This Snowden thing is really getting out of hand, though. I initially was anti-Snowden when the first leaks came out; I was unconcerned that the government might be storing metadata. But I am certain that the NSA has been lying about the scope of their collection and it's legality. As more documents leak, I become increasingly concerned with the apparently blank cheque for surveillance that the NSA has been issued. It has personally shaken my trust not only in specific channels of communication, but the entire internet in general. It's troubling the steps one must now go through to have a semblance of secure communication: I have trouble trusting ANY software for security because I have no idea what the NSA is allowed to do (I suspect its almost anything if it's en masse). The one percent doctrine is the scariest thing to come out of the Bush White House, which wasn't exactly a beacon of freedom.

The wheels of law and government turn slowly, which is, generally, a good thing, but I believe that the gov'ts policies regarding information collection need to be addressed ASAP. They're hurting the United States' already shaky foreign credibility, and they're hurting American companies' interests as well. Somebody needs to light a fire under Congress's or the White House's seat to get the ball rolling. Judge Leon's ruling is a good step, but I'm disappointed and ashamed that the first president I cast a ballot towards is stonewalling on such an important issue.

They're lobbying because the government surveillance revelations hurt their business model, not on principle. Even I'm having a hard time taking their positions seriously. I mean, they're right, I'm fine with the means they're lobby for change and I share their desired ends. But in light of their motivations I don't take them seriously.

They're piggy-backing on the surveillance issue to push their idea of universal jurisdiction, a concept unheard of until WWII during the Nuremburg trials where German war criminals were charged with violating American laws even though they weren't Americans, the victims weren't Americans, and the crimes hadn't occurred on American soil. The very basis of state sovereignty is being challenged.

"Because it hurts their business model" simplifies things a bit too much.

They are as old as questions of sovereignty, that's why it s a problem and not only likely to be remedied soon.

On a macro level tech companies are not interested in the government invading the privacy of the people who are using their services because at the very least it doesn’t benefit them in any way. It might even be an inconvenience to deal with in some cases.

The problem is, however, that at any moment large tech companies deal with many issues and problems and they prioritise some over others, on a macro level probably mostly depending on how much money they stand to make. Now, the government invading the privacy of their users certainly doesn’t make them any money – but most of the time it probably also doesn’t lose them any money, or only very little.

However, now everyone is talking about it. More people are starting to care about privacy and the companies can expect to lose at least some customers. Many medium-sized businesses in Germany have already been banning any and all US online services for company use, but the revelations might increase their number even more, for example.

So now companies are becoming more active. On the macro level because they stand to lose money. But I’m pretty sure that the picture will be very different when looking at the micro level. I’m pretty sure that when you look at the people leading the charge for these companies you will find many who feel passionately about this and always have been. It’s just that now there is both enough political capital inside the company to actually start lobbying and the revelations have also put pressure on the government, so moving the status quo got (even if only ever so slightly) easier.

Many people you will hear speak for these companies will actually feel passionately about this. It’s just that now is also the opportunity for them to do something.

  Many medium-sized businesses in Germany have already been banning any and all US online services for company use, but the revelations might increase their number even more, for example.

Cisco routers? Intel chips? Microsoft software? Suddenly just about every American technology product is about as suspicious (or even more so) than anything out of China.

I believe this whole sordid affair and especially the revelations about the subversion of protocols and possible back doors has tainted the US tech industry, possibly beyond repair.

Probably select acceptance into online communities, while increasingly irrelevant nations worry about increasingly irrelevant tax revenue and your increasingly irrelevant physical location.

This is from the original U.S. Constitution, so we have always given ourselves the power to enforce laws outside of our jurisdiction.

I somehow doubt you could call Pope or Merkel a "pirate" or "felon", but that's what its boiling down to. By spying on anyone US does not trust anyone because there is possibility others do the same thing...

Its like a looped liar syndrome. Someone who constantly lies does not believe other people because if he constantly lies then in his world it means everyone else does the same as well. Sick sick situation.

You can be sure if the American government manages to find a way they can properly compensate these companies for lost revenue and customers, they will cease to have any issue with it whatsoever.

Sure. It would change my mind completely if I knew Bush genuinely was deceived by those around him and thought there were WMDs, rather than if I thought he knowingly lied to pursue an agenda for other reasons (e.g. boosting Haliburton's stock, settling a score, etc). I only bring that up because it's something I feel strongly about, yet I feel the motivation could change everything in my mind.

That's fine - politicians are much more likely to take action on something because of the economic impact than due to any principle(s). Especially if it impacts their district...and the President's "district" is as big as they get.

