Hacker News new | past | comments | ask | show | jobs | submit login
Military intelligence buys location data instead of getting warrants (arstechnica.com)
225 points by lazycrazyowl on Jan 24, 2021 | hide | past | favorite | 109 comments



Utterly unsurprising. The idea that the military will accept having less freedom of action than a private company is absurd and was never going to last.

Honestly, I'm not sure why people care so much about the US government having access to this data while simultaneously not caring that any entity with a sufficiently large bank account can get it.

Maybe it's because so many of the people here work at the businesses that generate this data?


Most people want there to be laws governing what can be done with aggregate personal data... whether it can be collected, whether it can be sold, what's allowed to be done with it.

A person's right to be forgotten should include their location.

Right now, the law doesn't even consider something like this as a possibility. The laws in the US governing information and what can be done with it haven't been updated for the computer age... yet another failure of our corrupted government.

People are concerned about the military and law enforcement getting the data because they're the typical "greatest threat".

If they did obey the law and not gain access to the data, people would then worry about corporations getting it and what they do with it. Priorities.


Big tech just keeps greasing the politicians with donations and political favors.


People do care, just not as much. Governments have murdered, kidnapped, tortured, and oppressed several magnitude more people than private enterprise.


Oh, I'm not sure that's true. That's a very modern take.

Have you met the British East India Company [3] and the Dutch East India Company (VOC) [4]? The VOC even has a genocide to it's name [1]. [edit] Make that two. [2]

A lot of colonialism was actually carried out by private enterprise. Substantially all of slavery. Once you reach a certain size and scale, is there really even a difference between government and enterprise - except that the voters control one and shareholders the other?

[1] https://historibersama.com/the-voc-genocide-historia/

[2] https://en.wikipedia.org/wiki/Amboyna_massacre

[3] https://en.wikipedia.org/wiki/East_India_Company

[4] https://en.wikipedia.org/wiki/Dutch_East_India_Company


Let’s not forget Jardine Matheson, who in 1840 persuaded the British government to start a war with the Qing Dynasty over their right to keep addicting the Chinese population to opium[1][2].

The Brits got lots of mileage out of that one - Hong Kong for starters, and HSBC, which continues its storied tradition of facilitating immorality to this very day [3][4]. JM itself diversified after the wars and the company lives on as “a multinational conglomerate... with legal domicile in Bermuda”.

Kids, if you want to make it big without actually having to challenge yourself too much, make sure you stick to large-scale, officially-sanctioned crimes against othered groups of humans. That way, you get the George W. Bush treatment instead of accountability!

[1] https://en.m.wikipedia.org/wiki/History_of_Jardine_Matheson_....

[2] https://www.eiu.edu/historia/Cassan.pdf

[3] HSBC money laundering report: Key findings http://www.bbc.co.uk/news/business-18880269

[4] https://www.icij.org/investigations/fincen-files/hsbc-moved-...


My understanding is that those trading companies were effectively the tools with which those countries conducted foreign relations in those regions. I know at least the leader of the VOC was directly government appointed. Could be wrong though, I haven't done much reading on them.

>Once you reach a certain size and scale, is there really even a difference between government and enterprise - except that the voters control one and shareholders the other?

Voter control of countries over time and by country has varied from none to tenuous and I think shareholder control of enterprise might be the same. I think the bigger distinction is use of physical force/violence. A government is the collective with a near monopoly on force within a region. So the thing that makes it scarier when they get access to new tools of oppression is the exact thing that makes them what they are.


Sure but the private enterprises of the time that you mention still didn't hold a candle to the monarchy or the church.


Both of those companies were extensions of the state.


None of your links contradict what the person you're replying to noted about orders of magnitude. Stalin, Mao and Hitler alone killed over a hundred million people in the 20th century.


I think the parent's point is valid - enterprise has generally been less likely to commit those acts. I mean, just look at Hitler, Stalin, and Mao. They killed tens of millions of people.

Even in the examples of the companies that you listed, their acts were generally state sanctioned, making government a party to that, and sometimes supplying state resources to commit them. And of course demanding their share of the spoils.

I do agree that there doesn't seem to be too much difference between large corporations and government. Also they tend to do a good bit of cross pollination of corruption.


Why is this downvoted?


Of course, we need to give the common stalker and cutthroat corporations a chance to make up the gap.


Yeah that’s definitely the concern.


Apparently I wasn't clear enough. The reason that individuals and corporations have a smaller kill count than governments is because governments historically have more resources and freedom of action in order to commit atrocities. In the cases where corporations have had the opportunity, such as colonial companies or the United Fruit Company[1] for a more recent example they have not refrained from any action on moral grounds.

[1]https://en.wikipedia.org/wiki/United_Fruit_Company#Aiding_an...


Because the military may use the information for actually killing people. Remember "We kill people on the basis of metadata" speech by a CIA official.


I think many members of the general public are probably not very well informed on the actual risks that arise from these sorts of privacy issues. If you pay attention to mainstream media coverage of privacy/surveillance issues, you’ll often hear the old “if you have nothing to hide you have nothing to fear” trope promoted as if it were actually a reasonable counter argument.

Maybe I’m just a tinfoil hat wearing conspiracy theorist, but I have a hard time believing media outlets are capable of giving reasonable coverage to those issues, given their entire revenue model is based upon exploiting mass data gathering in the form of modern ad tech.


Oh, people do care about that part. It's just that the capability to reatrain that organization is highly constrained through the Government edifice. That the overnment edifice itself is at the center of the problem is even more cause for alarm.


So then why do so many seem to want to start by constraining the organization with the highest level of trust?

Right now, individuals, businesses, and the US military can obtain this data without a warrant or due process. How can you look at this and say "let's start by reigning in the military"? Who, I might add, have a far more limited scope than businesses since the military only cares about information related to whatever mission they're tasked with.


I'm not sure it makes sense to suggest people who work with data are normally the other way around. People who work with data and their activists are why regular Americans are at all scared of government digital surveillance. On the other side of that, people who don't work with data use free digital services everyday and so even if they know those products are built with their data they are more likely to be sympathetic because in their minds it's a fair trade for the utility they've gained and even the trades they didn't make still serve as evidence to them of how useful doing things this way is. An interesting experiment would be if a single city went all-in on digital surveilance and monetization so that the country could see clearly what was being gained and lost for the participants.


I cannot push back against the idea that ordinary people consent to collection when they use free services enough. This is an utterly transparent myth that data collectors, aggregators, and consumers tell themselves and others to justify their actions.

People do not understand what is being collected. I and probably everyone here has heard speculation that phones are constantly monitoring for keywords which are used in ads. It's an incredibly common idea that (afaik) isn't true, but shows just how little people understand how data collection works and again, what is actually being collected.

People do not understand how this data is used. The best example I can think of is with pregnant women. Every ad on every platform suddenly revolving around pregnancy and caring for a newborn is not the expected outcome of just googling for some mayoclinic articles. And of course if they're trying to conceal their pregnancy or worse, have a miscarriage, this has resulted in real world harm.

Finally, people cannot possibly consent to how this data will be used in the future. This should be pretty self explanatory.

Those who work for organizations that sell data or information gained from data such as Google or Facebook have to convince themselves the above is not true. In which case, it makes complete sense to insist that the US military needs to have a warrant in order to collect, since obviously a warrant is needed if the target for collection doesn't consent.


Just because people don't understand all the technical details doesn't mean they are sufficiently ignorant to cash in on power words like consent. While I realize it's shortsighted reasoning, it's incredibly common to hear some variant of "x already knows everything about me so who cares" or "my stuff's already in the cloud, I bet x could get to it if it mattered". People in the mainstream are /already/ assuming the worst case scenario, they just don't care as much as we think they should and the only reason the Europeans do is because they're not the ones running the services so the power balance is different.


I don't really want to go through a whole sex analogy for consent, but suffice to say that "they consented once at the very beginning without an actual understanding of what was going to happen but it's fine because they're already assuming the worst case scenario" would get one thrown in jail.


> People in the mainstream are /already/ assuming the worst case scenario

People in the mainstream don't understand what the worse case scenario is.

They give up their information and don't see any obvious consequences because they don't understand what the consequences actually are. The data gets used for things like price discrimination, which you're not even aware is happening, but then that "free" service ends up costing you $250/month.

Partisans spend all day calling one another fascists and communists, never thinking what would happen with the data in these companies if a government at the level of totalitarianism that existed in actual reality during the 20th century came to power in the 21st.


what would happen with the data in these companies if a government at the level of totalitarianism that existed in actual reality during the 20th century came to power in the 21st.

The past year should give everyone pause in this regard, no matter which side (or no side) you are on.


> the only reason the Europeans do is because they're not the ones running the services so the power balance is different.

