1996-03-30 - Re: So, what crypto legislation (if any) is necessary?

Header Data

From: jim bell <jimbell@pacifier.com>
To: Black Unicorn <unicorn@schloss.li>
Message Hash: 0c91090cc3dfc2b9310227145d1e8251c02895d00243d462089d76b1848518c2
Message ID: <m0u2tez-0008xlC@pacifier.com>
Reply To: N/A
UTC Datetime: 1996-03-30 15:21:27 UTC
Raw Date: Sat, 30 Mar 1996 23:21:27 +0800

Raw message

From: jim bell <jimbell@pacifier.com>
Date: Sat, 30 Mar 1996 23:21:27 +0800
To: Black Unicorn <unicorn@schloss.li>
Subject: Re: So, what crypto legislation (if any) is necessary?
Message-ID: <m0u2tez-0008xlC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:35 PM 3/29/96 -0500, Black Unicorn wrote:
>On Fri, 29 Mar 1996, jim bell wrote:

>> >entails criminal charges?
>> 
>> You _do_ have an odd way with words.  "entails" criminal charges?  Hey, they 
>> can charge ANYBODY with ANYTHING, but that doesn't mean that a crime has 
>> actually been committed.  Further, it isn't clear that anybody is obligated 
>> to respond to a subpoena without the possibility of a court challenge, and 
>> your fantasy about the cops showing up and trying to strongarm the ISP is 
>> laughable at best.  
>
>Ok, forget "entails" try "is a crime."

I think the reason you are so sloppy with language is that you don't want to 
be held to a strict standard of accuracy.  For you, "entails" is 
sufficiently vague that you think you can get away with it.  This kind of 
"abuse the language" behavior is common among lawyers.  Check out the New 
York Times vs. Sullivan SC decision and their odd usage of the term 
"malice":  It's a definition that appeared in no dictionary and (apparently) 
no prior legal decision.  Clearly, lawyers (and especially judges) think 
that they can dynamically re-define the language in order to suit their needs.

 >> Who said anything about "destruction of material evidence"?  Refusing to 
>> hand over information until AFTER a court has properly responded to a 
>> challenge to a subpoena is old hat to newspapers, TV stations, and other 
>> media-organizations who are occasioinally served with a subpoena.  The ISP 
>> need merely say, I'm challenging this subpoena in court, go away 
>> motherfuckers!  ISP prepares a challenge, "CC's" ALL the affected 
>> individuals, (including the person whose information is desired!),  and the 
>> validity of the subpoena is tested.
>
>What you miss are provisions for the preservation of evidence called for 
>in the order during the hearing process. 

Before the challenge occurs?  Hardy har har!  Yes, the evidence WILL be 
preserved, in fully encrypted form.

> The fact that you can fight a 
>subpoena has no bearing what-so-ever on the fact that its a crime to 
>destroy the evidence until the court rules that its non-material or 
>otherwise quashes the subpoena.

Encrypting evidence is NOT "destroying evidence."  Why don't you STOP 
talking about "destroying evidence, because it is clear that you've phonied 
up this assertion to buttress your claims.

>I grow tired of being the source of your continuing legal education.

I'm sure other people are growing tired of your failure to support your 
claims, as well as your failure to recognize the fundamental unfairness of 
the various things you've CLAIMED judges do.  I suspect that any reasonably 
unbiased person would be shocked and astonished at the various behaviors 
you've claimed judges have displayed; he would then understand quite clearly 
why encryption is going to be such an important improvement in future 
society, because it will quickly emasculate the government and its ability 
to do precisely the sort of things you've claimed its agents do.

>Anyone who knows me knows I spend all my days end arounding the 
>U.S. government. 

Explains a lot!   You _are_ paid for this.  In an earlier era, you would 
have gladly run the ovens at Auschwitz if you'd gotten paid for it.

 I'm reminded of that famous New Yorker magazine cover which showed, in 
cartoon form, a picture of Manhattan in the foreground, Jersey in the 
middleground, and the midwest towards the back, then California in the 
distance, etc.  Clearly, you see the government as "Manhattan," occupying 
the vast majority of your scenery, and the rest of the country is clearly 
ignorable in the background.  Chances are good that the reason you aren't 
more bothered at the government's behavior is that, fundamentally, you 
PROFIT from the excesses of the government.

> The reason you can't see that is because I don't 
>threaten to murder officials, but choose the intellectual detour around 
>the myopic laws instead. 


I think you mean, "EXPENSIVE detour."  You know, the one where the lawyers 
on both sides get paid a lot of money, the taxpayers and the victims get 
screwed, etc.  Explains a lot about your motivations.


>What is the function of your elusive super-secret "rosebud" warning 
>then?  To tell the account holder to get a cup of coffee and call the 
>prosecutor to arrange for the delivery of the sought information?

