From what I recall, he said at the key distribution centers, USPS scans every single mail (in standard envelop sizes) and in under a second, runs OCR for the destination address. Results from OCR are matched to the address database and if the match is significant, the mail is automatically diverted to the correct queue. Now here's the fun part - if OCR fails or print/handwriting is unreadable, a photograph is immediately sent to one of the hundreds of humans waiting to decipher the address and type it in (think Amazon Mechanical Turk). The humans have under 10 seconds to read, decipher, type, and submit the correct address. During this time, the letter is held up in a waiting buffer and the moment the correct address is available, it is diverted to the correct queue.
I asked him if that means USPS took a photo of every single piece of mail and he said yes, they had to, otherwise nobody would ever get any mail due to the sheer volume of mail they had to manage. I asked if the photos of envelopes were saved forever and he said, well, I'm pretty sure they are but I'm not allowed to publicly admit that.
I know it's a personal anecdote but that was seven years ago. I can't even imagine what they're doing now.
I worked on the OCR systems. Fun fact: at one time, the USPS was the world's biggest user of Linux in a production setting. Their OCR boxes ran on Linux (until they were replace with SGI O2 boxes at a massive cost... but I digress).
Here's the path the mail takes: it is picked up by carriers from the mail boxes. Then dump trucks bring it to the P&DCs (Processing and Distribution Centers). There are about a 1000 PDCs in the country, I think. There, mail is dumped into a massive conveyor belt, where the first machine (AFCS, or Automated Facer Canceller System) makes sure that the mail is facing the right way, and is upright. Various heuristics are used for this. Here the mail is stacked nicely into flat boxes, vertically.
Postal workers then feed these boxes to the MLOCR (Multi-Line OCR) machines. These machines scan pieces at the rate of 13/second. After being scanned, the letter goes on a long loop before coming back to the beginning: this loop, about 3 seconds (not sure about this) is the latency: the reading machine has this much time to decode the address. Also at this time: a fluorescent barcode is sprayed at the back of the piece, giving it a unique ID. If the OCR machine can read the address, it is sent to a bin indexed by the first 2 digits (or so) of the ZIP code (assuming it's not local).
If the OCR can't read the mail, it is sent to a separate pile. Then a program called RCR (Remote Computer Reader) kicks in: a person sitting in some remote area gets the image, enters enough information to decode the address, and the results are collected (tagged by the ID of the fluorescent barcode). After a few hours, this separate pile is run through the sorting machine again: this time, the fluorescent barcode ID is used to match the results from the human, and a real barcode is sprayed on the front and the piece is sorted as before.
Now, there are variations in the above, but this is the gist of it.
Fun facts: the USPS aims to handle a piece at most 7 times. And when a piece gets jammed in the machine and is torn, it gets put in a "body bag" with an apologetic note.
How reliable is the mail delivery? Do you know how much mail is lost? One percent, more, less? (I believe one kind of failure is called UAA - undeliverable as addressed.)
I'd love to learn more, but don't know where to start.
Some of us election integrity activists are deeply concerned with the transition to vote by mail (all postal ballots, no more poll sites). One practical complaint is our assumption that 1% of all mail is lost. In a big county like mine, that's 12,000 ballots.
My FOIA requests were rebuffed. Apparently the data gathering is done by third parties, so is considered proprietary. (A nice dodge, illustrating how privatization reduces government transparency and accountability.)
The best information I found was looking at court cases, where USPS' customers (eg bulk mailers) dispute the UAA, and don't want to pay extra.
It's true that every piece of mail goes through OCR. If that fails, it's sent off to one of the encoding centers as you described. There wasn't a 10 second limit to encode an address, but all encoder's performance was continually monitored and those that didn't perform quickly would not get as many hours per week. There were random audits done of a sample of 10 responses; over time your accuracy was expected to be 99%.
In addition to encoding scans of envelopes, there were more sophisticated systems for encoding packages and magazines. Since there is no standard place to put an address on a box or a magazine, encoders were provided with images from all sides of an item, making the encoding process have two steps: finding the address, encoding the address.
As OCR improved, the number of Postal Encoding Centers was reduced. The last I heard was that the Beaumont center shut down and there are only 5 left nationwide.
http://www.nytimes.com/2013/05/04/us/where-mail-with-illegib...
As I understand it postal mail is traditionally given much stronger protections than other forms of communication, especially in the US.
I'd be very surprised if postal mail was being intercepted and contents were read without very strong warrants.
EDIT: It does sound like a fascinating system though. All that mechanical stuff; all those different sizes; all that paper dust! Postal mail is amazing.
I moved on before I got to work on the sorting machines: the intricacy of that stuff is truly mindblowing for a mechanisms geek like me ;-)
When I move, I tell the post office my new address. They are able to reroute my mail to me (while the new tenant gets their mail successfully). The post office reads the outsides of envelopes, and understands that mail to the same address can be treated differently.
So the fact that they send digital records of all mail sent to the FBI shouldn't be a surprise. But still is, somehow.
Not delivering as much mail? http://en.wikipedia.org/wiki/United_States_Postal_Service#Re...
Not saying they're doing it, just saying it's possible.
http://www.fairchildimaging.com/files/2kand4klvcameramanualr...
I know from experience that you can read at least the outside page of a tri-folded letter through most envelopes on the address side. According to one of the Fairchild applications engineers, it is a problem with mail sorting systems, because they have to reject that noise to read the address properly. The Osprey camera has excellent sensitivity in both UV and Visible wavelengths.
As it stands what you're suggesting is at least already illegal, FWIW.
Edit: Ah, after we worked together it looks as if he went back to pick up the hand-written addresses as well: http://www.linuxjournal.com/article/2985
Definitely never used in court or we'd hear about it but they probably wouldn't risk the constitutionality of that.
So they are just collecting it for the sake of spying on everyone. Lovely.
You'll notice that early on, it mentions Ex Parte Jackson, an 1878 case which established that the contents of mail are protected by the Fourth Amendment, but that the outward form is not. Mail 'metadata' has always been fair game, just as it would be fair for a police officer to observe your comings and goings on the street without any need for a warrant.
Then there's the Postal Inspection Service, which is the law enforcement agency that specializes in mail fraud (perhaps you've heard of that?) and which predates the founding of the USA.
I don't mean to be rude, but the fact that you've 'never, ever heard of' something doesn't mean anything special. You don't strike me as terribly well-informed.
Reading the fine submitted article would solve that problem.
It's time we technologists all sat down and though about ways to turn the tide - they are using technology to track us, how can we use technology to thwart them?
My best answer is: data flak. We should all start building system that include extra data. Browser components that load other pages in the background. Phones that text at random. Snail mail to nowhere.
You're gonna snoop on all my data? Take it ALL and choke on it.
There's also this issue of willing disclosure of information to an entity. When I put a stamp on something and drop it in the mailbox, I know I'm handing that information over to a government authority (or whatever you want to call the USPS's weird relationship to the government). Regardless of what they are or aren't supposed to do with it, the fact is that I know I'm putting my info in their hands and trusting them. This is unlike PRISM, where I send an email through Gmail with no expectation that it should ever pass through government hands.
Also, I'm under the impression that most if not all hand-written addresses are digitized for sorting purposes. I think you have to be naive to assume the postal service wasn't keeping that data on file.
It’s quite different to assume that people can look at the outside of any particular letter, than it is to assume that people are building a database of all your mail, and doing social network analysis on it.
The results of the 2 actions are radically different, with radically different amounts of information gleaned.
"Mr. Pickering said that although he was arrested two dozen times for acts of civil disobedience and convicted of a handful of misdemeanors, he was never involved in the arson attacks the Earth Liberation Front carried out."
Gee, this guy was a member of a group that conducted arson attacks and the government is keeping track of the mail he gives to the government to deliver? I'm shocked, really...
That said, this is a great article, and the second page gives a good description of what I think is the legal theory behind the NSA programs:
1) Don't need a warrant to keep track of meta-data (whatever is readable on the outside of the mail).
2) Don't need a warrant to access contents (opening the mail) in foreign intelligence cases (i.e. where the target is a non-U.S. person).
3) Need a warrant to access contents otherwise.
"The trouble with fighting for human freedom is that one spends most of one's time defending scoundrels. For it is against scoundrels that oppressive laws are first aimed, and oppression must be stopped at the beginning if it is to be stopped at all." - H.L. Mencken
Use a fake return address (duh).
Drive to a mailbox far away from your work or home. Pick a mailbox that has no security cameras. Don't go into a Post Office, where there will be security cameras.
Turn off your phone before going anywhere near the drop location.
(This is all coming from a PBS documentary about how they went about the 2001 anthrax attack investigation.)
Foreign magazines and newspapers were sometimes seized and not delivered to subscribers, usually when they included articles about domestic politics in Taiwan. (I learned to respect The Economist as a news source by observing how often it was seized in delivery, either in entirety, or with blacking out of particular articles.) Local people who could read English could pay their hard-earned money to subscribe to (rather expensive, in those days) publications like The Economist or the Asian edition of the Wall Street Journal, but they couldn't count on receiving all of what they paid for.
The dictatorship in Taiwan eventually fell, after a largely peaceful people power revolution that forced a transformation to an open political system. Along the way, people I know, including the father of one my children's godparents, were imprisoned for leading peaceful protests urging free and fair elections and a stop to censorship. Most people don't have the courage to go to prison--especially prisons like those in Taiwan at the time. But courage is what it takes to undermine a dictatorship. A successful movement for greater freedom requires great courage, and a degree of social trust among the movement participants that is not easy to find. Allow me to repeat advice I have shared here on Hacker News before. If you really want to be an idealistic but hard-headed freedom-fighter, mobilizing an effective popular movement for more freedom wherever you live, I suggest you read deeply in the publications of the Albert Einstein Institution,
http://www.aeinstein.org/organizationsde07.html
remembering that the transition from dictatorship to democracy described in those publications is an actual historical process with recent examples around the world that we can all learn from. Practice courage and practice collective action.
Which is actually the kind of argument which justices on the Supreme Court might be comfortable with. "Yes, this program somehow squeezes into the letter of the law, but not anywhere close to the intent of the law or the Constitution".
That is, does the to/from data they collect ever get used to exonerate someone from a crime, or is it just used to decide who to put on "no fly" lists and other such un-American things?
Can this data have any use other than providing guilt by assocation? Can this data be used to say "no, not a terrorist" or something like that?
If it's just one sided, used or useful only for prosecution and persecution, then it needs to be done away with. As it stands, this practice is just Soviet. It's un-American to do guilt by assocation, and to have prosecution evidence that the defendant can't challenge in public.
"Law enforcement officials need warrants to open the mail, although President George W. Bush asserted in a signing statement in 2007 that the federal government had the authority to open mail without warrants in emergencies or foreign intelligence cases."
The scanning of the envelope is rather benign and critical to efficient operation of the mail sorting/routing system. However, the long term storage of correspondence and association in light of recent NSA disclosures is more concerning. The possibility of abuse is enormous. All you would have to do is find someone that is being tracked and start placing letters addressed to any of your political enemies in their mailbox for pick up.
Always interesting if you can get the other side to reveal information by playing on the fact that they are trying to get as much information about you as possible.
If as you say they are never looked at (and I can certainly believe that is true) then the URL you encoded would never be accessed. If however you got a web log entry on your web server that your URL was fetched from a machine run by Booz Hamilton, well there ya go, a bit of information extracted by putting a puzzle in front of them. :-)
In that case there'd be no tracking of who is mailing whom, but instead just how many letters someone is receiving.
Based on https://news.ycombinator.com/item?id=5986635 and https://news.ycombinator.com/item?id=5986011
Edit: this comment is for scrabble's sake, as you and I already exchanged comments on the subject.
Are you guys not getting fed up at some point? Land of the free, please be it again.
I would vote for the Pirate Party. Unfortunately I can't.
Interviewer: Chairman Feinstein, what can you tell us about the USPS data collection just reported by the NYT?
Chairman Feinstein: Our committee received highly confidential, double secret, triple national command authority top secret, quadruple crypto secret, eyes only, not to be remembered (as in the movie Men in Black -- it wasn't just a movie) on the main threats to US national security.
Interviewer: And?
Chairman Feinstein: We got the best of the best of the best.
Interviewer: And?
Chairman Feinstein: Well, we learned about the main threats to US national security, in descending order of seriousness, (1) invisible squads of ETs corrupting our precious bodily fluids, (2) marauding giant herds of 100 ton, angry, rabid mastodons destroying our cities, and (3) progress in the genetics of intelligence that produced a strain of giant rats with intelligence and cunning far above that of humans. Yes, the rats have escaped and are now breeding rapidly in the sewers of our major East Coast cities and spreading quickly west. They have been stowaways on airlines and now are colonizing San Francisco and spreading rapidly on the West Coast.
Interviewer: And why have we not heard of these massive dangers before?
Chairman Feinstein: Isn't it obvious? The intense work of our committee, yes, with that of the House, and our national security command authority has been successful.
Interviewer: But what about the Boston bombers?
Chairman Feinstein: Well, nearly successful. But that was a small gap compared with invisible squads of ETs, marauding mastodons, and super genius intelligent giant rats.
Interviewer: But what did all of that work cost?
Chairman Feinstein: The budget is classified, so high that no one can see it, not even God.
Interviewer: Ms. Chairman, thank you for your interview, and I'm sure all US citizens will be intensely interested in the work of you and your committee.
The NSA should just go all-in and make a business of all this.
Makes you wonder what they are really doing with all this data and with the Dark Star.
Postage on a post card is currently 33 cents. How many postcards do you reckon you'd have to send before the automatic scanning process costs even one cent extra?
It seems like it would be a self-defeating process since the cost built into sending "data flak" would pay for the services monitoring it.
Misdirection: it's been used in magic for a long, long time.
So what happens when a piece of software can be used as a terrorist device? We're going to run into that. Soon.
If a person were to send periodic letters with real and fake cryptographic messages to random individuals of importance, barring a warrant to read the contents of each letter, that would constitute reasonable doubt as to whether or not that person was legitimately communicating with another person of interest.
why put a stamp on if you don't care about where it goes? better yet, put a 1 cent stamp on and make sure it gets extra handling for postage due.
Put your letter inside an envelope to a mailing proxy. Mailing proxy opens your letter, and sends your recipient a letter from them.
There are more opportunities for misdirection - the mailing proxy service can internally shuffle letters around and add mailing delays to discourage external analysis.
Although, even with all that, I'm unsure of the effectiveness of this approach. It's usefulness also scales with the number of people willing to use such a service.
Does the gov't need a second warrant to open a letter-in-a-letter?
Alternatively, you could use a peer-to-peer mailing scheme - advertise your mailing address as a mailing "node". People who want to "use" you send you a letter, and inside that letter they write a letter to the intended recipient, with the sender addressed as you. When you receive such a letter, you merely open the one addressed to you, and drop the inner letter in the mailbox. Nest as many letters as you want and have your letter "hop" around the world.
Interesting question; I'm guessing no, unless the interior letter contained obviously privileged material (eg 'Dear Father, I hope you are well; enclosed is a letter I received from your lawyer after you departed, which I forward to you unopened. Your Loving Son.'), in which case a warrant would probably not issue for the contents.
A stamp collector who wants a particular cancellation stamp can send a letter to the postmaster containing a letter and a note: "Please postmark and deliver".
I have used this in the past to play small tricks on friends, and to send them mail from far-away places.
Per the article, the entire course of your letter is tracked, so this should never be used when actual privacy is desired.
Then each data facility could reasonably process a few thousand letters a day, batching them for the postal service. After a few rounds of mixing, if there was significant facility-to-facility traffic, it would become impractical to find any specific letter's path.
Time for real world implementations of our high-latency packet routing algorithms?
I think the problem is in "the few". If they snoop on us, we should be able to snoop on them -- especially since it's our tax dollars that pay their salaries and (although yes it's a joke of a broken system) we elect these officials more or less directly.
Just to level the field a little bit. For example, London is full of CCTV cameras -- why is it that only a small group of twisted perverts has access to the feeds? The cameras are in public places, the public should be able to see what the cameras are seeing.
FYI it's not all bad: the UK automatic number plate recognition (ANPR) CCTV network run by the police (http://en.wikipedia.org/wiki/Police-enforced_ANPR_in_the_UK) is currently being legislated by the Coalition to bring it under statutory regulation - considering the revelations about police conduct over undercover cops it can't come to soon either.
P.S. Bless the UK gov, a full surveillance state can't happen because it's rubbish at IT: 'The current restraints on police use of ANPR data have been dictated by pragmatism rather than a concern for civil liberties. Giving every police officer free access to the system would overload the system, "make it unstable, slow it down", said John Dean, National ANPR co-ordinator for the Association of Chief Police Officers.'
I'm usually someone that's very fond of privacy, but I'm not entirely sure I have any qualms with CCTV in public places and in fact I'd love to hear arguments against them.
The only real solution is to have end-to-end encryption that is easy to understand and use.
[1]There's still the problems of metadata and backdoors and of legislation around encryption.
Run a 30 second calculation on any of the power laws working on bandwidth, processing power, or storage, and you should realize very quickly it's impossible to flak the system to death (and that's assuming a lot of people participated).
There are only two practical approaches to what's going on. 1) fix the political system 2) encryption
Adding flak is convoluted and ineffective compared to the elegance and efficiency of encryption (not to mention flak doesn't necessarily conceal anything, whereas encryption can).
I can create enough flak to confuse a casual, or even somewhat interested observer. If the flak is smart enough (smart flak, heh) then it would be hard to differentiate between actual and fake traffic.
More to the point, not all flak is equal. You can create noise around services that you appreciate and admire, even if you don't use them yourself, creating what essentially amounts to a mild, benevolent DOS attack (mild because it would have to generate messages at human scale).
Data flak is perfect for web-browsing, but messaging is more problematic. Perhaps encryption is the key (no pun intended) but key distribution is still a problem. What you know, what you have, who you are.
A combination of the two could be killer: send 10 encrypted messages to people; 9 of them don't have the right key, so they get thrown out. The 10th can read it. And the meta-data is noisy as hell.
I think we really need to go back to a checks and balances type of government instead of a top heavy executive branch. This lack of checks and balances is the root cause of the issues but I really don't know if there's anything I or we can do about it.
I'm open to suggestions for specific action items. I'm extremely unsure of what I can do to help cause change.
I'd argue that everything we're seeing is largely a symptom of the poor government structure in general, which has let two large parties entrench themselves and rig the electoral process, to make themselves virtually immune to any consequence to their actions.
The solution is changing voting policy in two ways: changing it to something besides the winner-takes-all system we have now; forcing voting districts to be concave polygons (with some algorithmic properties about minimizing area/edge length relative to certain other properties).
These two changes would a) break up the two parties by making it possible for others to compete and then essential to form coalitions and b) break up gerrymandering allowing the vote to actually reflect how the public felt.
This also reminds me of the time the FCIC asked Goldman Sachs for some data and they proceeded to send them 5 TB of nearly useless documents.
Dumping people with large amounts of data seems like the modern equivalent of paying your parking ticket with pennies.
EDIT: the bit about getting at medical records seeped in from reading another comment.
Anyone could argue for censorship and for reading your letters: "it is because of the children"... You are putting them in the hands of the USPS.
Buy the envelope, stamp, and any mailed material (eg paper) far from your home.
Exclusively handle all the materials to be sent in a clean environment far from your normal haunts. You may want to wear a hair net, breathing mask, and gloves. Do not lick the stamp or envelope.
Be careful about handwriting anything, if authorities may have any samples of your handwriting — as for example on prior letters addressed, or archived forms filed. Also, do not use a computer laser/inkjet printer, which may add unique invisible tracking codes.
After leaving behind your own phone, be sure not to use a vehicle with its own phone (OnStar etc) or any RFID transponders (eg tolltags, which can be read for traffic jam analysis even on non-toll motorways). Similarly, put aside any personal ID or payment cards (passports, some driver's licenses, mass-transit stored-value cards, etc) which may have remotely-readable RFID transponders.
Try to arrange for your phone, computer, or residence to continue giving off its usual signals of your presence – so that the period of the letter mailing doesn't show up as a suspiciously idle time for you.
Avoid all private and public surveillance cameras, or disguise yourself (and your car's license plate from automated readers).
Still:
Even with all these steps, it's likely the individual's capability to opt out, with effort, from being tracked will soon be obsolete. It will be too cheap and appealing to video-record all public spaces, or even regularly dust all public spaces with unique molecular tags so that when examining an artifact later (a letter, vehicle, article of clothing, etc), all other places it has recently been are evident to careful analysis.
For example, you could go to Ikea buy something there (with a credit card to leave a log of a transaction) and mail your letter. Ikea because they aren't that many Ikea stores but it's not out of the ordinary to drive quite a while to go to one.
My point is that if you have reasons to want to send an anonymous letter, you might want to make sure that a drive that doesn't fit your regular patterns can be explained by something reasonable.
edit: I'm not sure the credit card is a good idea. Likely not. It might be better to pay cash, and keep the receipt. This way, you can't be immediately cross-referenced, but if asked, you have an alibi. Yeah, I really don't know. :)
The letter would be put in an envelope. That envelope would be addressed with a department (but not a name). That envelope would then be put in another envelope. The outside envelope would be sent to Box 500.
It is kind of weird that in the 21st century we're re-learning ancient tradecraft from retired spies.
Better, leave your phone behind during the day-trip to whatever mailbox you are using.
Yes, and thanks for a great comment. I'm going to read that link, http://www.aeinstein.org/organizationsde07.html.
Anger and hatred after 9/11 is what led us down this spiral, and more anger and hatred would only change the names, not the system.
9/11 merely silenced the critics, allowing the power elite to bum rush the Constitution, aka the Shock Doctrine. Panopticon has always been the plan. There's always a plan, waiting for the opportunity.
I think that is a minority view in our profession, so you are probably right.
Knock it off. These specific government abuses may well destroy the bulk of the revenue streams for the largest companies in silicon valley. If that isn't on topic for HN, I don't know what is.
This isn't just a government problem either; people in europe are at least as unhappy about firms like Google and Facebook warehousing their data, but at least over in Europe they have robust privacy laws that service providers have to comply with.
See for example these stories, in which (some) American users express puzzlement over Euros' insistence that they are the owners of their personal data:
https://news.ycombinator.com/item?id=3127185
https://news.ycombinator.com/item?id=3867166
https://news.ycombinator.com/item?id=3036157
There's a Facebook bias to these because those were the easiest threads for me to remember & get search hits on, but the principles apply to any firm that retains customer data. EU users have a legal right to demand companies divulge all dta stored about them, and insist on its permanent deletion - something that's not available to US users.
Now, you can hardly insist that governments be less powerful than the companies they are supposed to regulate. If you want real privacy, then you need it explicitly stated in law, and structured so that it can't be signed away in exchange for some commercial benefit, much the same as you can't legally sign yourself into slavery; such contractual arrangements are inherently invalid. This is going to require a constitutional amendment, because otherwise companies are going to defend their data hoarding and unilateral exploitation of said data on First Amendment grounds.
Make it a no strings attached program. All you need to do is move to the country and work with software/hardware. You would be given assistance to either join an existing company or set a new one up. Your choice.
I have to say, I thought I was very up to date on US spying - I know people who have worked with Echelon and would not say certain words on the phone - but I have still been blown away with the revelations. They're game-changing. They're relevant to HN. Business exists in a context; that context is changing around us, or at least being revealed for its true form. It's very relevant.
And FWIW I am astounded at the lengths "they" are going to get him and the massive political capital they seem happy to burn in the attempt. Genuinely amazing stuff. I have no idea what's next; no-one has. We're in a genuinely unprecedented era here. Anything is possible.
On a different scale, i think a lot of us are realizing that all the things we've been working towards (machine vision, machine learning, twitter, facebook etc) are also being used against us. Its a bit disappointing really.
Of course, ever since nuclear proliferation, worldwide violence has been dramatically reduced... so take that for what its worth ;)
HN has made an exception for all things US gov't spying related. I even lost my flagging rights for flagging all the snowden stuff (which I thought was exactly what you were supposed to do when you thought something was off topic... not my fault it was the entire front page!)
It's an important topic, but like you I preferred when HN was an oasis of tech away from this nonsense.
Unfortunately, politics have invaded our tech oasis, and I don't mean HN. The politicization and militarization of technology is undeniable; at this point, retreating to some new oasis and denying it won't make it go away. While I do want a site where I can see more articles about Erlang and lambda calculus, for now at least, I can accept the pressing need to maintain focus on political issues that undermine our ability to build the technology we want and have it used for good instead of evil.
It's a shame that people who flag "too much" fluff lose their flagging ability. I flag 4 submissions per day; I still have my flag button. I upvote good articles on new. I've been restricting my comments on the fluff articles. I've been upvoting the comments in good submission threads.
Perhaps someone could create an "HN-Shallowly-interesting"?
So you like playing with your tech toys completely indifferent to the actual effect of these toys in people's life.
This is called egoism and onanism, looking for granting yourself pleasure without caring for anything or anybody else.
Perhaps the courts will come up with a legal construct that information which is processed and handled in a completely automated fashion does not "count" as having been seen in public. Something similar to DMCA safe harbor and "common carrier" provisions already defined in telecommunications law, except that it would apply in general and not just to 'large enough' websites or telecom companies.
Those are some powerful tools for investigators.
You cannot concern yourself with politics all the damn time any more than you can concern yourself with anything else exclusively.
If you have the money, you should try an experiment: mail a large number of ballot-like pieces from different mailboxes all over the county (say, 10,000 letters) and see how many reach the destination. Sure, it'll cost $5K, but you may have a better answer.
"It used to be that we'd get letters that were somewhat legible but the machines weren't good enough to read them. Now we get letters and packages with the most awful handwriting you can imagine."
And guess what: the government has to "sift through your mail" to deliver it. All they're doing with him is remembering what they saw. Because he belonged to an organization that burned shit down.
Reddit, HN, and the like are collectively patting themselves on the back and talking about revolution as though they're going to do anything other than click those little arrow icons next to posts. The third top comment here is talking about DDoSing the post office -- with absolutely no hint of irony. It's ridiculous.
>to examine all parts of something
They weren't just reading the address and sending the domestic mail on it's way, as everyone expects they do.
Section I B - allows the contents of unsealed classes of mail "as allowed by law"
Section II B - "...Mail Covers do not authorize the search, seizure, or opening of any class of mail."
Section III B 6 - addresses attorney-client privilege.
Mencken is just a lot more eloquent than I was describing it, though.
Unless a secret presidential order established a secret law (declared legal by a secret court) that made it legal (but illegal to disclose to the public), that is.
Invading the mail, on the other hand, is quite explicitly illegal.
The first thing to understand is that one of the basic concepts in our separation of powers system is that the executive has discretion in how it enforces the law. Take something basic like the Sherman Antitrust Act (15 U.S.C. 1). The most important piece is just one paragraph: "Every contract, combination in the form of trust or otherwise, or conspiracy, in restraint of trade or commerce among the several States, or with foreign nations, is declared to be illegal..."
The courts establish the precise contours of what is a "restraint of trade" or what is a "combination" under the law. This creates a set of boundaries for the executive. The executive is empowered to enforce the law, but has discretion within those boundaries. If it thinks some class of things is or is not a violation of the law, it is entitled to prosecute cases accordingly until the courts decide the point one way or another or Congress clarifies the law.
Presidential orders cannot create law, but they can guide the rest of the executive branch's enforcement of the law, within those boundaries of discretion. The President might issue a directive telling the DOJ: "we don't think that such and such agreement is a 'combination' under the antitrust laws, so don't prosecute such cases." Usually these interpretations are public (and are published in the form of regulations). Sometimes these interpretations are secret, in which case the media calls it a "secret law." But the key thing is that the directive only guides executive action that was lawful anyway.
Now, the FISA court has been called a "secret court" but it again serves to guide executive discretion, and is not a court of general jurisdiction. Its opinions are binding on no other court other than itself, and its jurisdiction is extremely limited. The basic principle behind FISA is that the executive can do a lot of things as a part of its foreign intelligence function Constitutionally that we don't necessarily want it to do. In particular, it can conduct surveillance of foreign agents entirely without warrants because foreign agents don't have 4th amendment rights. The purpose of the FISA court is to constrain the executive's discretion in this regard, by requiring it to get a FISA warrant for all foreign surveillance, even though such surveillance would not require a warrant under the 4th amendment.
To circle back to mpyne's point: neither "secret courts" nor "secret law" can override public courts and public law. Rather, they are internal to the executive. They guide the executive's discretionary powers within the boundaries established by public law. If they hadn't written it down, they'd still be entitled to do it, and nobody would complain about any "secret laws" or "presidential directives." The things mpyne mentioned are illegal according to public law, and thus not within the executive's power to do regardless of any secret directives or secret court opinions.
You make this statement as if it was some sort of new happening. This is as old as technology itself. Finding new ways to kill each other has been the number one driver of technology progress, and always has been.
One thing all of this brings to mind is that we appear to be nearing a crossroads (perhaps we've already passed it).
That is, we'll have to very soon decide en masse whether we are OK with the demise of privacy or not. This is irrespective of whether our privacy is lost to companies, government, or both.
Because it seems that by default, people are simply becoming accustomed to a world without personal privacy. In fact, stories such as that referenced on this thread are coming out with such frequency and ferocity now that one wonders whether it has the effect of simply jading people with sheer volume (whether designed for this intent or not).
In any event, we've been moving in this direction for some time. And, after some point those who still care about privacy won't be able to summon the support needed to effect a return to its protection.
Rather, what we're seeing is these conceptions of "private spaces" not being abstracted and extended to the new media people use to communicate (cell phones, e-mail, Facebook, etc). You might analogize between your GDrive account and the contents of your desk drawer, but that doesn't seem to be the model we're heading towards.
And I think the fundamental reason for that is the nature of the technology, not the law. A teenager might post a snarky comment on Facebook which back in the day he would have said out loud in the locker room, but that analogy doesn't change the fact that back then, the only people who heard that kid were other kids in the locker room, while today there are thousands of people with access to that data as it travels over some cell phone network to Facebook's data center to be permanently recorded forever. The internet is really not designed to keep communications over it secret or private in any way, and platforms like Google and Facebook are built on exposing as much private information about users as possible.
I agree that technology rather than competing philosophies of law or governance is the main driver here - witness the threads I linked to above where some people consider the work of EU-nation data commissioners to be an unwarranted intrusion on the private business relationships of internet entrepreneurs.
It's too bad we live on opposite coasts, as I feel we could enjoy a long conversation on this issue.
The problem is that today there are very few private places, and it is very hard to get to a private place unnoticed. Private, secluded places are becoming rare as security cameras are installed. Even if you can find such a place, your trip to it might be recorded by security cameras and license plate scanners. Even if records of postal mail had been kept in the past, it would have been very difficult to make use of that data -- but data mining techniques are changing that.
"The internet is really not designed to keep communications over it secret or private in any way, and platforms like Google and Facebook are built on exposing as much private information about users as possible."
I once had this view, but I have come to see that it is flawed. Most people are not making an informed decision about this, and there is almost no effort to teach the background needed to make such an informed choice. What we are seeing are governments and corporations taking advantage of the general population's ignorance. It is not that people do not value privacy, it is that they do not even realize the extent to which they are giving it up.
For example, it would be akin today to someone believing that the people should be free from being spontaneously teleported by the government against one's will. It's just not something we worry about.
But, putting that silly (but salient) analogy aside, there is an underlying ethos with regard to our conception of privacy that I think is true historically, as well as today. It survives changes in technology and generally weathers the test of time. I think that ethos feels something like the Constitution with regard to federal government rights not specifically expressed. That is, they fall to the states and the people.
So, likewise, I think people believe (at some level of consciousness) that the government simply should not be where it doesn't belong (i.e. in areas of their private lives) and that the government should have access to the minimal information about us required to do its job. And for privacy advocates, this extends to erring on the side of rights vs. security when in doubt.
In short, I think most people would agree that just because technology provides the possibility of more government access to our information, it doesn't mean they should have such access.
Mind you, I am not saying that any of this is codified, but rather is a part of people's conception of privacy. So, I disagree with your assessment of what people consider private.
With regard to your Facebook snarky comment example, I think we're talking about different things. Publicly posting such is, I think, a conscious decision that what is being posted is not deemed private. However, the notion that everything uploaded, e-mailed, or otherwise stored or communicated (even if not marked for public consumption, or clearly is not intended for same) should be accessible to the federal government is an entirely different matter. And, I believe, most people would view such carte blanche access as an invasion of their privacy.
Over the long term, I really do think a constitutional amendment is necessary, which is a 10-year project at minimum.
As long as such a system is in place and significantly predates (on the scale of years) any crime you are accused of, this argument of hedging against a dystopia makes a lot more sense and is far more defensible.
That is impressive, even if you are a lawyer.
You're a US citizen I see. Well, maybe you don't understand or give a shit, but from the outside, the opinion of your country is being revised dramatically downwards. Very dramatically. All of this human rights, freedom of speech, fourth amendment stuff is being exposed for the bullshit that it is.
The damage to the reputation of the USA from these events is incalculable. Do you have any conception of what it means when normal people are suggesting that a whistleblower on the run from the USA seek refuge in Russia or China?
I guess it's the context of an all-pervasive spying culture that lends it a new relevance.
And who cares if it's "new". We might only realise the relevance of an old story years later. We might only realise a whistleblower was telling the truth after years of dismissing their tall tales.
edit: eli deleted the post I quote. Oh, don't like things you say online being used against you later? That's not new either.
To the extent that revealing an E.O. doesn't endanger national security or other legitimate government purposes I agree completely that it should be public.
However I don't agree that it's safe in general to rely on a given Administration's "interpretation of the law". As Snowden has pointed out, the Administration can change... you should assume that what is permissible under the law and Constitution is actually being done, if that actually worries you.
So if the law says that the Government can intercept foreign communications pursuant to a trap-and-trace it's probably a good assumption to make that the Government is actually, at some point, trapping aforementioned communications.
I mean, if this was working just like a normal law enforcement scheme then you'd already have to deal with the possibility that the government is tapping a communications channel pursuant to a regular Article III warrant to investigate communications of a terror cell for months at a time. Presumably this wound theoretically still accumulate enough data (and metadata) to theoretically wreck your theoretical world should a theoretical despotism come to pass.
What an E.O. should do is to define where an Administration will focus its limited resources in enforcing the law. Perhaps they will decline to fully defend laws that are anti-homosexual in nature. Perhaps they will avoid aggressively going after marijuana usage (would be nice!). But even in that situation, if you cross state lines to buy weed you're still technically breaking the law and should be prepared for consequences of that; the E.O. could change tomorrow, after all.
And besides all that, what if they guy making an interpretation is at a much lower level. An individual cop might make a snap decision, do you expect them all to mail you a Policy & Vision Statement each month?
Even if that did, it would be hopeless to try to push the edge of 1000 different "lawful ways to enforce the law". Assume anything the law permits might be done.... and even then, it's hard enough to fully comply with all the law, even the ones that clearly fall within Constitutional guidelines.
I'm not saying Facebook is evil, but let's face it the world is a lot more morally complex than the self-righteous want to make it out to be.
This idea that Silicon Valley is full of engineers toiling in a Parthenon of virtue while evil people in Washington misuse the fruits of their creations is utter bunk. Like every technology in history, software and internet technology can be used for different things, and there is widespread disagreement on the virtues of those ends.
E.g. Einstein might have regretted his involvement in the nuclear program, but there are a huge number of people who to this day think the development of nuclear weapons was a positive thing in how it ensured American ascendency for the succeeding half-century. At the same time, you'll find lots of people who think Lockeed, etc, are doing very noble things by developing technologies that allow American foreign policy to be implemented while getting fewer American soldiers killed (and reducing collateral damage too--a cruise missile is a lot more damaging than a drone strike). There is probably no country in history that has maintained its supremacy for as long as America has with so relatively few casualties among its armed forces. You can thank Lockheed for that.
Why not? I say it is. Just as you said the other day -- advertising is preying on people's cognitive biases. Sure, the world is very morally complex, but that has no bearing on the morality of advertising and whether how Facebook in particular does it is evil or not.
