What is the difference between a warrant and a court order? Both presumably have judicial oversight, so is it just a difference in the standard required to issue one?
This reminds me of an experience I had several years ago. My sweet grandma fell prey to a scam where someone called her, impersonating me, and said I was in trouble in a foreign country and needed money. She sent some money via Western Union (or a comparable service, I don't remember which one) to my name, and the scammer picked the money up. To do this the scammer needed ID under my name. I called up the company and asked to see a copy of the ID that was used, since I wanted to know if any of my documents had been compromised.
The company said they wouldn't release that information without a subpoena, which seemed reasonable to me (for all they knew, I was an attacker trying to steal someone else's ID). But I couldn't find any way of getting a court order of any kind. It seemed reasonable to me that I should have standing to see what ID was used to impersonate me and steal money from my grandmother, but I couldn't find any options for actually obtaining it.
In this situation, I would have loved a way to obtain a court order for this information.
Certain types of requests by law only require an "administrative subpoena" -- Federal agencies basically are given the discretion by Congress to determine when they are necessary.
Typically, they are used to establish facts needed to support a search warrant. For example, the police may subpoena a utility to obtain electricity usage when investigating a marijuana grower. Using that information, they can obtain phone data and eventually get a search warrant to search the physical location.
I'm still confused about this whole thing. What did he do that he needed to resign for? As far as I can tell, he had an affair, which isn't exactly uncommon, and probably has zero influence on how he worked in his job.
This whole saga is hilarious for me - I live in South Africa. Our president was involved in a rape case just before he was elected. He got the charges dropped because of a mysterious set of audio recordings that were classified yet somehow proved him entirely innocent. Trouble is, nobody has yet been able to get hold of these recordings even under subpoena from the constitutional courts. The guy also has a number of wives, was involved in a number of arms deals, and is currently building a $30 million house in the middle of nowhere and having a billion dollar freeway project begun to make sure he can get to his house in style. We also have a 'textbook fiasco' where a large portion of public schools in a province did not receive textbooks at all. Nobody in the education accepts blame or will step down over this. The monopoly government controlled electricity provider is increasing electricity charges by over 15% per year and is still losing money by paying out massive bonuses to employees. We have had illegal strikes resulting in multiple deaths caused by police shooting fleeing strikers in the back as they ran away. Nobody in government has stepped down over any of this.
This is common in many democracies across the world.
The fact that someone in your government is forced to step down over something as basic as having an affair (our president has had a number of them over the last 4 years) shows that USA is still pretty high up as far as government morals go. Bravo!
Politicians in the USA have higher standards for civil servants than they do for themselves. There are numerous elected officials that have had multiple affairs, multiple convictions for some serious crimes, and/or very questionable ethic violations, but they'll happily keep their job.
CIA director is an easy target, and it's more than possible that Petraeus was targeted for some other reason and the affair was a useful pretext for taking him down. It wouldn't affect a president though. Bill Clinton only became more popular once the Republicans tried to remove him from office over an affair he had with a White House intern.
The issue is (highlighted on Charlie Rose show) that CIA employees have a code of conduct that requires disclosing any compromising situations immediately to their supervisors, colleagues, etc., and DP did not do that.
So it would be a double standard for management, etc., and he would have been known to have broken the code of conduct. Not broken it with the affair, but broken it by not disclosing a compromising situation.
Having an affair opens yourself to blackmail, and given he is the top spy this is considered a serious offence. That's the thinking, anyway. There might also be an ethical code which was broken, which is a fireable offence.
The "susceptible to blackmail" argument is a justification and easy excuse. That is the exact same argument people used to keep gays out of the military for years.
Not to mention, it was leaked to the media, everyone already knows about it. How exactly could that be used to blackmail someone if the entire world already knows about it?
During the time when the affair was secret, Petraeus was vulnerable to blackmail. His failure to recognize that and alert his superiors demonstrates that can't be trusted.
Do you really think he would allow himself to be blackmailed rather than tell the blackmailer to go ahead and go public with the information? He admitted the affair to the FBI when initially questioned about the emails.
I suppose you think Clinton should have resigned (instead of lying about the affair, which made everything worse)?
What I think is irrelevant. The OP asked about the blackmail justification for resigning and my point was that in the context of the security regulations as they exist, having your affair exposed doesn't eliminate the need to resign. The rules as written require you to (1) not have affairs and (2) tell your superiors immediately if you break (1).
Now, maybe you think those rules are stupid. Frankly, I think some of them don't make a lot of sense (or at least fail a cost/benefit analysis), but I don't make the rules. Petreus agreed to follow those rules. If he didn't like them, he could have refused the job. Or he could have worked to change them. But he didn't. So he has to live by them. And he failed to do that.
I don't think we know enough about exactly what happened to determine if he broke the rules or not. People around him in Washington may have known about this for a long time before it went public.
For a lot of these military and intelligence positions, it is best to err in the direction of caution.
Also, the people involved have probably learned from painful experience that traditional institutional rules are usually better guides than they sometimes appear to be at the moment of decision.
I doubt that the top spy was fired for not sharing his secrets.
If anything I would guess that he was fired for allowing his secret to leak (which means incompetency).
Realistically though, all that scandal is just a cover for real reason why Petraeus was fired - probably something like policy disagreement with superiors.
I suspect it's the military ethical code violation that really did it. People in the military take that seriously, the higher up you are, the more serious it is. I thought the blackmail/office politics thing at first myself.
General Petraeus is still in the military. He's just retired -- he didn't resign his commission. The distinction between the two is that Petraeus continues to earn military pay, may be recalled to active duty, and is legally still an officer in the Army at the same permanent rank (four-star General) that he retired at. This is also the case for almost any living retired general you can think of, including Colin Powell, Anthony Zinni, Norman Schwarzkopf, and Tommy Franks. Anyone who has served in the military for 20 years is eligible for retirement, though, it's not just for generals.
Actually leaving the military, if you're an officer, requires resigning your commission. For enlisted, one generally signs up for a limited term of enlistment, and is out of the military at the end of that enlistment unless they choose to reenlist. Once an enlisted servicemember reaches 20 years of service, they become eligible to retire at their current rank as well.
Career military men are military men for life, so what they think in their head and what their military friends and colleagues think is going to remain important regardless of the nuances of their service status.
> I'm still confused about this whole thing. What did he do that he needed to resign for?
I'm not an American and I don't live in the States, but from what I can tell a bigger f*ck-up was that Mrs. Broadwell gained access to Petraeus's personal email account. God only knows (or in this case the FBI) what was in there, but I suspect it was not only about baseball newsletters and photos with Petraeus's nephews and kids. This coming from the man that heads the CIA is a major no-no, IMHO.
Not having affairs is a condition for keeping high level security clearances. Without a clearance, the director of the CIA cannot properly do his job, so he had to resign.
It's more about a matter of trust than having sex with someone that isn't your spouse. So, it's not really the affair but more about keeping a secret about the affair.
Well, it opens him up to blackmail, and I'm sure that the directory of the CIA would be a juicy target if an opposing spy agency had this info (prior to it becoming public).
I don't personally buy that the solution to this is to "rein in the FBI" if we're talking about the security of the CIA chief vis-a-vis the FBI. The point is that a motivated attacker could do all these things to a high value target. It might sound far-fetched but having damaging personal information about a CIA chief is very valuable. I don't condone judging people by their worst actions, but I think that the government would rather the FBI found out this information than someone else.
I think you might be kidding yourself if you think that gives you any meaningful protection against government agencies. As the article said, one of the dangers of taking some protections is being lulled into a false sense of security.
At the end of the day Men With Guns(TM) may still come to your colo facility and just take the equipment, but even in that edge scenario, you would know something was up in a way you wouldn't with gmail.
In non edge cases, you are the provider and the owner of the equipment, and it is you who will be given the court order - you'll see what is going on and have the opportunity to respond as YOU see fit, not as google sees fit. Furthermore, depending on your practices and countermeasures, you may have actions available to you with your own assets that, of course, you wouldn't have with gmail.
In fact, the advantages of running your own mail server are so great, that over the past few years I've decided it's probably time to start self-providing my own dialtone and voicemail the same way I self-provide my own email. For all of the same reasons.
I think it's the only idea ... what other alternative is there ?
Not "encryption" since that's not the problem we are trying to solve - you can do that with gmail right now. I'm talking about the "I woke up this morning and my email was delivered to the local DA and I had no idea and played no part in it" problem ...
Or the, "Chinese hackers dragnetted my account after they found a hole in GMail". Something to be said for being a small fish when the big boys go at it.
Actually they would need to seize my server physically - my ISP does not have the root password. But :
- It is located in France, which makes it difficult for the US government. Easy for the French government though.
- It is a mom & pop ISP, who will tell me if someone forces them to yield access to he hardware.
- I will notice if the server goes offline.
That said, a competent, motivated and well endowed intruder will probably find a way through one of the other services on the same host - if intrusion occurs, I guess it will be through a Wordpress plugin. But if I wanted elevated security, a host with just sshd, courrier, postfix and the afferent mail processing is a pretty tough nut to crack.
At that point though, I feel like you're already taking most all of the risks of hosting your own mail, and also taking all the risks of going through public webmail. Worst of both worlds sort of thing. So you might as well host yourself at that point :)
The issue is not whether or not FBI should be able to do something like this, but they should be following more strict procedures, and they should always need a warrant and "probably cause". It's pretty scary that the FBI can get all this information about someone just because there's a 10th degree relationship between someone they were following and you.
But this case was pretty horrible to begin with. It seems FBI was only doing this as a "favor" to someone, and it wasn't about finding evidence about Petraeus having an affair, that enemies could've exploited, because they weren't aware about this, and they only found it by mistake.
All I'm saying is that the Government having this kind of power doesn't represent the "land of the free" very well, that US is supposed to be, and it has a lot more in common with a dictatorship/totalitarian state than with a true democratic republic.
It seems to me that technology is making it irresistible for Governments all over the world, whether democratic or not, to want to spy on their citizens and know everything about them. The lure of absolute and all-knowing power is very tempting, the easier it gets with new technology.
If this doesn't become a real political issue, and is not stopped, I could easily envision how 30-40 years from now, when technology will make it possible for people to interact with technology through mind control, it will also be very easy technologically wise to see what people are thinking, and the Governments will no doubt want to easily access that, too.
There's already another scary trend starting to show-up - that of pre-crime recognition, although it's still in its very early stages. But imagine when we'll start to use quantum computers. Those computers could easily create all the needed statistics and possibilities to show how likely someone is to commit a crime in the near future, and I could see the government and law enforcement agencies wanting to use that. I think we've all read the reports of NYPD police raiding the OWS leaders a night before the protests were supposed to happen. This is not mere unlikely theory. It's already happening, just on a much smaller scale.
It would simply be irresistible to them at the time, just like they love being able to obtain all the data about you without a warrant right now, and they'd love if it they could do even more without a warrant, and are lobbying for these types of laws in Congress. The only way to stop these sort of trends is for people to take a stand, and vote for people who are against them.
the Government having this kind of power doesn't represent the "land of the free" very well
An interesting thought springs to mind. Being free, and the government knowing what you are up to, are not inherently at odds. This is a good thing, as hiding things is only going to get more difficult as technology progresses. Rather than fighting to keep one's deeds (or misdeeds) secret, perhaps we should be fighting to make it such that it doesn't matter if the government knows?
The government is made of people. So just replace "government" with "other random people" in your thought above, and see if it makes sense to you.
To me, it IS "inherently at odds".
edit: to expand on this - information easily leaks from government employees who have been authorized to access it. Especially when it is so easy to get, and is so broad, then a private investigator is likely to find a government employee who would copy the files about person-of-interest-X in return for $1000, for almost every X.
