What I don't get about the whole meta-data debate is that if there's no expectation that meta-data is private information, and therefore requires a legal reason to access and store, then why isn't all meta-data required to be public; and by all, I mean all.
More to the point, as it relates to the DEA and local narco units - they do illegal stuff all the time and if historic meta-data was made available to the public, heads would roll.
That's like saying that just because the government is allowed to walk by your house and see if anyone is home without a warrant, then a webcam pointed at your front door should be broadcasting on the Internet. The fact we don't do the latter isn't a valid argument to justify requiring a warrant for the former.
Since there are degrees of privacy, "not private" for the purposes of the 4th amendment doesn't necessarily mean "totally public." The line that has been drawn is that if information is "not private" enough to share with your thousand closest friends at AT&T, it's "not private" enough for the government to see it without a warrant.
With regards to meta-data, you don't even have to get into the whole expectation of privacy inquiry. It's not even your data, it's AT&T's data. The 4th amendment explicitly states that people will be secure in their houses, persons, papers, and effects. That implies ownership or at least control. But call metadata is AT&T's property; the digital records are their papers, generated by their computers, for their internal purposes. If it were up to you, you probably wouldn't even want those records to exist, but they do, because they're not yours.
Regardless of where you draw the line on public versus private, it's clear you cannot have a reasonable expectation of privacy in someone else's property.
Don't get me wrong: I wish Congress would pass a law requiring telecoms to erase such data immediately, keeping only aggregate data for billing purposes. But the Constitution says what it says, not what you want it to say.
What's reasonable is defined by law, not some magical force.
It's clear that meta-data is being used in ways that compromise generally expected forms of privacy.
The very fact you're against making all meta-data public provides evidence of this.
Claiming the meta-data belongs to AT&T is false, since the data is generated by the users actions, not AT&T; it's like saying the phone number belongs to them, which we both know is not true.
Please explain why you feel it'd be illegal to follow you or have you followed in public, watch your front door, etc.
Every time I walk into the local 7-11, my actions generate a videotaped record of my presence, what I bought, and what I was wearing. That's extremely personal. Are you therefore claiming I have a property right to that section of the 7-11 security tape?
But who is the owner of the CCTV data? The 7-11, or the guy on the tape? If the former, then that's the same as how phone call records are handled in the U.S. The government is getting these call records with AT&T/Verizon's cooperation.
Inviting them for a cup of tea is not the same as authorizing a search of your house. Yes, they can look around at what's on sight but they can't start taking out your drawers and searching them.
We both know I'm legally allowed to have you watched in public in such a way that you would never know, and yes, I would legally be able to collect all that data; in fact, legally I'd be allowed to even listen to what you said.
Questions relates to how tech has changed this and it's clear it has.
Until there's one set of rules for expectations related to privacy, it will be exploited by anyone able to do so.
You're not responding to Rayiner's point. AT&T's customer records don't become "your data" simply by dint of being responses to "your actions", any more than security footage becomes "your data" by the same mechanism.
It seems untenable to me that all rights to privacy in our metadata are entirely subverted by their being owned by telecom companies. It's not as if I'm arguing that warrantless access to metadata is a good thing. But there must be a better argument than "this feels wrong".
>Every time I walk into the local 7-11, my actions generate a videotaped record of my presence
This is completely, and I mean completely different. There's no expectation of privacy in a 7-11. As such, the two situations are incomparable despite their superficial similarity.
Whether there's an expectation of privacy online is unclear, and the government is trying to capitalize on this by setting a precedent.
Can you explain how they're completely different? Say I decide to meet someone at a Starbucks. Now Starbucks has not only my drink preference, where I was at a particular time of day, what I was wearing, but also who I was with at the time. They have more information than the phone company.
With regard to phone records, the relevant precedent was set almost 40 years ago in Smith v. Maryland, which held that the government can subpoena phone records without a warrant. And that case was correctly decided for two different reasons:
1) The "expectation of privacy" must be objectively reasonable. It's objectively true that phone call records are not private: they are kept by the phone company in the ordinary course of business and many people have access to them. As a purely factual matter, a lot more people (people who, unlike the 7-11 clerk, you've never even met!) have access to your data at a phone company than at a 7-11. So any subjective belief that those details are private is not objectively reasonable.