It is evil for a panoply of reasons. Just say it, don't just hint at it. Facebook does more lasting harm to society than good.
Enabling surveillance is a distant second, but still certainly wrong because it is direct support for the robbing of privacy, a basic human dignity. There is no room for ambiguity or argument as in the case of economic theory and such, like in the Facebook example.
Military technology kills a few people (large harms to a few people), but advertising diverts vast amounts of money towards industries where it is easy to take advantage of cognitive biases to create artificial distinctions between products (small harms to lots of people). And both have their legitimate justifications too. People need to know about new products and services and advertising helps them find those products and services. And while you may be a pacifist, Americans are decidedly not. They want a country that sits at the top of the world and they want to be protected from hostility and Lockeed gives Americans what they want in that regard.
And even for a pacifist: we live in the most peaceful time in human history. American military supremacy, plays a big part in maintaining that state of affairs. Countries that might be incentivized to wage war (as countries have done since there were countries), avoid doing so because they know the American military response will be swift and overwhelming.
I'm not saying it is necessarily something that should be done, but it certainly can be done.
While there are many ways to abuse the fact that license plates are publicly-visible (the aforementioned abortion protester being one example), there are still very legitimate reasons they should continue to be that way (holding people responsible for their actions when they infringe on the rights of others, as in my example). This isn't to say that we should always and forever attach a stamped piece of metal to cars, but the current system does have the advantage of being compatible with the Mk. I Eyeball.
Really the question is, "How important is this problem? Do we care about license plate privacy?"
The final address would be set up via an encrypted web service, so only you and the warehouse know who sent the mail & where the final destination is.
Of course, then the NSA would just take the warehouse's private encryption keys, so it'd only work for about 48 hours, but yeah, you know. Technically possible.
That's mostly sarcasm. There's no getting around the tracking if you want to use regular USPS mail or Google Gmail. Just go meet in person, and leave your cell phones at home.
That is a great way to get your letter not mailed. A simple "Please" would work much better.
It is very important to look at the "other side" of things, because there are people just like you and I on the "other side" in even greater numbers -- just not born in privileged homes with access to the same opportunities. On the other side of the Silicon Valley society that is full of white kids from high-income households with connections in high places you have poor black kids who're too poorly educated, who are more susceptible to getting had by mischievous advertising schemes of today. How this is different from pyramid schemes and other immoral -- but legal things -- is it's just more sophisticated... and I guess therefore, more effective, and therefore ultimately much more damaging.
(I have to add a meta-note, because this keeps happening over and over again: I think the last 4 or 5 times I responded to you I was upvoted and all of the follow-up comments you made to me were downvoted. I swear it's not me, I think it's a pity that this happens. As much and as often as I disagree with you I do like engaging with you because you're generally pretty thorough and pretty smart. I mean, at least you recognize that advertising is something not so "good" -- a lot of people here don't. Here's hoping my upvote to you helps).
So what you're saying is that the government should enforce a built-in gag order on people? Interesting...
So what you're saying is that the government should enforce a built-in gag order on people? Interesting...
They already do with regard to medical information, in the form of HIPAA. A right to privacy has to include the right to prevent others from disclosing certain kinds of information about oneself. You could also consider it from a defamation/slander/libel perspective.
HIPAA type records are not publically displayed when people walk outside.
To the extent that a given condition is public people are allowed to note that. This is why assholes were legally allowed to call me pimple-face, for instance.
The technology didn't have to be designed that way. Google could, e.g. encrypt your gdrive contents client-side, and I bet there would be a way to store e-mail accounts encrypted so only the inbox/outbox would be stored in plain text on Google's servers. Facebook might be harder but it would be an interesting technical challenge to see what extent to which Facebook accounts could be stored encrypted on Facebook's servers. But by and large the internet is not designed that way. It is designed to leak your data all over the place, to every sysadmin at every intermediary, which makes privacy very hard to achieve, whether from the government or from companies.
What makes you think that's not being done now?
I'm not sure what the American populace's purported will has to do with my view that war and its antecedents are revolting. Certainly you aren't suggesting that building these things is patriotic duty for a US citizen?
I agree, but keep in mind the person-to-person analog: "Using force or the threat of force to apprehend personal safety is antithetical to pacifism." I.e. there is a convincing philosophical argument that once you agree that people have the right to use force in self-defense, that there is a collective right to use military force for collective self-defense.
No, but there are some things that ostensibly take place in public but should still be considered private, absent some urgently pressing higher need that can only be met by disclosure.
To the extent that a given condition is public people are allowed to note that. This is why assholes were legally allowed to call me pimple-face, for instance.
At some point of excess, wouldn't that fall under verbal abuse, harassment, or bullying, depending on whether you're considering laws or school policies, and thus not be considered free speech?
In general I believe people should be able to say anything they want, but if what they say or to whom they say it violates someone else's rights, their victims shouldn't have to put up with it.
Perhaps. But should that point come the speech will lose protection because it is abusive, harassing, or bullying nature. Not because it describes my medical condition.
What makes you think Google would be reckless enough to store unencrypted private data on disk, or incompetent enough to not implement search over an encrypted set of data?
It doesn't matter if they don't normally store the key. It's a webapp.
Also, they need the key to do search. Furthermore, this does nothing to hide the metadata surrounding your communications, which necessarily must not be encrypted for services to work.