Simple.  I disagree that it is constitutional to prohibit a person from 
informing yet another person (should he be inclined to do so) that he has 
been approached by officials.  I see no support in the Constitution for such 
a tactic, since it is obviously equivalent to prior restraint.  Obviously, 
however, there is a strong motivation for the officials to WANT to keep 
their interest a secret, but people want a lot of things without necessarily 
getting them.  Your problem is that you are unable to admit that this 
practice is of dubious propriety;  the government has been able to get away 
with it because it has dealt with large organizations that depend on it and 
can easily control.  Smaller organizations, like ISP's and such, are run by 
people who aren't quite so contaminated with the "Government is God" 
philosophy, and who are far more likely to get around (or challenge) a old 
tenet that officials had grown to know and love.

>Subjecting the target to compelled discovery orders $50,000+/day 
>fines, contempt charges, and incarceration for non-compliance.  This, by 
>the way, regardless of the "incriminating" nature of the evidence.  Fines 
>are not going to be refunded if the data/evidence is later proved immaterial.

You keep making statements which merely represent abuses of the system.  
What you don't explain is why any judge who does such abusive things 
shouldn't be removed from office, by whatever means necessary.  You would be 
far more credible if you prefaced your sweeping statements about what a 
government does with, "Yes, it's illegal, but they..."  


>> Ideally, this would be done automatically 
>> every time a person calls his ISP, although the software to do this probably 
>> doesn't exist yet.  The result would be that whenever the target was NOT 
>> connected to the ISP, there would be no information on the ISP's system that 
>> could be decrypted by the ISP operator.
>
>Again, this still subjects the account holder to fines etc. 

You haven't explained why.  You have appeared to accept the premise that the 
ISP's system is automatically programmed to make it impossible for the ISP 
to provide information, and you've just ADMITTED (and yes, it's really an 
admission!) that a judge would be inclined to abuse his position in such 
circumstances.  As far as I can see, the American Revolution was fought over 
violations of freedom substantially less severe than these.

>God help him 
>if he can't produce the desired information.  He's likely to spend quite 
>a long time in jail until the judge is convinced that he's telling the 
>truth when he says "I threw away the key."

Tell me, honestly:  Do you genuinely believe that the average citizen (or 
ISP operator) is 
going to feel any more generous to the government's desire to regulate 
encryption if he's told that he may some day be held in contempt for failing 
to  provide what he knows he cannot provide?  

Further, one of the provisions of the Leahy bill seems to be that key-escrow 
is OPTIONAL.  It is, therefore, presumably true that the key-owner can write 
whatever conditions into that escrow arrangement he's inclined to add.  
Suppose for a moment the key-owner reads your suck-up commentary and 
believes you:  He'd have to be a fool to use a key-escrow agent that was 
within the jurisdiction of the US or treaty agreements, OR he'd insist on 
using encryption to hide the keys.  That being the case, pressure on the 
key-escrow agent is totally useless, as least with regards to getting the 
actual key.  Obviously, then, the only purpose of such strong-arm tactics 
could possibly be is to deter any key-escrow agents that offer a _secure_ 
key-escrow service.  But we've reached a contradiction:  Is key-escrow 
voluntary or isn't it?

You seem to have forgotten the subject of this thread.  The appropriateness 
of any particular piece of legislation depends not exclusively on what it 
says, but in fact how it will be abused by crooked judges and prosecutors.  
Every time you open your digital mouth, you further destroy whatever 
credibility those guys have in the eyes of the public.  At this point, 
anybody with a brain in his head should be terrified of giving the thugs any 
more power to abuse.

>> This would be one of those inventive future uses of encryption, well beyond 
>> plain vanilla PGP, which we must assure ourselves will be developed.  The 
>> kind of thing you dread, obviously.
>
>I don't dread it at all.  I simply recognize the limited protection it 
>affords the evidence concealer.

Actually, its protection against the individual is excellent.  What you've 
done, essentially, is assert that the government will abuse any and all 
people who contract with the individual in order to deter them from entering 
into useful contracts which are secure against government intrusion. This 
worries me, and should worry anybody else.  It's somewhat equivalent to the 
government holding your nearest neighbors responsible for any crimes you 
commit, which will induce them to spy on you to ensure that you're not doing 
anything that they'll later get it trouble for.  Look up the term "bill of 
attainder" if you don't understand.

>I certainly won't endorse moronic schemes that are so out of touch with 
>practical and legal reality so as to be laughable.  

That's odd.  I've debated all comers, including clueless ones such as 
yourself.  I've never run across a person who identified himself as a 
lawyer, and put even the smallest amount of effort into debunking my claims. 
 I don't claim that everything I've said must be the truth; rather, I've 
pointed out that it's a good estimate and I've asked for clarifications and 
corrections. Nobody ever SPECIFICALLY challenges me on the big items; mostly 
I get statements like the one you've made just above which are so laughably 
non-specific that it's hard to know whether you seriously expect me to be 
satisfied with it.

>The what's the purpose of your secret-super-duper "rosebud" warning?  In 
>the absence of evidence/information availability to law enforcement at 
>the ISP, the account holder will be directly accountable.  Is this a 
>better solution?
>
>You've now changed the structure of your "protection" scheme four times 
>to duck my criticisms. 

Actually, what I've done is poked four _different_ large holes in your 
arguments  I haven't presented these as being part of the same claim.  I don't have to.