My experience as an American having lived in Europe now for over 7 years is that Europeans (in general, particularly in the Nordic region) have a profoundly different relationship to their governments than US citizens do to ours. The will to protect individual users' data and privacy as expressed in the GDPR for instance is a sincere expression of European values, and would be as in effect if "the power balance" were tilted towards European companies. I know European companies who avoid Google services and all American companies to hold important data, as but one example


The government has more guns than your garden variety rich guy.


I _wish_ guns were required to cause harm to others.


More to the point, the government has the socially assigned role of deciding whether anyone’s use of said guns is legal or not.


I love the presence of this talking point here because its usefulness is self-refuting in this case.

1. To guard against tyranny, always focus more on government overreach than corporate overreach because the government is the one with the guns.

2. Corporations scooping up endless streams of data don't get the same level of scrutiny and pithy talking points from libertarians as the entity with the guns.

3. Class of data-mining corporations collect so much data that it's functionally equivalent to a tyrannical government demanding direct access to everyone's location data.

4. The government-- the entity with the guns that we want to protect ourselves against-- simply buys access to the data from corporations to get around the law.

5. We've done a poor job of guarding against tyranny!

Edit: clarification


US military intelligence already believes that they don't need warrants; they've decided (in a secret, internal opinion) via the (again, secret) FISA court that the FISA Amendments Act, section 702, permits them to retrieve data on anyone they like directly from the service providers, even if those people are suspected of no crime, and are citizens/residents of the US. This has been going on for fourteen years, since Microsoft became the first partner in the program on (lol) 11th September, 2007, and started giving them dumps of people's hotmail email boxes and such.

It's the #1 source for NSA reporting, eclipsing even their bulk cable wiretaps. They can hit a button and get Google Takeout, but for all major US online services, for anyone they choose, no warrant required.

These sorts of headlines pretend that their "normal" way of spying does require warrants. It absolutely does not.

A lot of people seem to still carry the misconception that the FISA orders (again, not warrants, no probable cause, issued by a classified court (also run by US military intelligence) that never denies a request) are only for foreigners ("foreign" is right in the name). That's also not true: they use it to target US citizens too.

This specific circumstance was cited by Ed Snowden as one of the main reasons he came forward and told everyone that this was happening.

https://www.eff.org/702-spying

The participants in this system as of 2013: Microsoft, Yahoo, Google, Facebook, PalTalk, YouTube, Skype, AOL, Apple.

https://www.theguardian.com/world/interactive/2013/nov/01/pr...


> Make no mistake: the bill he eventually signed — S. 139 — very much affects American citizens. That bill reauthorized Section 702 original enacted as part of the FISA Amendments Act — a legal authority the NSA uses to justify its collection of countless Americans’ emails, chat logs, and browsing history without first obtaining a warrant. The surveillance allowed under this law operates largely in the dark and violates Americans’ Fourth Amendment right to privacy.

https://www.eff.org/deeplinks/2018/01/state-union-what-wasnt... link found at https://www.eff.org/702-spying


Why should they need a warrant for information that's being sold or public?


Because of this:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.


Well... no warrants were issued, no search conducted, and nothing seized.

Where is the violation?

Not saying this is good, just that it isn’t against the constitution. If the data is publicly available for purchase, nothing in the constitution says the government can’t buy it.


Can you clarify why you think that no search is conducted when using this data? My understanding of your question is that you think that dragnet operations don't involve searching, which doesn't match reality.


The data is handed over willingly to a third party. You agreed to this by accepting the fine print in the contract. In the US, your rights end when another other party takes possession unless it's health data.


I know what my rights are. My question for clarification is in spite of the fact that signed agreements give companies the effective ability to share with gov agencies. It still doesn't answer the question of how it's any different from a search.

Heh, re: health data. HIPAA considers the name of hospital to be private information (try FOIAing the hospital names where people have died from COVID). But, if I go to a hospital with my phone on, then that fact will be available in location data that's bought by gov agencies. Through your qualification, have my rights ended by this fact?


> Well... no warrants were issued, no search conducted, and nothing seized.

The violation is that they were able to sidestep legal processes like warrants by buying the data. If you don't see the issue with that, then I'm not sure what to tell you. It doesn't become okay just because they're purposefully avoiding legal scrutiny. It's like saying HSBC's money laundering is totally fine because they're successfully avoiding legal or law enforcement action.


I think I'm not secure, when people in the military or police etc can get my exact location that easily.

I could get arrested too easily, by law enforcement who skipped some steps in the process and got the wrong person? Maybe LEOs more eagerly do SWAT raids when they know the person's exact location? (I'm guessing)

So, could it be a partial violation of "secure"?

"The right of the people to be secure in their persons, houses"


It’s not any different than a criminal taking evidence to a pawn shop, and then expecting that the pawn shop couldn’t say anything about it to the police.

The problem is that we’ve all become accustomed to agreeing to give away our data, while pretending that we didn’t.


Sounds like you want something like GDPR. Without that entities can collect and sell data about you like this, and the government can buy it.


But it's not your data. It's data from Google, AOL, Skype and so forth. Also the 4th existing in a world of Civil Forfeiture shows how weak it is when the rubber meets the road.


The recent Carpenter decision means that cellphone data held by a third party still needs a warrant to seize.

The USG argues that since the same data is already being sold commercially, they can buy it on the open market without a warrant.


For the curious, the SCOTUS opinion on Carpenter v United States is here (PDF warning):

https://www.supremecourt.gov/opinions/17pdf/16-402_h315.pdf


Note that, under the GDPR, data that is collected from you and pertains to you is considered your property. America doesn't have a similar stance on the books, but it probably should.


If the government would need a warrant to collect that data it should be illegal for any company to collect, sell, or in any other way utilize that same data.

That is basic consumer protection common sense; but even without the pandemic and the other four horseman of the apocalypse crisis of democracy facing the US, and most if not all other nations on the planet right now, don't expect any such consumer goods to be on the agenda.


Probably not right there. There is little reason to take it to an extreme as such when your goal might be defending an even lesser issue.


> If the government would need a warrant to collect that data it should be illegal for any company to collect, sell, or in any other way utilize that same data.

I think you just banned email hosting.


Email hosting does not share your inbox with 3rd parties.


I meant the "collect" part.


It's not public. I can't go to Microsoft and pay them to send me your emails.


They aren’t buying emails, they are buying location data. And yes, disturbingly, you can go and buy the location data of anyone you want.


Really? How?

Googling, I found this https://nymag.com/intelligencer/2019/01/report-demonstrates-... , which seems to say it involved someone with access to the data selling it in an unauthorized way that's supposed to be against the rules of the company but is maybe not enforced much.


Have a lot of money and call a data broker. In 49 states, this data is almost entirely unregulated. The only reason they self enforce some restrictions on selling it to small potato customers, is because they don’t want any public attention.


> The bill that was most recently passed, S. 139, endorses nearly all warrantless searches of databases containing Americans’ communications collected under Section 702.

I think you might be a little lost. Whilst yes, they are buying location data. However, providers are _also_ supplying them with emails. And everything else they could want. And that isn't something that you can go and buy.


For the last 14 years, the US military intelligence community has done precisely that: from Microsoft specifically.


The contents of your Gmail inbox or Facebook DMs are neither.


It seem to be quite obvious. If law enforcement need a warrant to do something or get something but can circumvent the law by paying someone else they are, well, circumventing the law which obviously is or at least should be illegal. I can't see why it is even a discussion.


"If your mobile device is turned on, our network is collecting data about the device location. We may use, provide access to, or disclose this network location data without your approval to provide and support our Services, including to route wireless communications, operate and improve our network and business, detect and prevent fraud, provide information to emergency responders about where to find you when you call public safety agencies, including through 911 or similar emergency services numbers, or as required by law." [1]

The wording here seems to suggest they can only use it for diagnosing their T-Mobile network, to emergency services or as required by law. Where is the loophole?

[1] https://www.t-mobile.com/privacy-center/our-practices/privac...


> We may use, provide access to, or disclose this network location data without your approval to provide and support our Services

That is the important part, everything else are just suggestions. If they view selling user data as one of their services then selling your data to someone else is a part of things the contract covers.


Minor nitpick, selling the data probably isn't a service. It would be an action taken to help support the actual service via better monetization.


"our Services" isn't to the consumer but to the entity purchasing the location information.


That makes sense, I'd assumed it was specific to the service the consumer was using that prompted them to agree.


It is a lie a sense, it meant to deceive and give plausible deniability for the telco to do literally anything they want.

In that regard, the whole thing can be thrown out as <fancy word for> trickery.


Data streams can absolutely be provided as a service.


>operate and improve our network and business

>and business

Loophole is right there. The improvement of their business can be interpreted as anything. Winning a government project, PR win, getting rid of a meddlesome or unsavory customer, supporting an unpopular government action to avoid unpleasant consequences.... All of those fall under improving their business.

