You are only browsing one thread in the discussion! All comments are available on the post page.

Return

SecurityPro ,
@SecurityPro@lemmy.ml avatar

"helped" is very misleading. Companies can't refuse to provide information they have when served a search warrant / court order. These companies DID NOT choose to provide the info on their own.

lemmyreader OP ,

“helped” is very misleading. Companies can’t refuse to provide information they have when served a search warrant / court order. These companies DID NOT choose to provide the info on their own.

You are suggesting all these companies are completely helpless against legal requests. That is not correct. A company should first make clear that the legal request is actually completely legitimate and correct. After that they can look at whether they should provide the information or not.

See the data here :

SecurityPro ,
@SecurityPro@lemmy.ml avatar

As someone who has worked fraud and online investigations, and both written and served search warrants; it is not an option. A probable cause affidavit is presented to a judge and if the judge agrees there is sufficient probable cause, a search warrant is issued. This is an order by the judge and not optional. The judge can hold the company in contempt if they refuse to obey his/her order.

Deckweiss , (edited )

Read the blog by the guy behind cock.li , he refused multiple illegitimate warrants so far.

What matters is the jurisdiction of the service, not the one of the warrant author, otherwise china would have already warranted all data of all other world citizens lol

Railcar8095 ,

Proton complies with Swiss law, and has to be channeled through Swiss official channels who rely the request.

So there's jurisdiction.

Deckweiss , (edited )

That is true. But I wasn't debating about this specific case, but rather the generalized statement.

The comment I replied to implies "If there is a warrant, it is always legitimate and you have to follow it, because a lawyer said so". That is not true and if it were the world would quickly go to shit, which I pointed out.

Railcar8095 ,

I would say your interpretation was a bit extreme. Nobody implied a warrant from anywhere in the world.

Deckweiss , (edited )

Again, it doesn't matter where the warrant fomes from. What matters is where it goes to.

And that detail is pretty important, while being completely left out. They say:

it is not an option.

But yes it is, depending on the jurisdiction.

refalo ,

Are you suggesting they didn't do those things? Good info either way.

Also there IS another alternative, the lavabit way... just go out of business /s

brunchyvirus ,

There is a great talk from the Lavabit CEO who discusses what happened to him and his company when they found out Snowden had an email at his company. I won't link it since it's YouTube but it's an hour long but he talks about his experience with the FBI and the courts. You can search for M3AAWG 2014 Keynote, I highly recommend it.

lemmyreader OP ,

👍 Here's a written piece from Lavabit founder : https://www.theguardian.com/commentisfree/2014/may/20/why-did-lavabit-shut-down-snowden-email

helenslunch ,

A company should first make clear that the legal request is actually completely legitimate and correct.

What makes you think they didn't do that?

helenslunch ,

Yep, also using "requests" when they were not at all, they were demands.

otter ,
@otter@lemmy.ca avatar

Yep, which I think is why it's more important to see what data is being collected and stored, rather than giving up data based on how trustworthy an entity seems

If the tool doesn't collect or log the data to begin with, then there's nothing that can be stolen/taken/demanded

The solution in this case might be for Proton (and the other companies) to list out risks and data collection information along the way.

We need X in order to do Y. Read more on how Y works. Now here are some risks, and how to avoid them:

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • privacy@lemmy.ml
  • All magazines
    •