> The problem seems to be that tech companies approve EDRs without much checking. Then the argument somehow becomes it is essentially impossible for them to check because there could be any of the thousands of police departments in the world requesting the EDR?
What I got from reading is that there are conflicting concerns. An EDR needs to be answered as quickly as humanly possible; they exist for cases where it's likely that someone would die while waiting for a warrant/subpoena. Secondarily, tech companies really don't want to have a headline like "School bombed because $socialMediaCompany refused to hand over records in time".
The competing concern is privacy. The problem isn't directly with the number of police departments, but that there's no way to automatically authenticate the requests. They'd have to manually look up the police department, call them, and try to get routed to the officer that supposedly sent the request.
The difficult part is that in order for EDR's to be at all useful, they need to be faster than getting a warrant. They can probably get a warrant faster than Facebook or whoever can finish their game of phone tag to check on the request. So right now, they're checking the only thing that can be validated within the request itself: the domain name.
The solution he calls out seems workable: a global identity provider for police through the FBI or another government agency. In my rough interpretation, we could use something like GPG to sign the requests and have the FBI run a keyserver. We would need to secure the GPG keys, but if they were kept offline on USB sticks except in the rare case of submitting an EDR, that should be far better. It would require physical access to the keys to submit an EDR, and tech companies can infer that someone has physical access to the keys by the signature.
What I got from reading is that there are conflicting concerns. An EDR needs to be answered as quickly as humanly possible; they exist for cases where it's likely that someone would die while waiting for a warrant/subpoena. Secondarily, tech companies really don't want to have a headline like "School bombed because $socialMediaCompany refused to hand over records in time".
The competing concern is privacy. The problem isn't directly with the number of police departments, but that there's no way to automatically authenticate the requests. They'd have to manually look up the police department, call them, and try to get routed to the officer that supposedly sent the request.
The difficult part is that in order for EDR's to be at all useful, they need to be faster than getting a warrant. They can probably get a warrant faster than Facebook or whoever can finish their game of phone tag to check on the request. So right now, they're checking the only thing that can be validated within the request itself: the domain name.
The solution he calls out seems workable: a global identity provider for police through the FBI or another government agency. In my rough interpretation, we could use something like GPG to sign the requests and have the FBI run a keyserver. We would need to secure the GPG keys, but if they were kept offline on USB sticks except in the rare case of submitting an EDR, that should be far better. It would require physical access to the keys to submit an EDR, and tech companies can infer that someone has physical access to the keys by the signature.