.html?tag=mncol;title [2] http://online.wsj.com/article/SB120511973377523845.html [3] http://cryptomeorg.siteprotect.net/isp-spy/facebook-spy.pdf (?dubious source) [4] http://www.nzherald.co.nz/technology/news/article.cfm?c_id=5&objectid=10456534 [5] http://www.facebook.com/policy.php -- Liam Quin - XML Activity Lead, W3C, http://www.w3.org/People/Quin/ Pictures from old books: http://fromoldbooks.org/ Ankh: irc.sorcery.net irc.gnome.org www.advogato.org _______________________________________________ foundation-list mailing list foundation-list@gnome.org http://mail.gnome.org/mailman/listinfo/foundation-list