Change is not going to come from legislation; Republicans are all for strengthening of law and order, most reps for the Democrats will not challenge the official line; a secret court will also not challenge the issue, am I Missing anything here?

I think it is amazing that the administration is apparently ignoring the push, given that these companies are big campaign contributors. How can this be? If even big campaign contributors are given a cold shoulder then this might mean that the President is not inclined to budge, to put it mildly;

BTW; it seems CISCO and IBM were not present at the party, despite significant losses; how can this be ? http://www.ft.com/intl/cms/s/0/445c67ce-4cb1-11e3-958f-00144...

No, we can't

IF they are in bed with President and DOJ, if they are continuously doing favors to NSA, FBI, CIA and other three-letter agencies + black ops, then who is there to enforce some hundred years old document titled "we the people".

Further, even Obama himself was directly blackmailed by NSA. As you remember after Snowden revelations first thing before even denying or confirming his revelation, was that they remember getting request to spy on Obama. Since he has so much trouble with his own past, no wonder Obama will do whetever NSA wants.

Russell Tice, has said that he was aware while at the NSA, that the agency, back in 2004, was spying on Barack Obama, then just a Democratic Senate candidate from Chicago.

http://www.counterpunch.org/2013/11/01/is-nsa-spying-really-...

I also find this news disgusting:

http://www.dailykos.com/story/2013/08/13/1230832/-Obama-appo...

The reason that Obama is doing nothing, is because he is actually powerless to do anything - just a little puppet on a chain. To understand the underlying trend have a look at the last few presidents - and take a look at the financial laws that were repealed over time (like the glass steagal act).

One of the weaknesses in the US system is that the presidential post has so much power concentrated in it. Once you are able to get a stranglehold around this position, you can manipulate this from behind the scenes and no one will ever suspect that something is wrong.

But now we have to put up with Obama's dismissal, since he doesn't have much to lose himself, short of impeachment (which I think is warranted, especially if the Supreme Court ends up declaring the mass spying unconstitutional).

I don't think that Obama should be impeached over this, though. These spying programs were started under the Bush White House, for one, and beyond that I don't think that impeachment is an appropriate response to this issue. The constant looming threat of privacy breaches is not something that can be corrected by assigning blame. Rather, we need broad laws to protect American citizens and corporations from being treated as potential terrorists.

As a non-American, I don't see why the Republicans wouldn't do their best to pretend mass surveillance wasn't a problem, considering that they started it in the first place.

I don't know the answer, but I'd be surprised if the party would do so. I think had they, it would guarantee a failed election.

http://wiki.answers.com/Q/Has_an_incumbent_president_ever_lo...

The parties elect their candidates in a primary before putting them on the ballot in the general election. But parties don't like primaries: You have two of your own candidates saying bad things about each other in public, taking specific stances necessary to win a primary that may be disadvantageous in the general election, and using campaign money that could otherwise have been used against the other party in the general election.

So the result is that if the incumbent wants to run again, generally no one from the same party will be willing to mount a primary challenge, and anyone who does will raise the ire of other party members for causing trouble and wasting money. Hence the absurdly high incumbency rate.

http://en.wikipedia.org/wiki/Joe_Lieberman#2006_Senate_elect...

That's exactly how I feel reading about a WH meeting with Tech CEOs who want to discuss this NSA ridiculousness while the White House handlers spin that it's about asking their advice on healthcare.gov or some nonsense. It's just unserious and totally not confidence inspiring.

http://newsflavor.com/politics/us-politics/wall-street-insid...

Search down to the part of the article that starts out "explain what was odd".

    the President of France had said to someone after meeting
    President Obama for the first time. "He's a show horse,
    not a workhorse."

https://www.google.com/search?q=showhorse+workhorse+obama

Someone will eventually have to confront the NSA's rhetoric "we can't stop terrorism / people will be killed if we constrain surveillance". I wouldn't expect that from this White House, or many in Congress. You can push on and even piss off the President, but if he won't push the NSA you have to generate political pressure to force him to do just that.

I'm not sure that pressure is available under the argument that tech giant business models require transparency. That frames the issue as commerce vs security, I don't think that's a big vote getter. The truth is that real privacy will in fact get more people killed, in the short run, because yes it makes operations easier for the Bad Guys. I'm okay with that, because I'm more worried about a tyrannical government, and We are bigger than the Bad Guys. But I'm not sure the electorate sees it my way.

I suppose the likeliest solution is some tacit recognition that proper privacy does allow more terrorism / drug traffic / child porn. I worry that thus we won't get really proper privacy, or a real political commitment to it.

I'm glad these CEOs carried this to the President, but I don't think they're going to be the whole solution to this.

Yep. It's no different than regular crime. We could prevent all crime if the state handcuffed every single citizen. Done! Yay! Whoops, except we destroyed what we meant to protect: life and liberty.

That's what surveillance is doing now. It destroys freedom of speech, freedom to gather peacefully, freedom to petition the government for a redress of grievances (how can you investigate government wrongdoing if they're tapping your phone?), all to (possibly) mitigate the already-small risk of being blown up by loonies.

I'm not convinced this is even true:

1) The effectiveness of dragnet surveillance is vastly overstated. There are far too many haystacks for the number of needles.

2) Even if it was effective in a vacuum, there is no evidence that alternative methods of fighting terrorism would not be at least as effective. Even if you stipulate that the amount of resources being spent on anti-terrorism is reasonable (which is by no means a safe assumption), using those resources for e.g. human intelligence may in fact be more effective in preventing attacks.

3) Dangerous automated systems are dangerous. Never mind federal agents stalking their ex, what happens when the terrorists you're trying to thwart break into your dragnet surveillance apparatus, or make use of the same vulnerabilities you've built into the infrastructure, and use it to determine the schedules and defenses of targets in order to plan an attack?

They are creating a security vulnerability in the hope that it can be used against the bad guys while ignoring the possibility that the bad guys can use it against you. This is not such a good idea when you have a bunch of obvious soft targets all over the place and the bad guys don't.

Which is before your quite valid argument that government officials may be among the set of people capable of misusing such power.

I think you mean the opposite. A single repository with everyone's information makes it MUCH easier for bad guys to carry out attacks.

[0] - http://www.washingtonpost.com/world/national-security/nsa-in...

No one out side the US gov had a clue how big the scheme was and how big or small their part was in it. Now they know. Not suspect, but know.

I'm sure a bunch of tech CEOs and politicians are going to come up with a fantastic scaling solution for the beleaguered website. Let's see, how would that go?

Obama: "I was thinking about migrating to Mango and getting in on some of that sharting I keep hearing about".

Mayer: "No Mr. President, you need more nginx servers to do SSL termination, your Apache servers can't handle the load".

Then Biden: "That's what she said..."

At which point every one stops and looks at him.

1) Person blows whistle / leaks information about government surveillance

2) World trust in US firms is damaged, especially internationally. Foreign firms and governments hesitate to trust US firms with their data. US firms lose contracts and relationships sour.

3) US firms whose interests are hurt lobby for surveillance reform

Personally, I think the crux of the issue is the doctrine that, if a company is a party to handling my data, whether privately or as part of delivery to another person, that company may voluntarily share information with the government. I think it's a failing of our constitutional law against unreasonable search and seizure that this precedent was set. (I'm not a lawyer but that is my understanding - please correct me if I'm wrong.)

In the modern world, virtually all of our communication involves other companies, and so if those companies can voluntarily act as effectively agents of the government in providing the government data, then from my perspective this dodges the intent of the Fourth Amendment. Especially given modern adoption of cloud computing - my papers and personal effects are rarely present solely on my property. Technological progress in cloud computing should not erode fundamental constitutional protections. With that precedent, it has.

As all data increasingly goes digital, it is wrong for our society to present a conflict of interest: either keep my data myself, and lose out on modern technology; or use modern technology and be subject to omnipresent surveillance. The better option is to reform our laws so that constitutional protections extend to digital information, wherever it is kept, as well as "papers".

Would it be reasonable to change the laws of our society such that no person may share another person's digital information with the government [1], except as required by law, or unless they specifically believe that person guilty of wrongdoing? Perhaps such an approach could form the basis for much more effective protection against unreasonable search.

[1] I realize getting this right is going to be tough. Perhaps it's "no digital information created by the person, or metadata about that information". What I'd be looking for is a reasonable digital equivalent of "papers and effects".

Perhaps such a relationship could be negotiated through private contract today (e.g. terms of service). The asymmetrical relationship makes this difficult to achieve as a consumer. (This leads me to wonder: do the terms of service of major Internet firms permit them to share your information with the government?)

Maybe the first place to start is pushing Internet companies to adopt terms of service that prohibit sharing your information with government agencies (or with any other firm who does not have such a clause in its relationship with the first company), except as required by law.

If the tech companies who met with the President want to lead reform in this space, they could begin by changing their terms of service to explicitly prohibit voluntarily sharing your data with governments or firms who may voluntarily share that data with governments. Of course, that might strain their relationships with those governments, and harm their business in a different way, so it will be interesting to see how this plays out.

I'm not saying that business reasons are the only reasons. I do believe that plenty of people and firms want to change the situation on its merits. It's just also interesting to me to look at this issue from the perspective of business impact.

  > I think the crux of the issue is the doctrine that, if a
  > company is a party to handling my data, whether
  > privately or as part of delivery to another person,
  > that company may voluntarily share information with the
  > government. I think it's a failing of our
  > constitutional law against unreasonable search and
  > seizure that this precedent was set.

But the whole NSA debate isn't about voluntary data sharing at all, it's about the government demanding access (or simply breaking in) without a warrant. The NSA's tapping of fiber lines is equivalent to the local SWAT team walking into my bank and rifling through everyone's deposit boxes. There's not much the bank can do about that except lobby against warrantless searches.

  > Would it be reasonable to change the laws of our
  > society such that no person may share another person's
  > digital information with the government [1], except as
  > required by law

Why not both? The NSA "breaking in" is certainly a problem, but I don't understand why the third party doctrine isn't.

> There are many reasonable cases where private companies should share information with the government

Yes, but the third party doctrine goes far beyond what I would consider "reasonable."

> Voluntarily supplying information to the government is not a violation of the constitution.

That's up for interpretation. The extent to which single companies held large swaths of information about our lives has changed dramatically in the last decade. Do you seriously believe that, if the constitution were written in the present day, personal information (of some description) would not be included in the 4th? Alternatively

> The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause

I'd consider anything in gmail/gdocs to be "papers and effects" of mine. I understand that the US government has a different interpretation, but that doesn't mean I have to agree with it.

Whether you agree with this or not, you have to admit: your gmail/gdocs isn't exactly "papers and effects" in the same way as the "papers and effects" in your desk drawer. Not because they are digital, but because the contents of your desk drawer aren't routinely rummaged through by other people, or data mined for targeted advertising, or anything like that. When the question is: is it reasonable to expect these documents to remain private, those things must certainly factor into the equation.

It's very relevant that "single companies [hold] large swaths of information about our lives" but that doesn't mean it's automatically protected by the 4th amendment, or that how that information is handled today justifies expecting a privacy interest to exist in that data. The 4th amendment must accommodate the transition from paper to digital, sure, but you can't erase the word "private" from "reasonable expectation of privacy."

There are certainly ways Google could make a clearer case for extending 4th amendment protection to gmail/gdocs. Essentially, make it more reasonable to expect that information to be private. Stop data-mining it for targeted advertising, encrypt it client-side, institute rigorous procedures for who has access to that information, perhaps lobby for laws to create enforceable penalties for cloud companies who allow employees to access the data without absolute need. These are essentially the analogues of what protects bank safe deposit boxes despite the third party doctrine: banks don't routinely look in safe deposit boxes, they don't ask what's inside, they have extensive protocols to prevent employee access, etc. They are "private" both legally and factually.

In order to make a convincing case that information in the cloud is "private" for the purposes of the 4th amendment, cloud companies have to move in a direction of ensuring that the information is actually "private" as a matter of fact.

In that case, why doesn't it cut both ways? The Gov't gave access to Snowden, so does that suddenly make it reasonable that he should be able to share that data with the world?

The fact that most people expect their telephone, email, etc records to be private should say that the 3rd party doctrine is fundamentally flawed.

  > Why not both? The NSA "breaking in" is certainly a
  > problem, but I don't understand why the third party
  > doctrine isn't.

I do not know if the NSA is exempt, or certain data is exempt. But I share your concerns and see this as another reason why CISPA must be defeated.

I think the point is that the tech companies aren't sharing their users' data with the government voluntarily -- the government is using a combination of questionable, secret court rulings and strong-arm tactics to force them to share. If left to themselves, the companies in question (at least the ones that have spoken out most loudly) wouldn't voluntarily give up as much information as they have been. And not just for idealism's sake -- their own bottom line is likely affected.

EDIT: removed unclear statement meant as a joke.

Huh?

Cite your sources if you have any proof of your claim.

I didn't explicitly say they give that data to 3rd-parties, but I'll clarify that they do not give the unanonymized data to third parties (analytics from campaigns provide a fair amount of anonymized data). To the best of my knowledge, there is no method of getting discrete, individual specific data directly from these companies unless you have a subpoena.

One discussion: http://www.usatoday.com/story/money/business/2013/07/10/what...

It's easy to understand why the typical company would choose to participate if they simply need to provide a data stream to gain a new revenue stream.

It's also easy to understand why a factory will dump pollutants into a river instead of disposing them "properly". It's our job as a society to create incentives and remove options that provide this sort of "tragedy of the digital privacy commons" (not a perfect analogy).

By paying for access (at presumably a rate much greater than cost), the government makes firms who refuse to provide access less competitive in the market than firms who do.

