-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 10/21/13 9:08 PM, Zack Brisson wrote: > Naive question from an ignorant amateur: > > What are the legal implications if service providers using any > surveil-able channel offer terms of service stating they will: > Terminate service provision prior to release of a user's > information to a third party in instances where prior notice of > intended release has not been made. > > I don't understand enough of the law to determine whether or not > the series of cases referenced below represents a new legal > precedent or something else. I.e. Given the commercial implications > of many communications facilitated services, could economic > considerations create legal standing of comparable relevance to the > security considerations? If a commercial entity complies with state > coercion, in conflict with their commercial obligations that they > have explicitly rather than implicitly made, who arbitrates the > spread of loss & risk across actors? I'm not sure any of us have particularly satisfying answers. I think the crucial lesson from Lavabit is that close-to-end-to-end is not good enough to avoid having keying material compelled or to have compelled appliances attached to your network. Many of us are arguing (and will continue to argue) that no secure communications service should have to rearchitect itself to assist government surveillance. So, if you keep private keying material in a central place that the USG can think of a way of getting at it (or if they can get at something that can allow them to get at private keying material), you're going to have a bad time of it. We're certainly watching the Lavabit appeal in the 4th Circuit and will definitely call upon this community to speak up when it comes time to write a friend-of-the-court (amicus) brief. best, Joe - -- Joseph Lorenzo Hall Chief Technologist Center for Democracy & Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 j...@cdt.org PGP: https://josephhall.org/gpg-key fingerprint: BE7E A889 7742 8773 301B 4FA1 C0E2 6D90 F257 77F8 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (Darwin) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEAREIAAYFAlJmgRgACgkQwOJtkPJXd/iWNACffcxLYZEPAVGNePvS7D2WBrLk FYkAoIWzNhSTA4Tjn5Ux31b7u7F2Sv5x =EUA0 -----END PGP SIGNATURE----- -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.