Everyone who's not terribly worried about privacy always uses the line 'if you're not doing anything wrong, you have nothing to worry about', but my line of thinking is not 'do i trust the government' it's 'do I have faith in all future forms of government who will have access to this data'
Given how fast and lose I've seen the DODGE folks play with the data they have, absolutely not. I still shudder over the fact that my OPM data was hacked years ago
> Everyone who's not terribly worried about privacy always uses the line 'if you're not doing anything wrong, you have nothing to worry about',
"Saying you don't need privacy because you have nothing to hide is like saying you don't need freedom of speech because you have nothing to say." - Edward Snowden
> it's 'do I have faith in all future forms of government who will have access to this data'
And even this assumes that the government can and will protect the data from the various bad actors who want it, something they have absolutely failed to do on multiple occasions.
It's not "if you're not doing anything wrong" you need to worry about, it's "what will they make wrong down the road to trip me up" you need to consider.
I have seen what happens with garbage-in/garbage-out in databases, so this kind of stuff terrifies me. I often think of a case where we had a person listed twice in our database, with same address, birthday, etc, only thing different was gender, and last 2 digits of SSN were transposed..
After we 'fixed' the issue a few times, they BOTH showed up to our office.
Both Named Leslie, born on same day, a few small towns apart, same last name and home phone since they had been married. Back then, SSN were handed out by region sequentially, so one had the last two digits 12 and the other 21.
Funny. I have a brother. We have at times lived together, went to the same school, and after not living together, lived on the same street. A couple of times, one or more credit bureaus decided we were the same person and silently merged our credit files. Not a nightmare per se since we're both fiscally (mostly) responsible, but we generally find out how incompetent the bureaus are when we're trying to make some very large transaction (I was trying to buy a car, he was trying to buy a building for work) and suddenly get "why do you own 2 houses, a bunch of cars, and you're apparently a bigamist". And then we had to scramble to untangle the whole mess. Lawyers were involved. The bureaus do not care in the slightest.
My uncle married a woman with the same first and middle name as one of his sisters. My new aunt chose to use her husband’s name as her married name, without hyphenation or anything. His sister, my aunt, never married. One was an RN and the other is an LPN.
They were born in different years. Their SSNs were not close. For one of them the name was her maiden name. For the other, a married name. They went to different colleges and had different credentials. They did live in the same town.
When my aunt died, all the credit companies and collections companies tried one of two recovery tactics. Some tried to make her brother pay the debts as her surviving spouse. The others tried to assert that the debts were incurred by his wife and that the mismatch of other data in their own databases was evidence of fraud.
I have two younger brothers. They have the same last name, first initial, a history of having lived at the same address, and the same birth date, because they're twins.
Every time one of them goes to a particular medical facility, he has to explicitly decline having them merge their charts.
Does anyone ever actually use that line? Most people will argue that the trade off in privacy is worth it for security.
That is, if you frame your argument such that you believe people don’t understand the trade off it allows you to not engage with the fact they just disagree with your conclusion.
Have you ever sat on a jury in a criminal case? A frighteningly high percentage of people will swallow every lie a cop tells, even when thoroughly discredited in cross-examination. There's no shortage of people to guard the concentration camps.
Constantly. Most people have a hard time dealing with tradeoffs and think in absolutes. It goes along with "if you're not a criminal, you have nothing to fear from police," another disturbingly common sentiment.
The mistake would be reading Hacker News and walking away with the conclusion that because people don't post that reasoning here that it doesn't exist (and even then, you do find that does come up here on occasion). People with "nothing to hide" do actually believe that, and while they may not post it to HN for vigorous debate. The easy counterexample from history is the list of Jews kept by the Netherlands which was later used against them after they were conquered by Nazi Germany, but you'd have to interested in history to buy that reason. Some people simply shrug at the "if you don't have anything to hide then you won't mind me filming your bedroom" scenario as you being the creep in the equation. Some people just don't want the trouble and are fine with being surveiled because the powers that be are doing it.
I'd go further and say that checks on police and intelligence agencies exist to protect both the innocent and the guilty from abuse of power.
If I'm doing something wrong, the onus is on the government to prove this within the rules established to prevent such abuse (and on the people, their elected representatives, and the judiciary to ensure these rules are sufficient to accommodate the interests of all parties involved).
> but my line of thinking is not 'do i trust the government' it's 'do I have faith in all future forms of government who will have access to this data'
This is how I view privacy as well. You never know who will be in power and who will access that information in the future with ill intent.
This line of thinking kept me away from the Mpls ICE protests. All of the people that protested had their face, phone, and license plate recorded and documented.
I’m not even afraid of being persecuted by the current administration, it’s the possibility of a much worse administration in the future that gave me pause.
This is why I deleted all of my social media when it began to look like Trump was going to win his second term. I had already suffered enough harassment and death threats from the Nextdoor app and a bit of the same from Facebook.
I know I'm already on some GOP list somewhere, but I figured I'd do whatever I could do to protect myself and my family from the local MAGAs in my area.
I’m not even afraid of being persecuted by the current administration, it’s the possibility of a much worse administration in the future that gave me pause.
Unfortunately, your (entirely understandable) position is exactly what will enable such an administration to come to power.