2) Callers have no ownership or control over call records. Even if you don't subscribe to the "property rights" view of the 4th amendment, you have to admit that it's less reasonable to have an expectation of privacy in something someone else owns and controls. It's not reasonable to expect privacy as to a 7-11's recordings of what you do on its premises because they own the recordings and control the premises. Similarly, it's not reasonable to expect privacy as to AT&T's records of what you do on its telephone network.
Why am I not surprised that our laws are underpinned by a paradox.
> It's objectively true that phone call records are not private
By this standard, is anything private? If I have a home security system run by a third party, does that mean my front door is not private because I share it with ADT? Maybe instead of getting a warrant LEOs can request ADT to unlock the front door.
> you have to admit that it's less reasonable to have an expectation of privacy in something someone else owns and controls
My phone is controlled by apple. My car is controlled by on-star. My money is controlled by visa. It sounds like the only reasonable expectation to privacy is in your own brain.. for now.
Unlocking your front door is an action, not information that ADT has generated about you. Also, whether or not your door is unlocked has little bearing on whether investigators can enter your private house. Can you generate a better example?
My point is people expect privacy even when sharing information with third parties. Just because your xbox kinect is always watching and amazon echo listening - doesn't mean the average consumer doesn't expect privacy.
My question is, why limit dragnet surveillance to only metadata? It seems arbitrary to not also record full transcripts -- if we really don't have any expectation to privacy.
We may not have an expectation of privacy in the specific records the phone company keeps to bill us and manage their networks, but we have always had an expectation of privacy in the contents of the calls themselves.
People don't expect privacy when sharing information with third parties, they expect confidentiality. But the law doesn't respect that. If you tell me in confidence, that you kidnapped the Limburg baby, I can legally tell whoever I want. I can even be forced by the government to tell them everything I know.
The difference is that phone companies don't record full transcripts. Just like my kinect isn't recording my room right now. That's why I have a reasonable expectation of privacy even though there is a kinect in the room.
But I don't have an expectation that the requests I make to xbox is private.
> Specifically, Petraeus acknowledged providing eight notebooks containing highly classified material to his biographer, Paula Broadwell, in the waning days of his Army career.
And yet
> In April, after a lengthy investigation by the FBI that disgraced the onetime military hero, Petraeus pleaded guilty in federal court in North Carolina to a misdemeanor charge of mishandling classified materials. He was sentenced to two years of probation and fined $100,000.
And yet all you have as a rebuttal is someone who PLEADED guilty, not who was convicted... I love the US kangaroo courts, where hardly anybody ever goes to trial.
The idea of it being theirs implies that it (the information) wasn't mine to begin with. If it was, and I had some expectation of privacy, then AT&T may be in the wrong collecting it.
Or take another path to VOIP - when your call passes AT&T's servers, if they log the bits, are they then AT&T's?
Basically, if information passed to and logged by AT&T is their data, then it applies to everything passing AT&T's servers, and call content would not require a warrant either. In reverse, if there is an expectation of privacy of call data, there can/may/should be an expectation of privacy in metadata as well.
I would prefer that we apply the idea to elected legislators. Our privacy laws would be overhauled overnight if they were routinely spied on by the general public using metadata that is supposedly so harmless that it doesn't require a warrant. We might even get a 28th amendment to update the 4th.
The argument that metadata on you can be acquired my law enforcement without a warrant is not that it's harmless. It's that it isn't your data. You are mischaracterizing the legal justification.
Laws are not magic or inherent, but what people agree to. There's no reason to believe meta-data shouldn't or couldn't be owned by the entity it was created for.
29 comments
[ 3.4 ms ] story [ 19.7 ms ] threadMore to the point, as it relates to the DEA and local narco units - they do illegal stuff all the time and if historic meta-data was made available to the public, heads would roll.
Since there are degrees of privacy, "not private" for the purposes of the 4th amendment doesn't necessarily mean "totally public." The line that has been drawn is that if information is "not private" enough to share with your thousand closest friends at AT&T, it's "not private" enough for the government to see it without a warrant.
