[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "Forward Privacy" for ISPs and Customers



by way of Timothy C. May:
> 
> It seems to me that they are actually selling two seperate things.  One is
> connectivity the other storage.  The storage might have a different legal
> status than the connectivity.  So, is email part of the connectivity or the
> storage?  What is the legal status of phone company provided voice mail?  This
> seems pretty close to email.

The storage is sold as a separate service. If you look at ISP adverts,
some offer this, some don't. The legal standing is a bit murky for
data storage as far as I can tell. Some privacy act stuff comes into
play, but I'm curious how similar it is to a "U-Store" type of
rent-a-storage room. 24 hour hot backup facilities & their legal
standing as far as property rights etc. would probably be the best
example I can think of to parallel this to ISP storage.

> Do we know that if phone companies kept recordings of your conversations they
> would have the same legal status as the records that they already keep?

No, they couldn't by definition. Becasue unless otherwise ordered by
the courts to keep your conversations, those conversations are considered
to be not the phone companies property, private, and proprietary to you.
They would be breaking the law if they kept them, because by definiton,
they are your property. The fone corps only own & have rights to the
transport medium, not the content.

> It would be good to get ISP's to work this way regardless of the law.  Its
> better for the data not to exist than have it legally hard to obtain.
Agreed.

> > And, I'm sure the lawyers will agree, while ISPs may be treated essentially
> > the same as telephone companies, absolutely *nothing* requires either to
> > keep specific kinds of account records (*), to "know their customer" (a la
> > banking laws, supposedly), or to record all traffic.
Some of the privacy laws explicitly preclude this sort of behavior in
fact. There is such a thing as too much "knowledge" of a customer.

No, we don't have to make it easy for them. They shouldn't want it to
be easy. This notion that Escrow is a good thing becasue of 
pornographers, terrorists, and criminals is just so much bullshit and
we all know it. It's not an accident that the refrain bears such a
resemblance to Dorthy's (not Denning, but she could play the witch, but
rather the Wizard of OZ) mythical "lions and tigers and bears, oh my".
Dorthy's feared lions and tigers and bears never materialized, and neither
will the ones that Governments allude to.

The notion that it's in my best/greater interest for me to give up *MY*
privacy so that some LEO's job is made easier is just plain stupid,
broken and wrong. My job is not to make their job easier. Their job is
not easy, nor should it ever be in free societies. If they don't like
it, they can go make donuts for a living. But I'm not going to help
them try and redefine things to give them more time to play golf.

That aside, they're deluding themselves. As long as there are
CryptoAnarchists and people willing to create the ability for
common people to maintain (notice I said maintain) privacy in
their lives, they won't win. They can't unless they want to sacrifice
freedom and become totolitarians. 

Key Escrow is bullshit. It's a bad concept, a bad idea, and mainly
satisfies the control needs of a bunch of prune faced uptight stressed
out & paranoid spooks. No one ~needs~ any form of publicly used
key escrow (corps may want it for private internal use, but that's private)
And I'll be damned if I'll ever use it. -Give no ground.


Tim Scanlon