What you are doing in 2026 is what you would have done in 1936.
> Everyone who's not terribly worried about privacy always uses the line 'if you're not doing anything wrong, you have nothing to worry about'
The right way to reply to that is: not everything that's legal must be public.
You probably don't want the rest of the world to see you poop, or pick your nose, or listen to every word you say. Almost everyone has things they'd be embarrassed to disclose to other people. And this can be weaponized against you should any rival gain access to it.
They may have dodged, ducked, dodged the rules while they DOGE'd their way through the government, but not sure if they used RAM trucks while they did it
The interpretation of the law is classified? That’s stupid and everyone who protected that classification, regardless of whatever the interpretation is, is a traitor!
This is why I'm never giving a penny to OpenAI again, now matter how much damage control Altman tries to do with "look, we reworded the contract to have redlines too!". Yeah, legal redlines that the administration can bypass with their secret memos and secret rubberstamp courts. This isn't even a Trump thing: the Bush DOJ wrote secret memos making torture legal, the Obama DOJ wrote secret memos making it legal to assassinate American citizens. Non-technical redlines which aren't under the vendor's control aren't worth a piss squirt.
Probably the actual classified artifact is an NSA policy document that details the NSA's own interpretation of the law and thus forms part of its governance.
The article lede reads: "Senator Ron Wyden says that when a secret interpretation of Section 702 is eventually declassified, the American public “will be stunned” to learn what the NSA has been doing."
Technically the full quote from Wyden is: "when it is eventually declassified, the American people will be stunned that it took so long and that Congress has been debating this authority with insufficient information."
It's a small thing, but I find the click-bait editorializing from techdirt a bit off-putting.
Key point (mostly drowned): Feds can compel A to surveil B if A maintains equipment or services for B. The Feds can also compel A's silence on point.
Originally applied only to the largest communications companies, this now has effectively unlimited scope.
The only safeguard (which took years to add legislatively) was that the FBI had to clear it; but now the FBI is refusing even to record such requests, to avoid any record of abuse (and the person responsible is dubious).
Surveillance seems necessary, but in the wrong hands, it's systemically deadly: it grants overwhelming advantage, and destroys arms-length trust, driving transactions of any size into networks prone to self-dealing and corruption.
I have wrestled with the concept of 'classified' many times. The question is always how you balance democracy's need for information with the real need to keep some things away from adversaries. I think the only answer is to vigorously enforce automatic declassification AND dissemination but also ensure that this happens within the useful lifetimes of those involved. This last part is especially important for accountability. Laws need to apply, without a statute of limitation, to abuse of classification and for that to happen this stuff needs to come out while those involved can still be held accountable. Additionally, if abuse is found while something is still classified there should be an immediate evaluation if the public interest in understanding the abuse outweighs the danger of releasing the information with an explicit understanding that the public has already received real harm compared to a theoretical harm of release.
Another aspect is that we need to lower the bar for declassification in general. The reality of classified information is that it is almost universally boring and time limited in its value. Also, so many people have access to it that it leaks out slowly anyway. Just look at how much of the US military and contractors have or have had secret and higher clearances. [1] When multiple percentage points of Americans (and other governments) have access currently or have had access in the past to supposedly 'top secret' information then hiding it from the rest of the population just sounds silly. It is time to start re-asserting the public's requirement to be informed even if that has some potential risks or even actual harms associated with it.
I’ve stayed private for most of my adult life. Network wide dns, vpns, alternative personas online for different purposes, etc. Nonetheless, my personal data has been exposed numerous times.
Once in a while, I’d get into a conversation with a friend or a stranger I met at some random function, and they’d ask how to stay private online and protect their data. I used to go in depth about how to do it, with excitement. Now I just say: be normal, fit in with the crowd, freeze your credit.
As someone that worked in an illegal industry (urban pharmaceuticals), you need to appear normal and hide your crimes. If you just hide your crimes, you stick out and become a target.
Plausible deniability is harder than just total protection.
It's very hard to participate in a digital society while truly remaining private. The things you do to ensure privacy generate their own type of unique signal!
The whole concept of 'secret interpretations of law' is anathema to me. Secret information makes sense, there are lots of reasons a government might legitimately want to maintain a veil of obscurity. Secret interpretations of law are a manifestation of tyranny.
I like Ron Wyden but he should just employ his Congressional privilege here and read it out.
I can't imagine it's anything people haven't been suspecting for years - if I had to take a wild guess, it's the government's interpretation of not needing a warrant to scour things for intelligence on citizens using things like adtech and stuff that probably should require a warrant.
Does anyone today think their communication is truly private? Encryption means very little when you hold zero-day exploits and as we’ve seen there are plenty of those.
“ Senator Ron Wyden says that when a secret interpretation of Section 702 is eventually declassified, the American public “will be stunned” to learn what the NSA has been doing”
This is not the same thing as saying people will be stunned by how long it took to discuss/investigate the matter, which is what Wyden actually said…
The warnings are nice but he could just say what it is. Members of Congress have immunity for what they say on the floor of their chamber in session, classification or no.
