353 comments

[ 3.3 ms ] story [ 299 ms ] thread
Do you have no expectation of privacy indoors if you have Windows then?
If you mean a pane of glass, you are correct. From the street, someone can look through your window. I don't feel this ruling is akin to looking through a window however. It is like walking though an unlocked door (or possibly wide open door). Any sane person would call that trespassing.
I wonder if there is a legally-protected expectation of privacy when NAT is used, vs without.

IPv4 LANs vs IPv6 LANs.

I think you would be giving the Court too much credit for putting that much thought into their decision. And I think even more important we know how good the FBI is at "cyber" that there would be no issues in attribution of traffic to an IP address. So this is really blanket permission for the FBI or any .gov to hack anything internet attached.
Oh, I don't think it's too much credit to consider the court thinking about those things. They might do it by analogy and get it all dreadfully wrong, but they often get down to the nitty gritty implementation details.
in germany, the highest court ruled exactly the opposite: https://de.wikipedia.org/wiki/Grundrecht_auf_Gew%C3%A4hrleis...

rough translation: "The right to confidentiality and integrity on IT systems"

google translate link: https://translate.google.com/translate?hl=de&sl=de&tl=en&u=h...

As far as I remember the CCC wrote an expertise in the ruling and mentioned computerized implants. That was the point were the judges understood that there should be an expectation of privacy on home computers.

It looks like this was just a district court, though. Higher courts in the US could certainly overturn this ruling.
Non-American here: glad to hear they can. Will they, in cases like this, do that by themselves? Or should someone (EFF) appeal this ruling? Or can only the suspect/criminal in this specific case appeal?
Homes that have a driveway connected to a street probably aren't private then..... I mean it's essentially the same thing.
(comment deleted)
(comment deleted)
iirc, that's actually been ruled true before....
You recall incorrectly.
I remember a case where police placed or retrieved something from a car in the driveway without a warrant. The reasoning was that your driveway is not private property.
You might be remembering the FBI placing GPS tracking on cars in drive ways, which was considered fair game and not requiring a warrant.
It has been ruled that they can observe from the connected street, but without a warrant, your property is your property, at least until this ruling.
Don't forget about phones, no more warrants for phone taps.
The EFF wrote about this both last week and yesteday:

https://www.eff.org/deeplinks/2016/06/making-sense-troubling...

https://www.eff.org/deeplinks/2016/06/federal-court-fourth-a...

It is very concerning indeed, but will hopefully not be a precedent. At least if common sense and a basic level of constitutional competence prevails.

Rule 41 is a huge concern---as mentioned in the EFF posts---and risks decisions like this becoming commonplace. As the EFF mentions, it also encourages forum shopping: finding a court lax on fourth amendment issues, in this case.

So now it's called `Home Computer`? Not PC any more?
I always find term "PC" somewhat inaccurate as not many PCs are actually personal. "Home Computer" reflects the true meaning much more accurately.
Tablets and smart phones could probably more accurately be called personal computers.
Sure, this is more and more the case families have one desktop PC to do important stuff, like bank transfers and backups on family photos and videos. Then we have personal computers: smartphones and tablets and some laptops.

If you can not expect privacy on your Home Computer, you can not expect privacy in your home. End of story.

That distinction has been around since the 8-bit era in the '70s and '80s.

A "Home Computer" was a computer intended for use in the home, while a "Personal Computer" was a computer intended for use by a single person.

Home Computers were also Personal Computers, but the reverse wasn't true: many Personal Computers were intended for business use. If everyone at a company had a computer in their cubicle, those computers were Personal Computers, but not Home Computers.

This distinction used to be important because Home Computers and business PCs were separate markets, and the machines were as different as you could imagine. They were made by different companies, used different CPU and bus architectures, and ran different operating systems. For example, in the 8-bit era, business PCs all used Zilog Z80 CPUs on the S-100 bus, were made by a legion of white-box manufacturers, and all ran the CP/M operating system, while Home Computers were made by names such as Commodore, Atari, Tandy, and Apple, typically had MOS 6502 processors (except Tandy, who used the Z80 but not on the S-100 bus), and ran barebones operating systems developed in house, which were little more than BASIC REPLs with some disk I/O features added.

Nowadays almost nobody bothers making the distinction. Yeah, sure, the big companies have separate "home" and "business" product lines, but they're all going to be x86 machines running Windows, and you can get both from the same company (see: Dell's Inspiron and OptiPlex lines), so people don't really make a distinction anymore, and seeing someone use a phrase like "Home Computer" in the 21st century feels like an anachronism.

Not too late into the 80's "PC" seemed to be bound to DOS/Windows and not just any personal computer. Apple seemed to embrace this by referring to competitors as "PCs".
Well, what I forgot to mention (but kinda hinted at) was that "Personal Computer" quickly became used to just mean business PCs and not Home Computers (even though it technically applies to both).

When the IBM PC came out, it and the legion of clones took over the business PC market and replaced the S-100 CP/M market almost overnight. So when "PC" is just used to refer to business PCs and the IBM-compatible DOS/x86 platform completely and thoroughly dominates the business PC market... than naturally the term "PC" will come to be synonymous with that platform.

Wait no expectations of law respecting a lock because robbers can break the lock?

Obviously, this will be struck down..

But it does raise the question what do we do when a judge refuses to understand basic law concepts? Can we than fire the judge?

Judicial elections are ... tricky, but reasonably common. Without public financing for the elections and stronger campaign finance laws, it's really hard to avoid the problem of buying the courts.

https://en.wikipedia.org/wiki/Retention_election#U.S._states...

> Judicial elections are ... tricky, but reasonably common.

It's state judges (in some states) who are elected. This was a federal district judge; they're appointed for life by the president with the advice and consent of the Senate.

> Can we than fire the judge?

This was a federal district judge, who under the U.S. Constitution (Article III) has life tenure and can't be fired; he can be removed from office only if impeached by the House of Representatives and convicted by the Senate after a trial.

The chief judge of the district could cut this judge's case load to zero [0]. In this case, though, (A) that's very unlikely to happen, and (B) the judge would still stay on full salary.

[0] EDIT: This sort of happened, for example, to (now-former) federal district judge Sam Kent in Galveston after he was accused of "inappropriate touching" of female court employees. See http://www.chron.com/news/houston-texas/article/Criminal-cas... Kent later pled guilty to a felony charge of making false statements to investigators; he tried to retire from the bench so as to keep his pension, but that pissed off the House judiciary committee, which pushed through articles of impeachment, which caused Kent to resign. He served not quite three years in prison. See http://bigbendnow.com/2011/08/disgraced-former-judge-complet... and https://en.wikipedia.org/wiki/Samuel_B._Kent

I think this judge has clearly demonstrated his incompetence in handling computer related cases and his very poor understanding of the subject.

Instead of firing him, I think he should be teached. This judgement should be used as example of bad judgment.

> teached

Did you mean taught (something) or impeached?

>This was a federal district judge, who under the U.S. Constitution (Article III) has life tenure and can't be fired; he can be removed from office only if impeached by the House of Representatives and convicted by the Senate after a trial.

Ben Franklin had some thoughts on this as documented here:

http://scholarship.law.cornell.edu/facpub/164/

So I can take photos in public because there's no expectation of privacy. Does this mean I can hack into whatever computer I want now for the same reason? Or does a lack of privacy not necessarily mean it's legal to do such things?
The ruling is about whether one has a 4th amendment right to privacy with regard to criminal investigations. You'd still be violating, at a minimum, the CFAA if you broke into someone else's private computer. There are exemptions in the CFAA for exactly this kind of investigatory activity.

But the ruling won't hold, because it is dumb and bad.

CFAA exempts warrantless searches?
Also, does this not mean that cases like Andrew Auernheimer, where he simply used an API to access data that was not protected at all will be found not guilty in the future?
So, could this ruling be used as precedent against the DCMA?
should he be fired today or Monday?
So when the government keeps zero-days to itself with plans to exploit them, instead of helping to strengthen security as they should, after this ruling they now have an additional conflict of interest: they have an incentive to keep this line of judicial interpretation viable by keeping security weak.
I'm much less skeptical than the median HN poster about government's use of new technology in its traditional roles of criminal justice and national security, but if this article is a fair summary of the case, I can't see how the ruling makes any Constitutional sense.

Because burglars regularly break into people's homes or cars doesn't make them subject to warrant-free search. If the FBI wants to run code on my CPU in my private home without my permission, they should have a warrant, just as they'd need one to manipulate other objects in my home without my consent.

>> ...but if this article is a fair summary of the case...

Thanks for that. A good reminder that we need to think that every time we read anything like this. Just asking a simple question, "Did they get this right?" and even taking a minute to read through to the actual primary source.