>> No, an even better defense is to make it absolutely impossible, as a matter 
>> of business practice, to assist the police with any kind of an 
>> investigation.
>
>On the part of the ISP, this is possible.  A secret "rosebud" tipoff is 
>not the way to do it. 

Why not?  If it's undetectable, then there's no risk to the ISP even if you 
assume that he's not entitled to inform the target.

> Your constant encryption option is a bit better, 
>but still subjects the account holder to an investigation where the ISP 
>is compelled to cooperate with the authorities in secret and intercept or 
>record the computing session in real time. 

This is rich!  You're saying the ISP has to CHANGE HIS BUSINESS PRACTICES to 
ADD A FUNCTION not previously provided?  Hey, if there is any argument in 
favor of kicking these bastards out of office, feet first, it is this.  A 
search warrant, even a wiretap warrant, is NOT a "do anything and everything 
we tell you no matter how much time it takes and how much money it costs" 
order.   The reason the government wanted that Digital Wiretap act passed 
was because (supposedly) there simply wasn't the technology in place to do 
the kind of wiretaps they claim they wanted.  There was no hint, BTW, that 
any judge was fining and local telephone company for failing to do a tap 
because the equipment wasn't designed to do that.  (in fact, I've read that 
the thugs were forced to PRIORITIZE their taps, and to thus accept the 
existing limitation)  If what YOU claimed was possible, then that Digital 
Wiretap Act would have been unnecessary:  The government would have simply 
leaned on the phonecos to force them to install this equipment anyway.

I agree that an old-line company like AT+T or IBM or such might have 
complied with such an order, simply to stay on the government's good side, 
but to assume that such a broad interpretation will fly in the modern era is 
laughable at best.

>Unfortunately, records can only be completely destroyed in a pre-emptive 
>way when they are of no use any longer.  This, again, ignores the 
>possibility of real-time investigation or informers.
>
>  While courts will look askance 
>> at it when it does not appear to be a regular business practice (say, the 
>> company gets sued today and they have a mass shredding tomorrow) there is 
>> nothing wrong about regularly making past records unavailable by shredding, 
>> burning, erasing, or by any other method. 
>
>Once suit is filed there is.

Only if they are under discovery procedures.  If I file a lawsuit again, 
say, the local phoneco, that doesn't mean that their entire 
records-destruction system must be put on hold.  Only the material 
specifically needed and requested.

>> Making those records SELECTIVELY unavailable by encrypting them with 
>> somebody else's public key and keeping them has probably never been tested 
>> in court, but if the business contracts this ISP regularly signs have this 
>> as a provision of doing business, the court can't squawk after the fact.  
>
>No, instead, knowing of this provision, any plaintiff or prosecutor will 
>apply for a TRO to preserve evidence before ever filing for a warrant.  

It's pretty hard to TRO a microprocessor.

>> After all, the ISP might have simply erased the files, keeping them from 
>> being accessed by ANYBODY, including their "owner."
>
>This argument will go over real well in court.

It really doesn't matter how well it "goes over."  Once ISP's start using 
pre-emptive anti-warrant procedures, I predict that they will become 
standard in the industry:  "Due diligence," as it were.  Given a choice, I'd 
much rather use an ISP that was willing to make it as difficult as possible 
for the government to get what they want.  If the ISP WANTS to do this, they 
can.

>> In any case, I think it's fair to hold an ISP to his word and contract.
>
>Contracts are void to the extent they are illegal. 

Note to the rest of you:  Unicorn is abusing the term "illegal."  There is a 
difference between an "unenforceable" contract and one which actually is a 
crime.  Unicorn's trying to mix up these two distinctions.  Just because a 
contract can't be enforced in court because of legal bias, doesn't mean it 
can't be enforced "extra-judicially."


>> If you can repeatedly describe, in nominally accurate terms, how abusive the 
>> government has become and NOT oppose its actions with every fiber in your 
>> being, then YOU have made yourself part of the problem.
>
>Who said I didn't oppose it?

You only oppose it when PAID to!  You have all the business ethics of a 
whore.  Actually, maybe less.

>> Remember that prosecutor who died in Boston a few months ago?  You 
>> know, the one who made the national news?  I'm still waiting to see how 
>> that one came out, but I suspect they will never be able to prove who 
>> did it, and may not even be able to find out.
>
>Parties who believe Mr. Bell might have been responsible are invited to 
>call the Boston Police and provide an anonymous tip.

Don't try to be funny. You're not very good at it.   I try to follow all 
these kinds of "weird" cases that (strangely) make the national news for 
reasons that are not clear at the time.    I figure that the reason they 
make the national news is that somebody knows something about the case which 
makes it worthy of the attention, but they can't quite say it because they 
have no proof.  The word gets around, I'm sure.

>> Except that in a court room, the decision maker is PAID by a party to the 
>> case, the government.  That sounds like a classic conflict of interest 
>> to me.
>
>Yadda yadda yadda.

That's the best this guy can do!   (unless he's paid...)

Jim Bell
jimbell@pacifier.com





Thread