Immunity from prosecution, maybe, but not immunity from consequence. I can’t imagine congressional leadership would think of it as a good look—and isn’t the “need to know” based on the congressperson’s role? For example don’t they brief only congresspeople in specific roles on specific matters, like the so-called “Gang of Eight” on intelligence matters? [0]
It feels a little like keeping the filibuster around: maybe technically it’s within their power to change the norm, but once unilaterally spilling secrets becomes The Done Thing, it’s hard to imagine it wouldn’t spin out into a free-for-all.
For all the mud that gets slung around, I think congresspeople really don’t get there without some kind of patriotic instinct, some kind of interest in the United States’ ongoing functioning. And I certainly can’t imagine they’d keep getting access to new secrets after pulling something like that, one way or the other…
This is all true and it kind of defines the scope of the harm he is talking about: bad enough for vague warnings, but apparently not bad enough to risk consequences to seniority etc. by outright revealing it.
Worth noting his full quote is that people will be “stunned that it took so long” for the info to come out. Which is not quite the same thing as being stunned in general.
> congressional leadership would think of it as a good look
Why do they have any power? Wyden was elected by his constituency. The "congressional leadership" can go pound sand. To the extent they have any power here it should immediately be completely neutered and then removed.
FISA courts are not sufficient oversight of this stuff. Not to mention there’s little rules for foreign data, including Americans talking to foreigners on the phone. As long as one end is foreign…
You're right. FISA courts are not sufficient oversight. Even Judge James Robertson resigned from the FISA Courts (FISC) in 2005 because:
>On December 20, 2005, Judge James Robertson resigned his position with the court, apparently in protest of the secret surveillance,[11] and later, in the wake of the Snowden leaks of 2013, criticized the court-sanctioned expansion of the scope of government surveillance and its being allowed to craft a secret body of law.[12] The government's apparent circumvention of the court started prior to the increase in court-ordered modifications to warrant requests. In 2011, the Obama administration secretly won permission from the Foreign Intelligence Surveillance Court to reverse restrictions on the National Security Agency's use of intercepted phone calls and e-mails, permitting the agency to search deliberately for Americans' communications in its massive databases.
Under "Oversight", they point out that the Privacy and Civil Liberties Oversight Board concluded that that the government's Section 702 program operates within legal constraints, as recently as 2014! Wow! </sarc>
One of the things I am proud of as an Oregonian is that Wyden is one of my senators. And it looks like maybe, possibly, he is starting to make Merkeley a true believer as well. Which is good, Wyden is getting kinda old, and there aren't enough people like him in Congress, by a long shot.
No means of law enforcement should be so secret that even the legal basis for it can't be revealed to voters. If that renders said means impractical, too goddamn bad.
Wyden has been special, as long as I can remember. I feel like a lot of us early tech people had something of a libertarian bent. I think to some extent I've grown out of it in my less idealistic older age, but the whole idea of freedom from the government, living your own life, not being spied on, still resonates with me, and Wyden has always been a champion of it to some extent. You used to have Ron Paul, and these days now Rand Paul and Thomas Massie sometimes waving that flag, too.
It was definitely swimming upstream in the post-9/11 days. I was hopeful for a while with Trump that we'd see more of a mainstream resurgence, but it's not looking like it to me anymore.
Anyway, I can only imagine what he's alluding to here...
I think it's going to be more about how many people have access to the surveillance who might use it for needless things or personal reasons, at a large scale.
It's my understanding that a single senator can't just filibuster anything they want unless the conditions are right. It depends on a few different factors and requires the bill to be brought to the floor for debate, which itself would require cooperation from the majority leader. That's not likely to happen.
If you're solo you have to actually stand up and talk still it seems. (And even then a 60+ person majority can vote to close the debate on you) Nobody has done it solo for more than 24 hours or so. Presumably at that point you're about ready to keel over.
"I don't need to care about privacy because I have nothing to hide" is trivially disproved:
Humans arrive at conclusions about other humans based on information. Sometimes these conclusions are incorrect because humans aren't perfect at reasoning and this happens more often with some kinds of information.
Therefore, it's perfectly rational to hide/not-disclose/obscure some information to lessen the chance that others take action based on faulty conclusions.
That's insightful. Traditionally both political parties have expanded surveillance powers and engaged in actions that have usurped privacy of US citizens citing national security as the reason. That's historical fact. In my view, when one side does it, it is to stop the other side from doing something that does not align with the former side's interests or goals. But that's just a humble opinion.
I'm going to guess warrantless search of all of our data, retention policies, and the worst part is who gets access to search through it. Basically, I speculate that anyone under a loosely defined classification would be able to access it legally. I also think there's a bunch of information and password sharing between people who don't even have a clearance for it. Perhaps sprinkle in abusing this system for personal or political reasons.
My word of caution is if you do have access to these systems or a shared password, tread very carefully.
Will we? like doesn't everyone already assume the the NSA has had their hooks in basically everything possible.