"For example, hacking is much more prevalent now than it was even nine years ago, and the rise of computer hacking viathe Internet has changed the public's reasonable expectations of privacy. Cf Lee Raine, How Americans balance privacy concerns with sharing personal information: 5 key findings, PewResearchCenter (January 14, 2016), http://www.pewresearch.org/fact-tank/2016/01/14/key-findings... (reporting that members of a focus group "worried about hackers," though "some accept that [privacy tradeoffs are] a part of modern life"). Now, it seems unreasonable to think that a computer connected to the Web is immune from invasion. Indeed, the opposite holds true: in today's digital world, it appears to be a virtual certainty that computers accessing the Internet can - and eventually will - be hacked."

"Thus, hacking resembles the broken blinds in Carter. 525 U.S. at 85. Just as Justice Breyer wrote in concurrence that a police officer who peers through broken blinds does not violate anyone's Fourth Amendment rights, jd. at 103 (Breyer, J., concurring), FBI agents who exploit a vulnerability in an online network do not violate the Fourth Amendment. Just as the area into which the officer in Carter peered - an apartment - usually is afforded Fourth Amendment protection, a computer afforded Fourth Amendment protection in other circumstances is not protected from Government actors who take advantage of an easily broken system to peer into a user's computer. People who traverse the Internet ordinarily understand the risk associated with doing so. Thus, the deployment of the NIT to capture identifying information found on Defendant's computer does not represent a search under the Fourth Amendment, and no warrant was needed."

The section of interest starts on page 47 of the linked Opinion and Order. http://mobile.eweek.com/security/home-computers-connected-to...

So, that judge just stuck down CFAA for civilians too? Or only for Law Enforcement
CFAA is about exceeding authorised access, not violating expectations of privacy.
The judge conveniently disregards the difference between passive observation and active intrusion. Breaking into someone's computer is no different than if the officer had broken the blinds themself, which clearly would not meet the test described by Justice Breyer.
Right? It seems trivial to tweak the judges statement:

"In today's digital world, it appears to be a virtual certainty that computers accessing the Internet can—and eventually will—be hacked."

To apply to houses:

"In today's mechanized world, it appears to be a virtual certainty that houses connected to the earth can—and eventually will—be broken into."

Thus, warrants need not apply for search and seizure in houses. QED.

> "In today's mechanized world, it appears to be a virtual certainty that houses connected to the earth can—and eventually will—be broken into."

Or rather "... houses with doors can —and eventually will—be broken into."

Also: "... houses with WINDOWS can —and eventually will—be broken into."
(comment deleted)
Even as a programmer I would much rather have to get through "… houses with WALLS …" than through reasonably strong encryption, the task might require strength, but is quite straightforward.
And its easier to break into the average house than the average pc.
Maybe, but it's definitely easier to break into a million PC's than a million houses.
Moreover, many houses also have BACK DOORS!
Sure, but you can decide if you want keep the key under the rug beside that door.
Not just broken into, just peered into. Do not have windows if you expect any privacy.

And of course, do not speak at home (or do not expect any privacy).

Having blinds on your windows still doesn't mean you should expect privacy, any window you own can - and probably will - be looked through.
I think you can be charged with public indecency if you stand in front of your window naked. So there is some sort of gray area when talking about the privacy of your home.
Depends on your location. In my state (Oregon) that's totally fine as long as your intent is not to offend anyone
Genuinely curious, do you need a warrant to look through a window.

I guess the answer is "sometimes, it's complicated"...

In California, police can peer into car windows without a warrant. That's one reason police always seem to be carrying a mag-light when they pull someone over. (The other being that mag-lights are heavy and useful as clubs.)
Oh yeah. Another piece of advice I've often heard is that, if police come to your door asking questions, it's prudent to step outside to speak with them, rather than speaking with them through an open door. If they see something suspicious through your opened door, they can reasonably claim probable cause and force entry.

This may be all BS. But it's advice I've heard more than once.

If police are doing a "knock and talk", they don't have a warrant. Barry Cooper had the best script for that:

If police are knocking, lock your door and say through a window: "I don't talk to police; have your dispatcher call me. If you have a warrant, here are my hands, go ahead and kick the door down". Then cover your ears, close your eyes, and wait.

The problem with those kind of scripts is that while they correctly account for not accidentally exposing yourself to the Police (without a lawyer present etc), they fail to account for the consequences of getting in the police's nerves and looking like a suspect in their eyes (which can get down to them downright making stuff up or planting stuff on you).
if police are targeting you, they're likely to make stuff up or plant evidence anyway.

If you feel you can't handle your affairs, make sure to lawyer up as soon as the police leave your house. You'll need to. let the lawyer know what you did, so he can take appropriate action.

Just remember that a lawyer, should (s)he put your needs above the needs of The People or The Court, (s)he would be disbarred. So don't expect magic to happen.

> Genuinely curious, do you need a warrant to look through a window.

Home windows? If it is visible from a place where a normal person going about their normal activities can see, then no warrant.

For example, if someone walks up your walk to your stoop and there are windows that can been seen through from there, then no warrant. If they have to step off your walkway, walk around the side of your house, scramble through your bushes and pull themselves up to peer through, then a warrant would be required.

A house not connected to the earth would be pretty awesome, but you'd have to have a way to get food and stuff delivered [1].

[1] http://what-if.xkcd.com/149/

Hmm. I don't agree with the ruling either. But I don't think this analogy does the original argument justice.

The point of mentioning "accessing the internet" is it's a lot easier for the hacker to scale up their wrongdoing with ease. It's much simpler to put a virus of some sort (say, a fake download button on a media sharing site) and reach a large audience, than it is to break into the homes of a similarly large group of people.

Where I primarily disagree with the judgment is that this notion makes it a "virtual certainty" that hacking occurs for any given person. Smart browsing habits, and general computer literacy, can make the odds decrease to near zero.

Not only that, most places(?) have fire codes that mandates that all houses are easy(ish) to break-in to. Maybe not easy to sneak into, but certainly easy to break-in to. Because the fire department and emergency services need a way in.

I suppose the analogy would be that just because Microsoft has the power to remotely upgrade your windows 10 install (and potentially install any back-door), that should not violate your expectation of privacy.

I feel bad for the judge. He's bending over backward to rationalize the end justifying the means... and he's dead wrong.

His argument is essentially that if your house is connected to a road, then there is no expectation of privacy.

I expect the ruling, or at least that absurd part of it, will be overturned or superseded. But the counter argument (for future cases) would be that running through a physical firewall is not a direct connection to the internet (silly as it is to make the argument).

Did you read the ruling? Do you have any specific critiques, and do you think the multiple precedents cited are applied incorrectly?

Edit: I've gone through most of the relevant sections. Most of the ruling is reasonable, the section this article and the EFF are complaining about is less supported by precedent.

The actual legal argument says that hacking is common enough that people don't have a reasonable expectation of privacy, then there's this paragraph:

>Although this Court recently noted in dicta that the possibility of hacking "is not enough to defeat an individual's reasonable expectation of privacy" because it is illegal, see United States v. Darby, No. 2:16-cr-36, ECF No. 31 at 10-11 (E.D. Va. June 3, 2016), this Court stresses that child pornography often resembles an international crime. Similarly, much hacking occurs by foreign nations where the governments condone or participate in hacking. Child pornography is not just a national issue; it is an international issue, and at least a portion of the pornography in this case arrived from foreign sources through the World Wide Web

This seems to be the weakest part. It's saying that hacking can't be the basis for a lack of expectation of privacy, but that since some countries allow hacking, it's legal there, and if you're accessing stuff from other countries you no longer have the expectation of privacy.

Solution: Turn all international embassies into ISPs.
Any web page can include content from any country. Country TLDs don’t correspond in any way to where the content is hosted, and for most people even using DNS-resolved URLs is advanced. However, mostly thanks to IPv4 exhaustion, not even IP blocks correspond to geographical location anymore[1].

And all of this doesn’t matter anyway, because of how packet routing works. No one accessing the Internet can be reasonably expected to have any control over how their packets are routed on the network. You only control the next hop[2].

See for example: http://allthingsd.com/20131120/how-somebody-forced-the-world...

So I would agree to the extent that there can be no expectation of privacy for any unencrypted traffic. However, that’s just one type of hacking – snooping.

As for actual hacking – that is someone breaking into your system – this system has to be running on something, some sort of device. This device has to be physically located somewhere.

If an Elbonian comes to US and breaks into your house is it okay because in their country there are no lock on the doors, just a lot of mud, so breaking is not a crime? This is the logic here, as I see it.

What it ultimately comes down to is the US government wants to have it both ways. They want to be able to extradite people that hack into devices located in the US, but they want you to have no expectation of privacy when they are the ones doing the hacking.

[1] https://en.wikipedia.org/wiki/Provider-independent_address_s...

[2] https://en.wikipedia.org/wiki/Hop_(networking)

>If an Elbonian comes to US and breaks to your house is it okay because in their country there are no lock on the doors, just a lot of mud, so breaking is not a crime? This is the logic here, as I see it.

