Heu! On 11.06.2013, at 01:11, x z <xhzh...@gmail.com> wrote: > I argue that direct access or not is is substantive, not semantic. We have > the following two versions of the story: > > *A: The Guardian story alleges that NSA has direct access to user data from > major internet firms, and these firms are willingly cooperating with NSA > for the capability of en masse data pull. It indicates that NSA can pull > whatever data they feel like, and that NSA has such dark power that all the > internet firms have to kowtow.* > > *B: On the other hand, NSA and these companies' statement is consistent to > what most of us have already known, that NSA can request data from these > firms on the basis of FISA. And the data pull is quite limited. (By the > way, it doesn't really matter it's US or non-US citizens to me, there's > nothing special about America).* > > Do you think the difference between the two is merely semantic? Also, if > you believe in A, then everybody on the NSA/corporation side are liars, and > we are truly living in a police state. This, is, not, semantic.
Taking a look how this works in other countries, I'm sure it works pretty much the same way in the US. I.e. in Germany there is traffic duplication at provider level where the data gets send over so called SINA boxes - nowadays even without any sort of real safe guards, and providers simply don't know anymore what's really going on in their networks (so far for the Upstream part for LI and homeland secret service). For direct data access there are in fact known APIs for everything, be it Swift, PNR or whatever. You shouln't need much fantasy to get an idea of the actual implementation at service level. So I agree 100% with Jake. And really: At the end it doesn't matter how exactly it works - it just does and it is widely used. As a side note: An interesting story popped up today in the German press where a 18 year old Au Pair got send back home because of her private Facebook conversations. So it seems that even the DHS has this kind of capabilities. Giving the fact that there are thousands of people entering the US every day, do you really think they don't get this information in an automated fashion via API? I seriously doubt that. > @Jacob, if your hypothetical FISA API thingy works only on the limited data > the firms knowingly disclose to NSA, then it's not big deal. This "FISA > API" thing is semantic, not substantive, to use your classification scheme. Jake made the most important point already: The laws doesn't allow the companies to even tell the whole story. Although it might look like a weak argumentation, it is in fact a strong one. Also do you *really* believe a guy like Zuckerberg more than internal training material of the NSA? I don't for a simple reason: Why should they lie on these slides? It makes no sense at all. These were not made with a public audience in mind. This has nothing to do with paranoia of any sort but common sense. Take care, fukami -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech