-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/20/2013 04:23 PM, Eugen Leitl wrote: > > http://timesofindia.indiatimes.com/tech/enterprise-it/security/India-sets-up-nationwide-snooping-programme-to-tap-your-emails-phones/articleshow/20678562.cms
There are good cases for lawful interception of communications on a court-warranted per-case basis, but it's hard to square that model with the cost savings to be had by bulk-logging everything and then just issuing queries for the stuff you want. Whether logs are kept by your ISP/telco and queried by the government when they turn up with a warrant, or stored by the government but only looked at when they have a warrant, is an interesting distinction with subtle implications. As I toy with designs for societies and governments in my head sometimes, I'm wondering about a system where anybody whose communications are intercepted - be they found guilty or innocent - must be informed of it within a year or two; long enough to build a case, but short enough to make the agencies feel pressured to only do so if they think it will answer important questions as to your activities (one way or the other) in order to justify the cost of letting you know you're of interest to them. Explicit exemptions might be made for "copying your information into storage without studying its contents", or even "scanning it to see if it matches a search query, but finding it doesn't" as not counting as "interception", in order to allow for bulk collection into a central place for querying, and not requiring notification unless you actually match the results of a query. That might be a reasonable tradeoff. However, these security agencies have a strong history of bending around the letter of laws to violate the spirit of them... ...I do wish that strong cryptography with forward secrecy was more widespread! It should be built into everything, by default! ABS - -- Alaric Snell-Pym http://www.snell-pym.org.uk/alaric/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJRyYwRAAoJENVnbn/DjbpJnGUQAMev39Rjh8qFTFc0uEFyiZ2S 23VYZAlnGwGNPvptmECqKWF5kSw0+jhNiAAXmYdA6Fa2f5tgEgSOx68ANrgFkVry G6sCmrjXXky7Pt2gPtdYNugvqEI73cGPfnMYN3lFNc2+5VYxHuhjKVeW8ANeGW39 Fyn+gGZUk3H82zMZUmbanVhyMCnzyyJ4Ctli3oKObKRyqXEINOOPnlzFikkwc4Ae r6BUD5yJ2lR4A1xeloYmzkE9oTzb9ypCa2bFBbgrJyA+LQ4psx/0E0VdT5RZ/pRd jyXyPUid/fE8ypBBGH1+z5g5LIlaqpCZSiX3LqWCPcMCB8qrp8LEbRATNqdfXOso lMJQzfzDRrM/usXpWX4apHR5fLpY+WH8iUvzafl8Xvds1H73wiIylOuO2Oibq/pi Vvar/tiv/GBcah8gzCoHGzUP0rcMcBzvA1Ao6RTHjWu9+oXGWu913pWQ2pnHKwri UBt2kStBg2EIHCHLtCv2kswJZ2rsrChBvuiq0qcyS2Y4qCX3av0t8lXPMmfuuj8g j/qBnjefSykYBq7izue+ybdOIzYMMUve3aiImvWOtV7daTJVixCx/ONViLlyJt7B 7J9xR4uafEekQJdwTqTGt+8smNJhmdOOoWCkXcOmf83O5mqJTOSCmaQ6ZraitNYE KM+ry6JkkCWbqHD8z9cG =sna/ -----END PGP SIGNATURE-----