If they came to the US they would be subject to US jurisdiction. Hackers from other countries aren't, at least not always.

Edit: I mean prosecution. Jurisdiction applies whenever there are effects in the US, see link below.

This is my point though. The US government claims they have jurisdiction when it suits them. Guccifer is still in the news and fresh on everyone’s mind.

Personally it never made sense to me how one can be subject to some random foreign country’s law by just using the Internet. But if that’s the doctrine it should at least be applied consistently.

I spoke incorrectly above. They always have jurisdiction if there was damage in the US. The point is that they can't get access to the person if they don't have an extradition treaty with the country they're in, but that's not jurisdiction, my mistake.

See http://www.kktg.net/Notes/hacking-jurisdiction/ which explains this.

Thanks for the link. It’s an interesting read.
No no no!!

The heinousness of the crime does not justify giving up or overriding Constitutional freedoms. Never. Not ever.

And if anyone is in place to protect us from that level of overreach, it's a judge. I cannot believe he's pulling a "won't someone think of the children!" in justifying (and creating some janky circular logic) this ruling.

The scariest precedent here is the level of crime dictating the flexibility of constitutionality.

I think you're misreading it. He's not saying that the heinousness of the crime justifies it, he's saying that by accessing child porn from another country, the defendant opened himself to hacking risk and as such has no reasonable expectation of privacy.
An unlocked car (which is the closest legal analogy, I think) is a bad fit here. If we're really going to search for analogues let's pick one that really matches what's going on in digital communication: physical communication.

  Whoever, without authority, opens, or destroys any mail
  or package of newspapers not directed to him, shall be
  fined under this title or imprisoned not more than one
  year, or both. -- Title 18 § 1703(b)
What if the "computer" on the internet is my pacemaker, and it uploads a data stream to servers in, say, Dublin. Does that mean I should not have a reasonable expectation in the U.S. for privacy of that data? That kind of rationale is bad in principle and bad law.
If you're uploading information to a third party, you no longer have privacy rights under the third party doctrine. That's very well established precedent.

As I said in another comment here, the issue is when it goes beyond such information like IP addresses and goes to actually hacking, which involves running code on the victim's computer.

Comedy option: 3rd amendment defense.

("No Soldier shall, in time of peace be quartered in any house, without the consent of the Owner, nor in time of war, but in a manner to be prescribed by law.")

Not comedy. One reason for "quartering soldiers" was to obtain evidence and to intimidate within a private space. I've long held any form of broadly imposed in-privacy monitoring (including compulsory back door keys) is a 3rd Amendment violation, especially if the individual is practically paying for it.
It would be really interesting to see a legitimate 3rd Amendment challenge come before the courts in our time.
(comment deleted)
Mitchell v. City of Henderson.

Now every last amendment from the Bill of Rights has been discarded.

Is there anything in the Constitution applicable to open government? I ask because the case is locked behind PACER.

... Or is it? http://www.leagle.com/decision/In%20FDCO%2020150203D28/MITCH...

Wikipedia and news articles should give you the details.

I'd say lack of access to law (as well as its unbearable complexity) is an issue of due process and the fundamental rule of law.

But you can't look to the Constitution to dictate everything - its drafters could not anticipate all future developments, and if the government is that citizen-hostile a piece of paper won't stop it. That which the Constitution does specify should be considered more as "behavioral tests", and currently the majority of our test report is failure.

The counter-point presumably being that law enforcement are not soldiers? Maybe the 3rd amendment has been interpreted as applicable to all government agents.
(comment deleted)
FBI doesn't need a warrant for non-US computers.
(comment deleted)

  "But whether the Constitution really be one thing, or another, this much 
  is certain - that it has either authorized such a government as we have 
  had, or has been powerless to prevent it. In either case it is unfit to exist.”

  -- Lysander Spooner, No Treason
That's horrid logic. The question of fitness for existence is whether the Constitution is better than its absence.
Also flawed logic. Our options are not simply Constitution or No Constitution. There are a near-infinite number of unique constitutions we could have adopted, rather than the one we've got.

Spooner was criticizing the actual form of our current Constitution. GP was making an appeal to the Constitution and the judicial system's ignoring of it. I agree with Spooner that a Constitution such as ours is completely powerless to prevent individual judges from rewriting every time it fits their fancy.

We've basically had an ongoing Constitutional Convention in the federal courts since the founding -- without the consent of the people.

That's an unanswerable question, since we cannot compare a control Earth where the U.S. Constitution was adopted in 1783 and an experimental Earth where it was never ratified.

It is axiomatic that the present we now know inevitably followed from the history that preceded it. When you look at the U.S. federal government that now exists, it must have assumed its current form either by design of the Constitution, or contrary to that design. In case of the latter, the Constitution was entirely unable to prevent the government that it established from evolving into a form contrary to its design. Maybe the process was slowed somewhat. We cannot know for certain.

Therefore, if you dislike the current form of US federal government, it is nonsensical to idolize the Constitution, or any other causally-related fact of history. History gave us the present. If you do not like the present, and wish the future to be different, do not repeat the mistakes of the past. Whether history could have given us another present is irrelevant, because it did not.

In the end, whenever a living human fights with a document, the human will emerge victorious, and the document will become confetti. The Constitution is nothing without a living human to be its champion.

(comment deleted)
What about businesses? Should they expect all their computers to be public and if so, doesn't that have serious ramifications for data protection and the prosecution of hackers?
I was thinking the same thing. Also, using this ruling to target business documents would likely be the fastest way to get it overturned. Even if they somehow rule that businesses are different than homes, most executives take all their documents home regularly.
Also Federal courts have computer systems which means all legal documents are now available for access. Unless this Judge thinks it only applies to defendants.
So, I'm assuming as long as I'm only spying on his computer or his accountants or his attorneys and not editing his security settings that it's not illegal because it public information.
I hate to say this but it seems that the Chinese version of tightly regulated Internet is slowly becoming the norm.
That seems like a somewhat overblown reaction.
I know! Let's ask God. God is higher court than supreme court.

God says... snarl overcompensated friendliness's conflict chambray's bibliographer's otter's biodiversity's triptych conversationally fauna's djinns prizefight's Mueller's icons sunder Croatian's Celeste schism extradited whined mistaking impairs Derick's limply Saxony polysyllables sculpted earache cupcake marmalade's lunches

So does this mean I am now legally entitled to all corporate documents on computers connected to the internet?
No, in that case you are obviously a terrorist and you deserve 30y behind bars.
Someone not having a reasonable expectation of privacy in a thing does not mean it is legal to hack their computer.

The CFAA does not depend on any expectation of privacy, only authorized usage.

That makes no sense. Why aren't the FBI in violation of CFAA, then?

Expectation of privacy defines the bounds of a search. Police searches are not permitted to conduct otherwise illegal activity Just because they are searching.

CFAA doesn't apply here.

https://www.law.cornell.edu/uscode/text/18/1030

>(f) This section does not prohibit any lawfully authorized investigative, protective, or intelligence activity of a law enforcement agency of the United States, a State, or a political subdivision of a State, or of an intelligence agency of the United States.

So something can't be illegal for the police to do for the sole reason that it violates the CFAA. If it violates something else, I suppose CFAA charges can be added on, though.

It might work since one has no expectation of privacy in public and taking picture of him is perfectly legal, making a copy of the document (taking picture) on the machine with no expectation of privacy would be perfectly legally too.
Probably not though. The CFAA still says it's illegal to do anything on a computer that you're not authorized to use. It has nothing to do with expectation of privacy.
Does CFAA apply to FBI as well?
No, ikeboy pointed out below that the CFAA doesn't apply to the government.
I'm not clear from the article; does this pertain to the contents of the PC itself, or only to one's activity online?
And houses connected to roads aren't private as well.
The division between state-sanctioned invasion of individual privacy (in this case) and draconian sanctions on trivial "penetration" actions (like changing the UUID in a URL) for corporate entities using the CFAA is really contradictory.

We need to turn it around: draconian punishments for "law enforcement" members who violate the constitution, and protections for individuals who tinker, probe, or explore without malicious actions/intent.

>> "In today's digital world, it appears to be a virtual certainty that computers accessing the Internet can—and eventually will—be hacked."

If true, then why is entering any device connected to the Internet a crime?

By that logic, residences are also not private. As they can be hacked into easily (probably would require even less sophistication)
Why is my comment downvoted without any reason ?
If I use a computer that is connected to a computer that is connected to the internet, is it private?

If not, doesn't this only apply to home routers?

Will Guccifer be citing this case in his defense for hacking Hillary's emails on her home server?
WTF? ok from the title of the article it looks to me that now i'm legitimate to spy/access other people's computers.... but reading the body of the article maybe the gudge only said that you cannot expect that your _location_ is keep secret.... which one is correct? what he actually ruled?