I will. If it didn't have a negative effect on large American businesses, no one would be giving any real thought to the matter. Even then, I expect only a show of reform will be given so that those large American businesses can continue on. I do not expect to see any real change.

I don't think that dichotomy is so stark. Ultimately, the root of the 4th amendment is "reasonable expectation of privacy." That definition should adapt to new technology, but must still be rooted in whether the expectation of privacy is objectively reasonable in light of the actual nature of that technology.

I contend that, however we reform our law to adapt to new technological requirements, data that is encrypted and not accessible broadly within service providers merits a higher standard of protection than data that is exposed in plain text to potentially hundreds or thousands of people. In other words, I think whether it's "reasonable" to expect digital information to be private depends on a common sense evaluation of whether that information is, in fact, private.

I think a lot of our digital infrastructure fails that test, and often by design.

AFAIK, this is already the case in Europe; it goes even further - no company/person is allowed to share any information willingly given by a customer with anyone, except as clearly stated in the privacy agreement the customer has signed prior to sharing of data.

This is a false dichotomy regardless of the state of fourth amendment jurisprudence. There is no inherent reason why you have to store all of your data on Google's servers rather than having your own storage device(s) just as you didn't need to keep your papers in your associate's office a hundred years ago. There is no insurmountable technical reason why your data can't be stored and processed locally.

The problem is really economic. The problem is that you are about to buy a television and it won't change your life one bit whether the television is made by Samsung or LG, whereas that decision of yours will change Samsung's bottom line to the tune of a couple hundred bucks. Which means that Samsung et al are willing to pay more to influence your purchasing decision than you are willing to pay for e.g. email service, and allowing them to doesn't cost you anything. Which means that it's more profitable to offer "free" ad-supported email (and document hosting and blogging etc. etc.) than it is to sell you a product that allows you to seamlessly operate the service using your own hardware. That's the problem -- economics. The fact that the economic value of invading privacy in order to target advertising exceeds the value of not having it invaded for that purpose.

But once you have a system designed to allow surveillance for the purpose of targeting advertising, which most people have no significant objections to, you get every organization and government lining up who wants to do surveillance for purposes people do strongly object to, and the infrastructure to do it is already in place. So now there's trouble: Either you have exclude from government surveillance the data shared with corporations for targeting advertising, which governments don't like, or you have customers withdrawing that information from the advertisers in order to keep it from being exposed to government surveillance, which cloud companies and advertisers don't like.

Somebody is going to be unhappy. And there's a good chance that it will be the cloud companies -- even if the US government relents and announces that it's going to discontinue SIGINT operations against Americans without a warrant, there is very little chance that they'll actually stop against foreign citizens (though they may claim to officially), and even less chance that China and non-state actors (i.e. organized crime) will refrain from doing something similar. Which means that the cost in privacy is no longer just privacy against targeted advertising, it's also privacy against surveillance by governments and criminals.

On the plus side, new market demand for data hosting products without third party central servers.

I am sure that is true in many countries, but it is not true in all of them, e.g. China. China has its own tech giants and market leaders.

> US firms lose contracts and relationships sour.

It will be difficult to find hard data on the topic. Perhaps we could look at the market as a whole: overall international sales across a set of US tech companies over time.

Personal anecdotes (from people doing business internationally) lead me to believe there is a chilling effect or loss of trust for US firms - of what magnitude I am not sure. Perhaps the real business impact is not that significant, and it's just getting a lot of press.

I hope my comments do not come across as Anti-American. That is certainly not the tone I'm looking to set. I am solely looking to have a constructive discussion.

Anyway, I have said a few times these tech companies should step up to the plate and it looks like they are. Good.

People might criticize their motivation, suggesting that its all about money, but from at least my non US POV, the US is all about money, its as pure capitalist as it gets. There for the US its self is all about money. So, what else is going to motivate US people or bushiness? It was always going to be about money.

What I think is needed now is for these tech companies to use some of their immense wealth to put up some sort of political opposition, campaign, candidates or what ever. Talking and finger wagging is good, but they need to put their money where their mouths are.

But over all, positive. Lets see what happens.

Edit: Just to add, Im not making a moral judgement about the US being all about money. That is another conversation.

What is it that you want Google to do to turn the tides completely?

Does anyone know if there are any backdoors built into Zynga games?? Their userbase is still impressive.

http://static.guim.co.uk/sys-images/Guardian/Pix/pictures/20...

[1] https://www.schneier.com/blog/archives/2013/11/surveillance_...

This NSA debacle is just one more nail In the coffin of American Emperialism. And America better wake up and change her ways if she wants to continue to enjoyed the privllaged global position she has had for so many years.