With regards to meta-data, you don't even have to get into the whole expectation of privacy inquiry. It's not even your data, it's AT&T's data. The 4th amendment explicitly states that people will be secure in their houses, persons, papers, and effects. That implies ownership or at least control. But call metadata is AT&T's property; the digital records are their papers, generated by their computers, for their internal purposes. If it were up to you, you probably wouldn't even want those records to exist, but they do, because they're not yours.
Regardless of where you draw the line on public versus private, it's clear you cannot have a reasonable expectation of privacy in someone else's property.
Don't get me wrong: I wish Congress would pass a law requiring telecoms to erase such data immediately, keeping only aggregate data for billing purposes. But the Constitution says what it says, not what you want it to say.
It's clear that meta-data is being used in ways that compromise generally expected forms of privacy.
The very fact you're against making all meta-data public provides evidence of this.
Claiming the meta-data belongs to AT&T is false, since the data is generated by the users actions, not AT&T; it's like saying the phone number belongs to them, which we both know is not true.
Please explain why you feel it'd be illegal to follow you or have you followed in public, watch your front door, etc.
https://www.gov.uk/request-cctv-footage-of-yourself
Questions relates to how tech has changed this and it's clear it has.
Until there's one set of rules for expectations related to privacy, it will be exploited by anyone able to do so.
It seems untenable to me that all rights to privacy in our metadata are entirely subverted by their being owned by telecom companies. It's not as if I'm arguing that warrantless access to metadata is a good thing. But there must be a better argument than "this feels wrong".
This is completely, and I mean completely different. There's no expectation of privacy in a 7-11. As such, the two situations are incomparable despite their superficial similarity.
Whether there's an expectation of privacy online is unclear, and the government is trying to capitalize on this by setting a precedent.
And I don't understand your example at all, as it argues in my favor. Starbucks is generally regarded as having no expectation of privacy.
1) The "expectation of privacy" must be objectively reasonable. It's objectively true that phone call records are not private: they are kept by the phone company in the ordinary course of business and many people have access to them. As a purely factual matter, a lot more people (people who, unlike the 7-11 clerk, you've never even met!) have access to your data at a phone company than at a 7-11. So any subjective belief that those details are private is not objectively reasonable.
2) Callers have no ownership or control over call records. Even if you don't subscribe to the "property rights" view of the 4th amendment, you have to admit that it's less reasonable to have an expectation of privacy in something someone else owns and controls. It's not reasonable to expect privacy as to a 7-11's recordings of what you do on its premises because they own the recordings and control the premises. Similarly, it's not reasonable to expect privacy as to AT&T's records of what you do on its telephone network.
Why am I not surprised that our laws are underpinned by a paradox.
> It's objectively true that phone call records are not private
By this standard, is anything private? If I have a home security system run by a third party, does that mean my front door is not private because I share it with ADT? Maybe instead of getting a warrant LEOs can request ADT to unlock the front door.
> you have to admit that it's less reasonable to have an expectation of privacy in something someone else owns and controls
My phone is controlled by apple. My car is controlled by on-star. My money is controlled by visa. It sounds like the only reasonable expectation to privacy is in your own brain.. for now.
My question is, why limit dragnet surveillance to only metadata? It seems arbitrary to not also record full transcripts -- if we really don't have any expectation to privacy.
The difference is that phone companies don't record full transcripts. Just like my kinect isn't recording my room right now. That's why I have a reasonable expectation of privacy even though there is a kinect in the room.
But I don't have an expectation that the requests I make to xbox is private.
https://www.washingtonpost.com/world/national-security/penta...
> Specifically, Petraeus acknowledged providing eight notebooks containing highly classified material to his biographer, Paula Broadwell, in the waning days of his Army career.
And yet
> In April, after a lengthy investigation by the FBI that disgraced the onetime military hero, Petraeus pleaded guilty in federal court in North Carolina to a misdemeanor charge of mishandling classified materials. He was sentenced to two years of probation and fined $100,000.
Or take another path to VOIP - when your call passes AT&T's servers, if they log the bits, are they then AT&T's?
Basically, if information passed to and logged by AT&T is their data, then it applies to everything passing AT&T's servers, and call content would not require a warrant either. In reverse, if there is an expectation of privacy of call data, there can/may/should be an expectation of privacy in metadata as well.