For just one additional lookup a week, that employee can make an additional $50,000 tax free with negligible chance of getting caught (with today's nonexistent oversight) except if the resulting leak happens to become a news item.
So, realistically also replace "government" with "any willing person with $2000 to spare" (the private investigator will also take a cut :) )
This. To me, Silverstorm's comment seems to be along the line of thinking of "If you've got nothing to hide, then why do you care what they know about you?"
Sort of backwards from that. The counter argument to "If you've got nothing to hide..." usually revolves around the fact that you're always breaking laws, just because we have such a tangled legal system. So if you fix the legal system, then there's no cause for worry.
Yes, there's the privacy issue, but I'd bet that could be handled.
No, the counter-argument to "If you've got nothing to hide" is that there are lots of perfectly legal things that you don't want other people to know. Maybe you're gay and you don't want your parents to know. Maybe you don't want your abusive ex-husband to know where you live. The more people that know a secret, the harder it is to keep.
Remember, the government doesn't know anything, people working for the government know things, and the more people that know a secret, the harder it is to keep.
Right, so that's the privacy part. It seems to me like that ought to be addressable- there's already plenty of people who become privy to private information for this or that reason, and it is very rare it becomes a problem.
Unless the system is significantly improved, yes, it probably entails some increased risk to your personal secrets. But to immediately shut down any suggestions of increasing government application of tech on those grounds seems short-sighted and selfish. There are positive outcomes, too! I'm not saying "forget about privacy, it doesn't matter", but rather "shouldn't we try to work a compromise?". Find a balance, where any increase in risk to personal privacy is counterbalanced by a respectable improvement in the capabilities of government to operate effectively. If we are stoic and immovable on the issue, we just impair our own government when we limit them to 20th century technology.
The main fallacy of your argument is that you assume you can somehow prevent corruption by technical measures, when the only lesson you can take from history is that government corruption is a question of "when" and "how", not "if". And you're saying "it might be useful" without offering even a single example. (In general you need at least two example to generalize from, you know)
Could you actually give examples where more government knowledge is helpful? Strike "crime fighting" out, because e.g. London's MET police, and the FBI already have almost-all-knowing access to data, and all reports say it doesn't help at all.
In the 2nd half of the 20th century, Eastern Europe and the Soviet Union, are full of examples of why government knowledge of everything is bad.
Assume government knows everything you do, all is fine, and then one day, Hollywood gets a law that says you can't watch a DVD with friends (you each have to own an independent copy, so that they get paid). Bam, instant enforcement the next day, because the government knows everything. An almost-as-ridiculous law was almost passed (the recent ACTA treaty), and it's not a coincidence that demonstrations in Europe (especially former eastern block, who have actual experience with that) were far more numerous and vocal than in the US.
This is beyond scary, we all basically live in a police state now and their is nothing we can do about it. Schneier's last line just about sums it up...
Please. This is nothing compared to what the FBI did from their inception until the late 1970s. If this happens 40 years ago you might find out about it 5 to 7 years after it occurred.
While I agree with what you are saying, it's like saying "ha, your fatty liver isn't serious. Some people get cancer!". The fact that the FBI was even more horrible until the 1970s doesn't make the current situation any less scary.
This reminds me of an experience I had several years ago. My sweet grandma fell prey to a scam where someone called her, impersonating me, and said I was in trouble in a foreign country and needed money. She sent some money via Western Union (or a comparable service, I don't remember which one) to my name, and the scammer picked the money up. To do this the scammer needed ID under my name. I called up the company and asked to see a copy of the ID that was used, since I wanted to know if any of my documents had been compromised.
The company said they wouldn't release that information without a subpoena, which seemed reasonable to me (for all they knew, I was an attacker trying to steal someone else's ID). But I couldn't find any way of getting a court order of any kind. It seemed reasonable to me that I should have standing to see what ID was used to impersonate me and steal money from my grandmother, but I couldn't find any options for actually obtaining it.
In this situation, I would have loved a way to obtain a court order for this information.