Re: So, what crypto legislation (if any) is necessary?
At 04:54 PM 3/29/96 -0500, Black Unicorn wrote:
On Fri, 29 Mar 1996, jim bell wrote:
I thought I would take the time to let everyone know that this is baseless as well. Most jurisdictions forbid third parties to reveal prosecution inquries to the principal for which they are holding documents or other information. A VERY few have laws on the books that require this disclosure. Switzerland is no longer one of them.
As usual, Unicorn is FOS. Not entirely in his facts, but in his conclusions. To "forbit third parties to reveal prosecution inquiries" is an obvious violation of freedom of speech, and in fact is PRIOR RESTRAINT. Maybe Unicorn can't see what's wrong with that, but I can. It is unclear whether this has ever been tested in court, or whether that test occurred recently.
(Snore) How many cases do you want me to cite that hold that the disclosure of an inquiry with the intent of evasion is conspiracy and entails criminal charges?
You _do_ have an odd way with words. "entails" criminal charges? Hey, they can charge ANYBODY with ANYTHING, but that doesn't mean that a crime has actually been committed. Further, it isn't clear that anybody is obligated to respond to a subpoena without the possibility of a court challenge, and your fantasy about the cops showing up and trying to strongarm the ISP is laughable at best.
Do you honestly think you can evade prosecution for suborning the destruction of material evidence in a criminal trial?
Who said anything about "destruction of material evidence"? Refusing to hand over information until AFTER a court has properly responded to a challenge to a subpoena is old hat to newspapers, TV stations, and other media-organizations who are occasioinally served with a subpoena. The ISP need merely say, I'm challenging this subpoena in court, go away motherfuckers! ISP prepares a challenge, "CC's" ALL the affected individuals, (including the person whose information is desired!), and the validity of the subpoena is tested.
Please.
My feelings exactly. Please stop acting like a government suck-up all the time. Maybe you're paid to do it, but unless you're a plant, you're on your free time now.
For example, if I ask my ISP to send me an anonymous, encrypted message with the word, "Rosebud" in it to me if he receives any requests to tap my connection, he can do so with no fear of being discovered, because no third party can decrypt the message, know who is is from, or know the real meaning of the word, "Rosebud" in the context of an encrypted, anonymized message. Further, since the whole thing is by pre-arrangement, even I cannot prove (to the satisfaction of a third party) that the message really meant what I would interpret it to mean. The message is useful to me, as a warning, but it could never turn around and "bite" the ISP.
Unfortunately, by the time (in the case of domestic investigations, and foreign investigations in more compliant jurisdictions) it gets to the point where authorities are checking about, they will have walked into the ISP and personally requested the information with subpoena in hand.
Again, you blindly assume that the subpoena can't be challenged in court. It can be.
Perhaps the ISP with the nerve to destroy material evidence in the presence of law enforcement exists,
You keep inventing these phony scenarios, building up these straw men and knocking them down. Clearly, your underlying argument is quite weak. I said nothing about "destroying evidence." In fact, the ISP could simply encrypt everything with the target's public key, and keep it. That's not "destroying evidence," that's locking it away in such a way so that nobody except the target can unlock it. Ideally, this would be done automatically every time a person calls his ISP, although the software to do this probably doesn't exist yet. The result would be that whenever the target was NOT connected to the ISP, there would be no information on the ISP's system that could be decrypted by the ISP operator. This would be one of those inventive future uses of encryption, well beyond plain vanilla PGP, which we must assure ourselves will be developed. The kind of thing you dread, obviously.
but I sincerely doubt this ISP will escape serious prosecution for doing it.
I sincerely doubt Unicorn will ever stop being a government suck-up.
At the very least the employees of the ISP will have knowledge of this practice. Unless it's a single person run ISP, I doubt you're going to be able to keep everyone from testifying. What you propose is a crime in the United States, and in many foreign jurisdictions.
If an ISP's system automatically encrypts all received message's with the destination's public key when received, and doesn't keep an unencrypted copy around, showing up at that ISP's location with a warrant will result in ZERO (ZIP, ZILCH, NEGATORI, etc) information that can be delivered, unencrypted, to the cops.
The end result is that your foolish opinion of what the law allows will simply become irrelevant: The government cannot mandate what it cannot enforce, and it cannot enforce what it cannot detect.
I have often noted that the best defense is the lack of detection in the first place.
No, an even better defense is to make it absolutely impossible, as a matter of business practice, to assist the police with any kind of an investigation. Before you go off and shoot your mouth off about how evil and bad that is, you need to remember that regular destruction of records is an acceptable practice in any company today. While courts will look askance at it when it does not appear to be a regular business practice (say, the company gets sued today and they have a mass shredding tomorrow) there is nothing wrong about regularly making past records unavailable by shredding, burning, erasing, or by any other method. Making those records SELECTIVELY unavailable by encrypting them with somebody else's public key and keeping them has probably never been tested in court, but if the business contracts this ISP regularly signs have this as a provision of doing business, the court can't squawk after the fact. After all, the ISP might have simply erased the files, keeping them from being accessed by ANYBODY, including their "owner."
Unfortunately this is the oft denounced "security through obscurity." Look, I know it's fun to imagine you can thwart the authorities with impunity within the United States.
Hey, you can FREQUENTLY "thwart the authorities." If I have evidence of a crime in my house, the cops can't come in unless they have a warrant. If I know they're coming, and can destroy it untraceably, I WIN! See, that's how freedom works! It's nearly the exact opposite of "the government can do anything it wants, any time it wants, and anybody who frustrates them is a criminal!" Naturally, you won't like this.
Unfortunately it is a fantasy. The system you propose requires someone to be present in the ISP 24 hours a day. It requires some method of getting word to the operator who will trigger the alarm both that an investigation is looming, and who it entails. It requires someone to talk to the authorities and stall them while the message is sent. It requires you to be sitting at the screen when the message is received (perhaps this isn't a problem for Mr. Bell), or to get home before the law enforcement officials get a 2 hour warrant and open your door.
Yet another one of your multiple problems is that you have no imagination when it comes to "thwarting the authorities." I do. Don't try to tell me what can't be done, because I'll turn around and tell you how it CAN be done! I just did. The actual implementation waits for some slick coder to do it, but I give you 5 years, tops, before it's in regular usage. And that's assuming they're all a bunch of lazy bastards.
3. And the ever-popular, "He's afraid of getting killed, or his ISP business torched, if word later leaks out that he failed to inform his customer of an investigation." Don't underestimate the significance of such a risk to those people. Destruction of even a full phone switch would not have fazed ATT in the 1960's, but a small ISP depends on valuable equipment at (presumably) a single location. Getting a person mad at them for failing to anonymously inform them of an inquiry would NOT be the best tactic for these small-time operators.
Your last resort in all of your arguments seems to be murder, extortion, the threat of bodily harm, arson or assault, or destruction of private property.
A list which seems to be the current modus operandi of most levels of government in America, today. In any case, I think it's fair to hold an ISP to his word and contract. If the "normal" referee to such contracts (the court system) becomes biased because it begins to be an interested party to the enforcement of the contract terms, then bypassing that court system is unavoidable and is entirely appropriate. You won't like this, either.
Even if a judge was convinced by the defense not to levy heavy fines against a third party who pleaded that he or she was simply unable to comply, informing the principal would literally assure such fines would be imposed regardless.
Again, you assume that informing "the principal" would be detectable. Your wishful thinking is palpable.
No. I speak from experience when I say that "proof" of complicity is rarely a requirement. The judge need only suspect wrong doing. It's easy to levy contempt fines, and very hard to overturn them.
It's easy to kill, and hard to resurrect the dead.
The standard in most jurisdictions is "clearly erronious." Tough stuff.
Yes, I'd say you're "clearly erronious." If you can repeatedly describe, in nominally accurate terms, how abusive the government has become and NOT oppose its actions with every fiber in your being, then YOU have made yourself part of the problem.
I really wish you'd be able to distinguish what "the law" could do, given limitless knowledge of the actions of the population, and the REAL WORLD, in which those judges and prosecutors and cops are limited in what they can do by what they can know. This is critical, because we are rapidly approaching a time in which what these people know will be dramatically limited by many of the technologies regularly discussed on Cypherpunks.
Unfortunately, fines and penalities are imposed every day based on assumptions by the trier of fact. Go watch a major court case some time.
You still haven't given me specific examples.
Bullets could easily fly.
And will. I've seen this happen. Trustee refuses to produce documents, court imposes compelled discovery, documents burn or are lost or have been stolen, trustee (who can be assigned no direct evidence of complicity) is fined heftily. A case I was not personally involved in saw the judge jail the trustee for 4 months.
That's not what I'm referring to. Judges are mortal. If they abuse the sense of propriety of the average indidivual, they SHOULD be removed, by legal methods if possible, by other methods if not. Remember that prosecutor who died in Boston a few months ago? You know, the one who made the national news? I'm still waiting to see how that one came out, but I suspect they will never be able to prove who did it, and may not even be able to find out.
With Mr. Bell as a defense attorney, who needs prosecutors?
If I intended to limit myself to the tools of the court room (that's the enemy's playpen, BTW) I would probably be just as ineffective as the next defense attorney.
So again, we see Mr. Bell in his basic form. Violent offender. He will obtain by force that which he cannot argue into his hands.
Except that in a court room, the decision maker is PAID by a party to the case, the government. That sounds like a classic conflict of interest to me. What's the old rhyme, "Treason doth not prosper, what is the reason? Where treason does prosper, none dare call it treason." Jim Bell jimbell@pacifier.com
On Fri, 29 Mar 1996, jim bell wrote:
At 04:54 PM 3/29/96 -0500, Black Unicorn wrote:
On Fri, 29 Mar 1996, jim bell wrote:
(Snore) How many cases do you want me to cite that hold that the disclosure of an inquiry with the intent of evasion is conspiracy and entails criminal charges?
You _do_ have an odd way with words. "entails" criminal charges? Hey, they can charge ANYBODY with ANYTHING, but that doesn't mean that a crime has actually been committed. Further, it isn't clear that anybody is obligated to respond to a subpoena without the possibility of a court challenge, and your fantasy about the cops showing up and trying to strongarm the ISP is laughable at best.
Ok, forget "entails" try "is a crime." As for strong arming, ever see a search warrant served at a law firm or a trust company, or a bank?
Do you honestly think you can evade prosecution for suborning the destruction of material evidence in a criminal trial?
Who said anything about "destruction of material evidence"? Refusing to hand over information until AFTER a court has properly responded to a challenge to a subpoena is old hat to newspapers, TV stations, and other media-organizations who are occasioinally served with a subpoena. The ISP need merely say, I'm challenging this subpoena in court, go away motherfuckers! ISP prepares a challenge, "CC's" ALL the affected individuals, (including the person whose information is desired!), and the validity of the subpoena is tested.
What you miss are provisions for the preservation of evidence called for in the order during the hearing process. The fact that you can fight a subpoena has no bearing what-so-ever on the fact that its a crime to destroy the evidence until the court rules that its non-material or otherwise quashes the subpoena. I grow tired of being the source of your continuing legal education.
My feelings exactly. Please stop acting like a government suck-up all the time. Maybe you're paid to do it, but unless you're a plant, you're on your free time now.
Anyone who knows me knows I spend all my days end arounding the U.S. government. The reason you can't see that is because I don't threaten to murder officials, but choose the intellectual detour around the myopic laws instead. I realize that, lacking the facilities to pursue the latter, you must resort to the former.
Unfortunately, by the time (in the case of domestic investigations, and foreign investigations in more compliant jurisdictions) it gets to the point where authorities are checking about, they will have walked into the ISP and personally requested the information with subpoena in hand.
Again, you blindly assume that the subpoena can't be challenged in court. It can be.
See above. Has no bearing on the willful destruction of evidence.
Perhaps the ISP with the nerve to destroy material evidence in the presence of law enforcement exists,
You keep inventing these phony scenarios, building up these straw men and knocking them down. Clearly, your underlying argument is quite weak. I said nothing about "destroying evidence."
What is the function of your elusive super-secret "rosebud" warning then? To tell the account holder to get a cup of coffee and call the prosecutor to arrange for the delivery of the sought information?
In fact, the ISP could simply encrypt everything with the target's public key, and keep it. That's not "destroying evidence," that's locking it away in such a way so that nobody except the target can unlock it.
Subjecting the target to compelled discovery orders $50,000+/day fines, contempt charges, and incarceration for non-compliance. This, by the way, regardless of the "incriminating" nature of the evidence. Fines are not going to be refunded if the data/evidence is later proved immaterial.
Ideally, this would be done automatically every time a person calls his ISP, although the software to do this probably doesn't exist yet. The result would be that whenever the target was NOT connected to the ISP, there would be no information on the ISP's system that could be decrypted by the ISP operator.
Again, this still subjects the account holder to fines etc. God help him if he can't produce the desired information. He's likely to spend quite a long time in jail until the judge is convinced that he's telling the truth when he says "I threw away the key."
This would be one of those inventive future uses of encryption, well beyond plain vanilla PGP, which we must assure ourselves will be developed. The kind of thing you dread, obviously.
I don't dread it at all. I simply recognize the limited protection it affords the evidence concealer.
but I sincerely doubt this ISP will escape serious prosecution for doing it.
I sincerely doubt Unicorn will ever stop being a government suck-up.
I certainly won't endorse moronic schemes that are so out of touch with practical and legal reality so as to be laughable. I will certainly not keep quiet when I see, yet another, misleading out-of-rectum-pulled plan to evade all liability in the most pervasive and coercive jurisdiction in the world. Word to the wise reader: If you're considering asset / informational protection from discovery or attachement, by all means consult a professional. Mr. Bell's disinformation and illusions are dangerous in the extreme.
At the very least the employees of the ISP will have knowledge of this practice. Unless it's a single person run ISP, I doubt you're going to be able to keep everyone from testifying. What you propose is a crime in the United States, and in many foreign jurisdictions.
If an ISP's system automatically encrypts all received message's with the destination's public key when received, and doesn't keep an unencrypted copy around, showing up at that ISP's location with a warrant will result in ZERO (ZIP, ZILCH, NEGATORI, etc) information that can be delivered, unencrypted, to the cops.
The what's the purpose of your secret-super-duper "rosebud" warning? In the absence of evidence/information availability to law enforcement at the ISP, the account holder will be directly accountable. Is this a better solution? You've now changed the structure of your "protection" scheme four times to duck my criticisms. This was the same with your inventive but impractical nuclear detonation scheme, and your kill-the-pigs "dead pool" scheme.
The end result is that your foolish opinion of what the law allows will simply become irrelevant: The government cannot mandate what it cannot enforce, and it cannot enforce what it cannot detect.
I have often noted that the best defense is the lack of detection in the first place.
No, an even better defense is to make it absolutely impossible, as a matter of business practice, to assist the police with any kind of an investigation.
On the part of the ISP, this is possible. A secret "rosebud" tipoff is not the way to do it. Your constant encryption option is a bit better, but still subjects the account holder to an investigation where the ISP is compelled to cooperate with the authorities in secret and intercept or record the computing session in real time. Your fourth scheme is thus reliant on the trust-worthiness of the ISP, which I have indicated, and you have acknowledged by your constant ranting about the abuses of the justice system, is dubious at best.
Before you go off and shoot your mouth off about how evil and bad that is, you need to remember that regular destruction of records is an acceptable practice in any company today.
Unfortunately, records can only be completely destroyed in a pre-emptive way when they are of no use any longer. This, again, ignores the possibility of real-time investigation or informers. While courts will look askance
at it when it does not appear to be a regular business practice (say, the company gets sued today and they have a mass shredding tomorrow) there is nothing wrong about regularly making past records unavailable by shredding, burning, erasing, or by any other method.
Once suit is filed there is.
Making those records SELECTIVELY unavailable by encrypting them with somebody else's public key and keeping them has probably never been tested in court, but if the business contracts this ISP regularly signs have this as a provision of doing business, the court can't squawk after the fact.
No, instead, knowing of this provision, any plaintiff or prosecutor will apply for a TRO to preserve evidence before ever filing for a warrant. Review: Fines and contempt that can be leveled for non compliance on third parties.
After all, the ISP might have simply erased the files, keeping them from being accessed by ANYBODY, including their "owner."
This argument will go over real well in court.
Unfortunately this is the oft denounced "security through obscurity." Look, I know it's fun to imagine you can thwart the authorities with impunity within the United States.
Hey, you can FREQUENTLY "thwart the authorities." If I have evidence of a crime in my house, the cops can't come in unless they have a warrant.
Uh, not precisely so. Lots of circumstances exist where your home can be searched without a search warrant. Search of premises incident to a lawful arrest is just one of them.
If I know they're coming, and can destroy it untraceably, I WIN! See, that's how freedom works! It's nearly the exact opposite of "the government can do anything it wants, any time it wants, and anybody who frustrates them is a criminal!"
Yadda yadda yadda.
Naturally, you won't like this.
I don't like it because it's not a solution, because it's not novel, and because courts, law enforcement, prosecutors and private litigants have thought of it already and created provisions to prevent it.
Unfortunately it is a fantasy. The system you propose requires someone to be present in the ISP 24 hours a day.
[description of problems with Mr. Bell's scheme removed]
Yet another one of your multiple problems is that you have no imagination when it comes to "thwarting the authorities." I do. Don't try to tell me what can't be done, because I'll turn around and tell you how it CAN be done! I just did. The actual implementation waits for some slick coder to do it, but I give you 5 years, tops, before it's in regular usage. And that's assuming they're all a bunch of lazy bastards.
You told me nothing. You hedged, changed your scheme, altered the portions I attacked and revered to a previous scheme I had already decimated. And you made several legal analysis errors, as usual, in the process.
Your last resort in all of your arguments seems to be murder, extortion, the threat of bodily harm, arson or assault, or destruction of private property.
A list which seems to be the current modus operandi of most levels of government in America, today.
So you might as well murder a few people. Why not?
In any case, I think it's fair to hold an ISP to his word and contract.
Contracts are void to the extent they are illegal. Obstruction is illegal. Destruction of material evidence to a crime is illegal. Conspiracy to obstruct justice is illegal.
If the "normal" referee to such contracts (the court system) becomes biased because it begins to be an interested party to the en- "CUT!"
Yadda yadda yadda.
No. I speak from experience when I say that "proof" of complicity is rarely a requirement. The judge need only suspect wrong doing. It's easy to levy contempt fines, and very hard to overturn them.
It's easy to kill, and hard to resurrect the dead.
The standard in most jurisdictions is "clearly erronious." Tough stuff.
Yes, I'd say you're "clearly erronious."
If you can repeatedly describe, in nominally accurate terms, how abusive the government has become and NOT oppose its actions with every fiber in your being, then YOU have made yourself part of the problem.
Who said I didn't oppose it? I just don't kill people, or call for their death (other than by suicide) to accomplish my goals.
Unfortunately, fines and penalities are imposed every day based on assumptions by the trier of fact. Go watch a major court case some time.
You still haven't given me specific examples.
My note contains many. Consider a pair: Unites States v. Bank of Nova Scotia, 740 F.2d 817, 832 (11th Cir. 1984), cert. denied, 469 U.S. 1106 (1985)(upholding $25,000/day fine totaling $1,750,000 for failing produce documents located in the Cayman Islands under grand jury subpoena duces tecum; Marc Rich & Co., A.G. v. United States, 707 F.2d 663, 670 (2d Cir.), cert. denied, 463 U.S. 1215 (1983)($50,000/day against Swiss corporation for noncompliance with subpoena duces tecum demanding documents located in Switzerland). In both cases the documents were not shown to be material evidence when the fines were imposed and the judge was merely assuming they would be incriminating. I don't name specific cases I have been involved in without client waiver, but I have myself seen larger fines for less in white collar crime cases.
Bullets could easily fly.
And will. I've seen this happen. Trustee refuses to produce documents, court imposes compelled discovery, documents burn or are lost or have been stolen, trustee (who can be assigned no direct evidence of complicity) is fined heftily. A case I was not personally involved in saw the judge jail the trustee for 4 months.
That's not what I'm referring to. Judges are mortal.
Yadda yadda yadda.
Remember that prosecutor who died in Boston a few months ago? You know, the one who made the national news? I'm still waiting to see how that one came out, but I suspect they will never be able to prove who did it, and may not even be able to find out.
Parties who believe Mr. Bell might have been responsible are invited to call the Boston Police and provide an anonymous tip.
With Mr. Bell as a defense attorney, who needs prosecutors?
If I intended to limit myself to the tools of the court room (that's the enemy's playpen, BTW) I would probably be just as ineffective as the next defense attorney.
So again, we see Mr. Bell in his basic form. Violent offender. He will obtain by force that which he cannot argue into his hands.
Except that in a court room, the decision maker is PAID by a party to the case, the government. That sounds like a classic conflict of interest to me.
Yadda yadda yadda.
Jim Bell jimbell@pacifier.com
--- My preferred and soon to be permanent e-mail address:unicorn@schloss.li "In fact, had Bancroft not existed, potestas scientiae in usu est Franklin might have had to invent him." in nihilum nil posse reverti 00B9289C28DC0E55 E16D5378B81E1C96 - Finger for Current Key Information
participants (2)
-
Black Unicorn -
jim bell