Like I'm having a hard time concocting a reveal that would be "Stunning"
"NSA wiretapped all major phone carriers, recorded every voice conversation and text message of every citizen"
Meh, not that stunning. at least not in a "violation of rights" kinda way. Maybe in a "wow they had the technical acumen to even handle all that data" kind of way
"NSA has secret database with all medical records", "NSA has logs of every credit card transaction", "NSA can compel anyone anywhere to spy and reveal all data on anyone for any reason"
Would any of these reveals actually be "stunning", frankly I've assumed the worst for so long that the response will be more like "wow, that all they're doing?"
like opening a diaper on a kid with IBS, you expect it to be so bad when it's a normal turd you're suddenly really happy about shit.
That's not what the quote is referring to directly (the title is a bit misleading):
"In fact, when it is eventually declassified, the American people will be stunned that it took so long and that Congress has been debating this authority with insufficient information"
You are correct that the American populace has normalized this already. The fact that this is done without congressional oversight is indeed stunning. Or at least it would have been a decade or two ago.
> Would any of these reveals actually be "stunning",
Everyone knew the NSA spied on everyone, yet Snowden leaks were truly stunning, because no one had evidence of the sheer scale of what the NSA (and collaborators) were engaged in. Wyden Siren was already firing off about that many years beforehand, before we knew the actual truth, so considering his record, I'm also skeptical it'll be "truly shocking" for the average HN tech-nerd, but for the general public, to have evidence of what the government does? Probably will be "stunning", but the one who lives will see.
So - given the law allows the NSA to do things given legal constructs, reality be damned, then what new legal construct do you think Wyden is sounding the alarm about?
When we un-tether the possibile from tech-specific delineations, you'll find things get more and more alarming.
Whatever it is Wyden is sounding the alarm about, you can be certain the sole protection we have - the sole guiding principle and bulwark against abuse - is the agency's culture given the rampant "incidental" collection and the public claims that putting the equivalent of a removable sticky-note over the names of U.S. citizens from their personal data is sufficient to satisfy the 4th Amendment as the NSA searches through our persinal data in bulk.
And what is culture if not the people we have to promote the practices?
Boy am I glad we have an administration that lets agencies largely lead themselves and doesn't engage in efforts to replace a large part of various agency's workforce - specifically those who care about the agency's culture!
I wouldn't be surprised by it, but "they're actually using all of the above, laundered through some extra steps, to provide leads to state and local LEO" would probably get people pissed off.
> Would any of these reveals actually be "stunning", frankly I've assumed the worst for so long that the response will be more like "wow, that all they're doing?"
You’re far more cynical than the typical citizen, who Ryder is addressing.
Claim: We’ll Be “Stunned” By What the NSA Is Doing Under Section 702
Actual quote: I strongly believe that this matter can and should be declassified and that Congress needs to debate it openly before Section 702 is reauthorized. In fact, when it is eventually declassified, the American people will be stunned that it took so long and that Congress has been debating this authority with insufficient information.
He said people will be stunned that it took so long to be declassified; not that people will be stunned by what it is.
Everyone who's not terribly worried about privacy always uses the line 'if you're not doing anything wrong, you have nothing to worry about', but my line of thinking is not 'do i trust the government' it's 'do I have faith in all future forms of government who will have access to this data'
Given how fast and lose I've seen the DODGE folks play with the data they have, absolutely not. I still shudder over the fact that my OPM data was hacked years ago
> Everyone who's not terribly worried about privacy always uses the line 'if you're not doing anything wrong, you have nothing to worry about',
"Saying you don't need privacy because you have nothing to hide is like saying you don't need freedom of speech because you have nothing to say." - Edward Snowden
Locks on bathroom doors are for privacy, not security.
3 replies →
> it's 'do I have faith in all future forms of government who will have access to this data'
And even this assumes that the government can and will protect the data from the various bad actors who want it, something they have absolutely failed to do on multiple occasions.
You forgot that your government is the bad actor. For them the laws do not apply
It's not "if you're not doing anything wrong" you need to worry about, it's "what will they make wrong down the road to trip me up" you need to consider.
if you're not doing anything wrong, a government that is doing something wrong may not like it
This, exactly.
And governments are always doing something wrong...
I have seen what happens with garbage-in/garbage-out in databases, so this kind of stuff terrifies me. I often think of a case where we had a person listed twice in our database, with same address, birthday, etc, only thing different was gender, and last 2 digits of SSN were transposed..
After we 'fixed' the issue a few times, they BOTH showed up to our office.
Both Named Leslie, born on same day, a few small towns apart, same last name and home phone since they had been married. Back then, SSN were handed out by region sequentially, so one had the last two digits 12 and the other 21.
Funny. I have a brother. We have at times lived together, went to the same school, and after not living together, lived on the same street. A couple of times, one or more credit bureaus decided we were the same person and silently merged our credit files. Not a nightmare per se since we're both fiscally (mostly) responsible, but we generally find out how incompetent the bureaus are when we're trying to make some very large transaction (I was trying to buy a car, he was trying to buy a building for work) and suddenly get "why do you own 2 houses, a bunch of cars, and you're apparently a bigamist". And then we had to scramble to untangle the whole mess. Lawyers were involved. The bureaus do not care in the slightest.
My uncle married a woman with the same first and middle name as one of his sisters. My new aunt chose to use her husband’s name as her married name, without hyphenation or anything. His sister, my aunt, never married. One was an RN and the other is an LPN.