Generally speaking, any phrase not explicitly defined and constrained in any sort of legal document is where you go to start looking for wiggle room.


> The DIA explains in the memo that it simply does not think the Carpenter ruling applies to it. "DIA does not construe the Carpenter decision to require a judicial warrant endorsing purchase or use of commercially-available data for intelligence purposes," the agency wrote. "DIA's acquisition, use, and storage of commercial geolocation data is governed" not by these civilian law enforcement rules but by the DoD's own "Attorney General-approved data handling requirements."

If the DoD thinks it has the right to this data then whatever agreement you have with T-Mobile doesn't really matter. Ultimately that is what needs to be challenged in court.


This is a good example of how things can get illegal. I start Company A and tell AT&T I will obtain consent from users for any request of location data from AT&T. AT&T approves our partnership and grants me access to customer data. My Company A then starts taking data for other purposes (selling to bounty hunters) without informing AT&T. My other use is then discovered and I am shut down.

https://www.wyden.senate.gov/imo/media/doc/at&t%20letter%20t...


> including

The word that connects the first part to the list of reasons is ‘including’. Not ‘limited to’, not ‘strictly’, just ‘including.


"If your mobile device is turned on"

Does that mean they are collecting location even if my device is on airplane mode with wifi and bluetooth off?


OK, so maybe T-Mobile isn't selling your location. What about AT&T and Verizon? What about every app on your phone?


I can only assume that the loophole lies in "without your approval". I have not read disclosures from them in forever so I can't readily confirm it, but that would suggest your approval is basically agreeing to use their service.


If their services include providing consumer intelligence about cellular customers to other businesses, that is presumably included even though you are not the beneficiary of such commercial efforts.


> The DIA "currently provides funding to another agency that purchases commercially available geolocation metadata aggregated from smartphones,"

> The Supreme Court held in its 2018 Carpenter v. United States ruling that the government needs an actual search warrant to collect an individual's cell-site location data.

These appear on the surface to be 2 separate things. If they’re not buying “an individual's cell-site location data” then they are not circumventing the warrant process.

If a judge rules that aggregate metadata also requires a warrant (which I’d be ok with) then we have a path to object here.


Buying a commercial service and compelling disclosure of otherwise confidential data are pretty substantially different things (not a value judgement on if this is a good idea either way, just a comment on the difference).


Does this mean that if I give you my cellphone number, you would be able to pay money to see my current or past location?

My understanding was that cell phone companies sell data in aggregate but not for individual numbers.


No, unaggregated, real-time data is available. It percolated all the way down to bounty hunters before it really came to public knowledge.

https://www.vice.com/en/article/43z3dn/hundreds-bounty-hunte...


"Your wireless device can determine its (and your) physical, geographical location (“Location Based Services” or LBS) and can associate your device’s physical location with other data. You have the ability to enable or disable access to such services. By enabling location settings on your device, you are permitting applications on your device to use LBS through software, widgets or peripheral components you choose to download, add or attach to your wireless device or through web access, messaging capabilities or other means, and you are authorizing Verizon Wireless to collect, use and disclose your Location Information as appropriate to provide you with any location services that you enabled. To limit potential unauthorized access to your Location Information, Verizon Wireless offers various mechanisms and settings to manage access to location data. You should review each application’s settings to determine whether you want to enable LBS for that application." [1]

From 2018. The wording says "as appropriate" to provide you with services. I'm not seeing anything here about collecting your location to resell. Does anyone have an explicit wording in a contract they can refer me to?

[1] https://www.verizonwireless.com/dam/support/pdf/collateral/C...


That just limits it for apps on your device, Verizon collects and does whatever they want with it regardless of what you tell them to or what settings you pick on your device since they create it first in their servers and then send the data to your phone.


That's not exactly true. The phone has GPS, which is precise location data, and independent of cellular service.

The carrier only has tower triangulation, which is less accurate but still valuable.


I believe carriers also have access to your GPS location because it’s mandated by law in order for emergency services to locate you.

https://www.vice.com/en/article/j575dg/what-a-gps-data-is-an...


I didn't know about that. It seems like there is much less public attention on what these companies are doing compared to tech companies.


Because tech companies are still relatively ethical, you wouldn't have so many leaks otherwise.


Agreed, a lot of tech might be data harvesters, but they don't sell location data to bounty hunters.


Yes. There are plenty of companies using this in innocent ways already.

For example if you're renting a vehicle from Avis in the mainland US and need roadside assistance because your rental vehicle won't start, they can use your phone number (if you give consent) to find where they should send the tow truck.

Next time you rent a vehicle from Avis, call their roadside assistance number to see this in action for yourself.

This is a useful service, most people renting cars are doing so in places other than where they live, and may not be able to describe the location they're stranded at. But it does raise the question of who else is receiving your location information.


Most of it is coming not from the cell phone companies, but from third party aggregators that pay app developers to install tracking code in their app. They try to get into as many apps as they can and send back data whenever any of their instrumented apps are able to. Ads don't pay much at all so this is another way for free apps to monetize. The identifier is normally a collection of parameters (device type, home zip code, etc.). The military is likely buying data from these aggregators and combining it with other sources they have.


Interesting. So this is not cell phone tower data coming from ATT, T-Mobile, Verizon.

Does iOS grant apps access to your phone number or do these third party aggregators need another mechanism to link devices to phone numbers?


They don't need phone numbers. If the code is running inside an app, it can snap location data and send it to a server. Along with that, they pull in whatever other data they can link. This includes things like what model device, current battery level, home zip code, Facebook id, etc. With these data columns, you can match users pretty easily.


This also implies that device-side firewall rules (if Apple allowed them to exist) could cut off the data brokers' business model.


> Does iOS grant apps access to your phone number

No - unless you grant access to Contacts.


Sounds like a business opportunity. One for selling individual location data, the other for signing up to make that data private.


100%


> My understanding was that cell phone companies sell data in aggregate but not for individual numbers.

Santa Claus has a bridge to sell you ;)

Even if there are no official channels, I'm sure there are informants willing to sell that data for the right price.


Can private citizens buy the data? How? If I wanted to buy my own records, how would I do it? Do I need to buy a large batch of records or can the request be tailored?


"The supply chain of that location data is not as simple as me just going to T-Mobile, buying the data and then getting it there. There are various organizations, companies in a trickle down effect." [1]

[1] https://youtu.be/3e6n7jDDmj0?t=240


Why would the military get a warrant? They're not law enforcement.


The fourth amendment applies to the state, not just law enforcement.


The fourth amendment is to protect you against being arrested and deprived of life, liberty or property without due process. A warrant is part of the process in making sure that an arrest is justified.

Intelligence agencies have no authority to arrest you, nor would they have any interest in doing so. Their job is to gather information about what other countries are doing that might be harmful to the US.

Even then, I think warrants generally aren't required for publicly available information.


> The fourth amendment is to protect you against being arrested and deprived of life, liberty or property without due process.

Privacy is liberty and property is property. Unreasonable search and seizure is unreasonable and prohibited (even if there is no current effective remedy) in all cases, not just criminal justice.

> Even then, I think warrants generally aren't required for publicly available information.

This does seem to be the decisive issue in this specific case.


Welcome to Third Party Doctrine. A.K.A how to do an end run around the constitution by laundering the data collection to private entities.


> Privacy is liberty and property is property. Unreasonable search and seizure is unreasonable and prohibited (even if there is no current effective remedy) in all cases, not just criminal justice.

Your water utility voluntarily selling information about your water usage to the government is not unreasonable search and seizure, and does not deprive you of any property.

I don't think you're going to meet a lot of legal success by framing privacy in this context.


> The fourth amendment applies to the state, not just law enforcement

In principle, yes.

In practice, due to the absence of meaningful remedies other than the exclusionary rule, not so much.

Rules are only as strong as the consequences for breaking them.

(But this doesn't seem to be a violation, anyway; data in a custody of a third party that is legally permitted to sell it publicly is neither being searched nor seized when it is purchased in a mutually-voluntary exchange by the state.)


If only we lived in a world without parrallel construction where military intelligence organazitions didn't spy on citizens for law enforcement


It is not so much as spying for law enforcement, but spying to protect their power. The military industrial complex invented the boogeyman and use their intelligence arm to promote it.


Not really news, every month there is an article about an agency, the police or wherever who buy location data. Sad times ..


Aren't they plugged into all of Silicon Valley through PRISM, and 'logging into' high-risk targets' pc's through Intel ME? Is this some sort of glitzy distraction piece for that?

Last I heard, Snowden is still scapegoated, and nobody from the NSA has been held accountable, or anyone inside any of these other 3 letter government agencies...


Another way to put this: "Data available to anyone, that might otherwise require a warrant"


Petition your congresspeople to make it illegal to buy location data.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: