← Back to context

Comment by betterunix

12 years ago

Information theory is basically irrelevant here, as is any formal logic -- I would think that someone with your legal background would understand that logic and the interpretation of the law do not always coincide. You can easily create a paradox by making the canary be a daily notification sent to each customer informing them that they are the target of an NSL, which may be logically problematic but is completely irrelevant in court. I also think a company could have a reasonable defense if the fact that a customer is under surveillance were revealed by a side channel e.g. an observable increase in latency, despite the clear information theoretic argument that that such a side channel "communicates" the surveillance to a customer.

3 comments

betterunix

Reply
im3w1l  12 years ago

>You can easily create a paradox by making the canary be a daily notification sent to each customer informing them that they are the target of an NSL, which may be logically problematic but is completely irrelevant in court.*

Now that, that is genius.

rayiner  12 years ago

> I also think a company could have a reasonable defense if the fact that a customer is under surveillance were revealed by a side channel e.g. an observable increase in latency, despite the clear information theoretic argument that that such a side channel "communicates" the surveillance to a customer.

If the intent was to communicate, I don't see how the fact that it's a side channel is relevant.

  • betterunix  12 years ago

    Yeah but now you need to work to prove intent. A company can make a good defense that the side channel was unintentional, especially if they never bothered to tell their customers what to look for (someone would eventually figure it out on their own, if the latency difference was noticeable). It could happen without the company's management or legal team even knowing; a developer could just hide a subtle scalability bug in the wiretapping system, so that a large number of wiretap requests triggers the side channel (take a look at the Underhanded C Contest if you doubt that such a bug can be easily hidden in even a small codebase).