They were born in different years. Their SSNs were not close. For one of them the name was her maiden name. For the other, a married name. They went to different colleges and had different credentials. They did live in the same town.
When my aunt died, all the credit companies and collections companies tried one of two recovery tactics. Some tried to make her brother pay the debts as her surviving spouse. The others tried to assert that the debts were incurred by his wife and that the mismatch of other data in their own databases was evidence of fraud.
1 reply →
That's funny as a human, amazing as a developer, and terrifying as a data processor. All at the same time.
I'll bet that pair has stories to tell.
5 replies →
A couple years ago the WSJ had a feature article on the phenomenon of married couples who shared the same given name:
https://www.wsj.com/articles/taylor-lautner-taylor-dome-wife...
I have two younger brothers. They have the same last name, first initial, a history of having lived at the same address, and the same birth date, because they're twins.
Every time one of them goes to a particular medical facility, he has to explicitly decline having them merge their charts.
Being married to someone with the same name could be very confusing!
Does anyone ever actually use that line? Most people will argue that the trade off in privacy is worth it for security.
That is, if you frame your argument such that you believe people don’t understand the trade off it allows you to not engage with the fact they just disagree with your conclusion.
Have you ever sat on a jury in a criminal case? A frighteningly high percentage of people will swallow every lie a cop tells, even when thoroughly discredited in cross-examination. There's no shortage of people to guard the concentration camps.
5 replies →
Yes all the time and it’s not worth debating them as they are not about to say anything interesting.
Usually just make a quip about having curtains then move onto discussing just how moist the turkey is this year
1 reply →
Constantly. Most people have a hard time dealing with tradeoffs and think in absolutes. It goes along with "if you're not a criminal, you have nothing to fear from police," another disturbingly common sentiment.
Some prominent examples:
https://www.bbc.com/news/uk-22832263
https://www.instagram.com/reel/DSVJmOajGDe/
https://thestandard.nz/if-you-have-nothing-to-hide-you-have-...
> Does anyone ever actually use that line?
Yes, I've heard that exact wording from cops.
From normal people, the more common way of saying it is along the lines of "well I don't really care if the cops see anything on my computer".
> Does anyone ever actually use that line?
Not that exact phrase, it is too elaborate. Most people grunt "eh, don't care" and "it's free, right?"
The average person really is that apathetic.
The mistake would be reading Hacker News and walking away with the conclusion that because people don't post that reasoning here that it doesn't exist (and even then, you do find that does come up here on occasion). People with "nothing to hide" do actually believe that, and while they may not post it to HN for vigorous debate. The easy counterexample from history is the list of Jews kept by the Netherlands which was later used against them after they were conquered by Nazi Germany, but you'd have to interested in history to buy that reason. Some people simply shrug at the "if you don't have anything to hide then you won't mind me filming your bedroom" scenario as you being the creep in the equation. Some people just don't want the trouble and are fine with being surveiled because the powers that be are doing it.
1 reply →
I'd go further and say that checks on police and intelligence agencies exist to protect both the innocent and the guilty from abuse of power.
If I'm doing something wrong, the onus is on the government to prove this within the rules established to prevent such abuse (and on the people, their elected representatives, and the judiciary to ensure these rules are sufficient to accommodate the interests of all parties involved).
So, in theory, you do agree with the current fisa setup and were just haggling over details.
> but my line of thinking is not 'do i trust the government' it's 'do I have faith in all future forms of government who will have access to this data'
This is how I view privacy as well. You never know who will be in power and who will access that information in the future with ill intent.
This line of thinking kept me away from the Mpls ICE protests. All of the people that protested had their face, phone, and license plate recorded and documented.
I’m not even afraid of being persecuted by the current administration, it’s the possibility of a much worse administration in the future that gave me pause.
This is why I deleted all of my social media when it began to look like Trump was going to win his second term. I had already suffered enough harassment and death threats from the Nextdoor app and a bit of the same from Facebook.
I know I'm already on some GOP list somewhere, but I figured I'd do whatever I could do to protect myself and my family from the local MAGAs in my area.
Not even future governments. There's also this: https://www.eff.org/deeplinks/2024/10/salt-typhoon-hack-show...
I’m not even afraid of being persecuted by the current administration, it’s the possibility of a much worse administration in the future that gave me pause.
Unfortunately, your (entirely understandable) position is exactly what will enable such an administration to come to power.
What you are doing in 2026 is what you would have done in 1936.
1 reply →
Everyone who's not terribly worried about privacy always uses the line 'if you're not doing anything wrong, you have nothing to worry about'
The people who say "I'm not doing anything wrong, so I have nothing to hide" simply don't understand that it's not their call.
> Everyone who's not terribly worried about privacy always uses the line 'if you're not doing anything wrong, you have nothing to worry about'
The right way to reply to that is: not everything that's legal must be public.
You probably don't want the rest of the world to see you poop, or pick your nose, or listen to every word you say. Almost everyone has things they'd be embarrassed to disclose to other people. And this can be weaponized against you should any rival gain access to it.
"If you have money in your pocket you always have something to worry about."
[flagged]
DOGE != DODGE
They may have dodged, ducked, dodged the rules while they DOGE'd their way through the government, but not sure if they used RAM trucks while they did it
The interpretation of the law is classified? That’s stupid and everyone who protected that classification, regardless of whatever the interpretation is, is a traitor!
Secret laws, secret courts... Jeez, man.
no no don't worry! They have courts! They're following due process, you see!
24 years of the Patriot Act, and counting...
This is why I'm never giving a penny to OpenAI again, now matter how much damage control Altman tries to do with "look, we reworded the contract to have redlines too!". Yeah, legal redlines that the administration can bypass with their secret memos and secret rubberstamp courts. This isn't even a Trump thing: the Bush DOJ wrote secret memos making torture legal, the Obama DOJ wrote secret memos making it legal to assassinate American citizens. Non-technical redlines which aren't under the vendor's control aren't worth a piss squirt.
5 replies →
Probably the actual classified artifact is an NSA policy document that details the NSA's own interpretation of the law and thus forms part of its governance.
The article lede reads: "Senator Ron Wyden says that when a secret interpretation of Section 702 is eventually declassified, the American public “will be stunned” to learn what the NSA has been doing."
Technically the full quote from Wyden is: "when it is eventually declassified, the American people will be stunned that it took so long and that Congress has been debating this authority with insufficient information."
It's a small thing, but I find the click-bait editorializing from techdirt a bit off-putting.
Key point (mostly drowned): Feds can compel A to surveil B if A maintains equipment or services for B. The Feds can also compel A's silence on point.
Originally applied only to the largest communications companies, this now has effectively unlimited scope.
The only safeguard (which took years to add legislatively) was that the FBI had to clear it; but now the FBI is refusing even to record such requests, to avoid any record of abuse (and the person responsible is dubious).
Surveillance seems necessary, but in the wrong hands, it's systemically deadly: it grants overwhelming advantage, and destroys arms-length trust, driving transactions of any size into networks prone to self-dealing and corruption.
I have wrestled with the concept of 'classified' many times. The question is always how you balance democracy's need for information with the real need to keep some things away from adversaries. I think the only answer is to vigorously enforce automatic declassification AND dissemination but also ensure that this happens within the useful lifetimes of those involved. This last part is especially important for accountability. Laws need to apply, without a statute of limitation, to abuse of classification and for that to happen this stuff needs to come out while those involved can still be held accountable. Additionally, if abuse is found while something is still classified there should be an immediate evaluation if the public interest in understanding the abuse outweighs the danger of releasing the information with an explicit understanding that the public has already received real harm compared to a theoretical harm of release.
Another aspect is that we need to lower the bar for declassification in general. The reality of classified information is that it is almost universally boring and time limited in its value. Also, so many people have access to it that it leaks out slowly anyway. Just look at how much of the US military and contractors have or have had secret and higher clearances. [1] When multiple percentage points of Americans (and other governments) have access currently or have had access in the past to supposedly 'top secret' information then hiding it from the rest of the population just sounds silly. It is time to start re-asserting the public's requirement to be informed even if that has some potential risks or even actual harms associated with it.
[1] https://news.clearancejobs.com/2022/08/16/how-many-people-ha...
I’ve stayed private for most of my adult life. Network wide dns, vpns, alternative personas online for different purposes, etc. Nonetheless, my personal data has been exposed numerous times.
Once in a while, I’d get into a conversation with a friend or a stranger I met at some random function, and they’d ask how to stay private online and protect their data. I used to go in depth about how to do it, with excitement. Now I just say: be normal, fit in with the crowd, freeze your credit.
As someone that worked in an illegal industry (urban pharmaceuticals), you need to appear normal and hide your crimes. If you just hide your crimes, you stick out and become a target.
Plausible deniability is harder than just total protection.
Yes.
It's very hard to participate in a digital society while truly remaining private. The things you do to ensure privacy generate their own type of unique signal!
https://chuniversiteit.nl/papers/browser-extension-fingerpri...
You know this, but "normal" patterns are less remarkable.
The whole concept of 'secret interpretations of law' is anathema to me. Secret information makes sense, there are lots of reasons a government might legitimately want to maintain a veil of obscurity. Secret interpretations of law are a manifestation of tyranny.
I like Ron Wyden but he should just employ his Congressional privilege here and read it out.
Coincidentally, there’s an article about this exact topic and it happens to mention Senator Wyden.
https://www.pointoforder.com/2013/08/06/congressional-releas...
I can't imagine it's anything people haven't been suspecting for years - if I had to take a wild guess, it's the government's interpretation of not needing a warrant to scour things for intelligence on citizens using things like adtech and stuff that probably should require a warrant.
Does anyone today think their communication is truly private? Encryption means very little when you hold zero-day exploits and as we’ve seen there are plenty of those.
you dont need exploits for privacy incursions, it’s all for sale
“ Senator Ron Wyden says that when a secret interpretation of Section 702 is eventually declassified, the American public “will be stunned” to learn what the NSA has been doing”
This is not the same thing as saying people will be stunned by how long it took to discuss/investigate the matter, which is what Wyden actually said…
Secrecy is anathema to governance accountable to the governed.
So glad to see my Oregon senator regularly on the money.
I can name 3 ethical politicians, Ron Wyden, John Huntsman and Bob Graham. It's a painfully short list, considering my longish life.
The warnings are nice but he could just say what it is. Members of Congress have immunity for what they say on the floor of their chamber in session, classification or no.
Immunity from prosecution, maybe, but not immunity from consequence. I can’t imagine congressional leadership would think of it as a good look—and isn’t the “need to know” based on the congressperson’s role? For example don’t they brief only congresspeople in specific roles on specific matters, like the so-called “Gang of Eight” on intelligence matters? [0]
It feels a little like keeping the filibuster around: maybe technically it’s within their power to change the norm, but once unilaterally spilling secrets becomes The Done Thing, it’s hard to imagine it wouldn’t spin out into a free-for-all.
For all the mud that gets slung around, I think congresspeople really don’t get there without some kind of patriotic instinct, some kind of interest in the United States’ ongoing functioning. And I certainly can’t imagine they’d keep getting access to new secrets after pulling something like that, one way or the other…
[0] https://en.wikipedia.org/wiki/Gang_of_Eight_(intelligence)
This is all true and it kind of defines the scope of the harm he is talking about: bad enough for vague warnings, but apparently not bad enough to risk consequences to seniority etc. by outright revealing it.
Worth noting his full quote is that people will be “stunned that it took so long” for the info to come out. Which is not quite the same thing as being stunned in general.
You can say the same thing about secret laws and tyrannical executives.
> congressional leadership would think of it as a good look
Why do they have any power? Wyden was elected by his constituency. The "congressional leadership" can go pound sand. To the extent they have any power here it should immediately be completely neutered and then removed.
3 replies →
That is correct, and also it would likely result in a revocation of clearance.
FISA courts are not sufficient oversight of this stuff. Not to mention there’s little rules for foreign data, including Americans talking to foreigners on the phone. As long as one end is foreign…
You're right. FISA courts are not sufficient oversight. Even Judge James Robertson resigned from the FISA Courts (FISC) in 2005 because:
>On December 20, 2005, Judge James Robertson resigned his position with the court, apparently in protest of the secret surveillance,[11] and later, in the wake of the Snowden leaks of 2013, criticized the court-sanctioned expansion of the scope of government surveillance and its being allowed to craft a secret body of law.[12] The government's apparent circumvention of the court started prior to the increase in court-ordered modifications to warrant requests. In 2011, the Obama administration secretly won permission from the Foreign Intelligence Surveillance Court to reverse restrictions on the National Security Agency's use of intercepted phone calls and e-mails, permitting the agency to search deliberately for Americans' communications in its massive databases.
I looked up Section 702 and top result was an official government powerpoint justifying it to the public. https://www.dni.gov/files/icotr/Section702-Basics-Infographi...
Under "Oversight", they point out that the Privacy and Civil Liberties Oversight Board concluded that that the government's Section 702 program operates within legal constraints, as recently as 2014! Wow! </sarc>
One of the things I am proud of as an Oregonian is that Wyden is one of my senators. And it looks like maybe, possibly, he is starting to make Merkeley a true believer as well. Which is good, Wyden is getting kinda old, and there aren't enough people like him in Congress, by a long shot.
> Wyden is getting kinda old, and there aren't enough people like him in Congress, by a long shot.
I can't name another indisputably ethical congressman. I dread the day he leaves office.
No means of law enforcement should be so secret that even the legal basis for it can't be revealed to voters. If that renders said means impractical, too goddamn bad.
Wyden is a national treasure.
Thank you for your service, Ron.
Also: Hello from Roseburg.
I hope we get someone as good as he is when he retires. Waves from Bend.
Wyden is a vote I cast without issue.
He is one of the few that is actually looking into Epstein bank accounts movements.
Wyden has been special, as long as I can remember. I feel like a lot of us early tech people had something of a libertarian bent. I think to some extent I've grown out of it in my less idealistic older age, but the whole idea of freedom from the government, living your own life, not being spied on, still resonates with me, and Wyden has always been a champion of it to some extent. You used to have Ron Paul, and these days now Rand Paul and Thomas Massie sometimes waving that flag, too.
It was definitely swimming upstream in the post-9/11 days. I was hopeful for a while with Trump that we'd see more of a mainstream resurgence, but it's not looking like it to me anymore.
Anyway, I can only imagine what he's alluding to here...
I think he is a reflection of the broader libertarian streak of Oregonians.
Source: am Oregonian.
It's been my experience that most people already assume full surveillance of everything happening on all devices.
You'd be surprised, I know IT managers with 20 years experience who ( probably incorrectly) think otherwise.
I think it's going to be more about how many people have access to the surveillance who might use it for needless things or personal reasons, at a large scale.
Thanks Senator Wyden. Please do not stop fighting for us.
If it was so important, wouldn't he just filibuster it till he got what he wanted?
It's my understanding that a single senator can't just filibuster anything they want unless the conditions are right. It depends on a few different factors and requires the bill to be brought to the floor for debate, which itself would require cooperation from the majority leader. That's not likely to happen.
If you're solo you have to actually stand up and talk still it seems. (And even then a 60+ person majority can vote to close the debate on you) Nobody has done it solo for more than 24 hours or so. Presumably at that point you're about ready to keel over.
Filibuster what, exactly? No proposal is before the Senate...
ON edit: Oops, sorry, 702 is up for renewal. Still not clear he could win a cloture vote, though.
He needs 40 other Senators to agree with him; 60 votes can close debate and stop a filibuster.
Whatever we imagine, the NSA seems to top it each time.
I wouldn’t be surprised by anything nowadays.
As I've said before:
"I don't need to care about privacy because I have nothing to hide" is trivially disproved:
Humans arrive at conclusions about other humans based on information. Sometimes these conclusions are incorrect because humans aren't perfect at reasoning and this happens more often with some kinds of information.
Therefore, it's perfectly rational to hide/not-disclose/obscure some information to lessen the chance that others take action based on faulty conclusions.
That's insightful. Traditionally both political parties have expanded surveillance powers and engaged in actions that have usurped privacy of US citizens citing national security as the reason. That's historical fact. In my view, when one side does it, it is to stop the other side from doing something that does not align with the former side's interests or goals. But that's just a humble opinion.
I can easily imagine that the NSA has exabytes of data with Splunk style search capabilities. It would be ridiculously powerful.
I'm going to guess warrantless search of all of our data, retention policies, and the worst part is who gets access to search through it. Basically, I speculate that anyone under a loosely defined classification would be able to access it legally. I also think there's a bunch of information and password sharing between people who don't even have a clearance for it. Perhaps sprinkle in abusing this system for personal or political reasons.
My word of caution is if you do have access to these systems or a shared password, tread very carefully.
Will we? like doesn't everyone already assume the the NSA has had their hooks in basically everything possible.
Like I'm having a hard time concocting a reveal that would be "Stunning"
"NSA wiretapped all major phone carriers, recorded every voice conversation and text message of every citizen"
Meh, not that stunning. at least not in a "violation of rights" kinda way. Maybe in a "wow they had the technical acumen to even handle all that data" kind of way
"NSA has secret database with all medical records", "NSA has logs of every credit card transaction", "NSA can compel anyone anywhere to spy and reveal all data on anyone for any reason"
Would any of these reveals actually be "stunning", frankly I've assumed the worst for so long that the response will be more like "wow, that all they're doing?"
like opening a diaper on a kid with IBS, you expect it to be so bad when it's a normal turd you're suddenly really happy about shit.
That's not what the quote is referring to directly (the title is a bit misleading):
"In fact, when it is eventually declassified, the American people will be stunned that it took so long and that Congress has been debating this authority with insufficient information"
You are correct that the American populace has normalized this already. The fact that this is done without congressional oversight is indeed stunning. Or at least it would have been a decade or two ago.
> Would any of these reveals actually be "stunning",
Everyone knew the NSA spied on everyone, yet Snowden leaks were truly stunning, because no one had evidence of the sheer scale of what the NSA (and collaborators) were engaged in. Wyden Siren was already firing off about that many years beforehand, before we knew the actual truth, so considering his record, I'm also skeptical it'll be "truly shocking" for the average HN tech-nerd, but for the general public, to have evidence of what the government does? Probably will be "stunning", but the one who lives will see.
So - given the law allows the NSA to do things given legal constructs, reality be damned, then what new legal construct do you think Wyden is sounding the alarm about?
When we un-tether the possibile from tech-specific delineations, you'll find things get more and more alarming.
Whatever it is Wyden is sounding the alarm about, you can be certain the sole protection we have - the sole guiding principle and bulwark against abuse - is the agency's culture given the rampant "incidental" collection and the public claims that putting the equivalent of a removable sticky-note over the names of U.S. citizens from their personal data is sufficient to satisfy the 4th Amendment as the NSA searches through our persinal data in bulk.
And what is culture if not the people we have to promote the practices?
Boy am I glad we have an administration that lets agencies largely lead themselves and doesn't engage in efforts to replace a large part of various agency's workforce - specifically those who care about the agency's culture!
HN readers won't be surprised, but I don't think that's who he is talking about.
Most Americans have this kind of thing tuned out, that have bigger issues in their lives.
I wouldn't be surprised by it, but "they're actually using all of the above, laundered through some extra steps, to provide leads to state and local LEO" would probably get people pissed off.
Soma ( social media ) keeps everyone comfortably sedated
1 reply →
Don't forget backdooring or interfering with multiple cryptography standards, at least Dual_EC_DRBG and RSA.
Or backdooring most major microprocessors (tpm).
Etc?
To which TPM backdoors are you referring?
I am aware that similar accusations are leveled against Intel ME and AMD's Platform Security Processor.
2 replies →
> Would any of these reveals actually be "stunning", frankly I've assumed the worst for so long that the response will be more like "wow, that all they're doing?"
You’re far more cynical than the typical citizen, who Ryder is addressing.
Uhm this article is a total lie, no?
Claim: We’ll Be “Stunned” By What the NSA Is Doing Under Section 702
Actual quote: I strongly believe that this matter can and should be declassified and that Congress needs to debate it openly before Section 702 is reauthorized. In fact, when it is eventually declassified, the American people will be stunned that it took so long and that Congress has been debating this authority with insufficient information.
He said people will be stunned that it took so long to be declassified; not that people will be stunned by what it is.