[elbii]

> This bill is great in that email stored on your ISP's (or Google's) servers is treated identically to that on your computer at home-- they need to get a warrant. That's a great step forward. It isn't BS.

Except for one major difference: Gag orders. When a warrant is served to Google to access your email, you may never know about it. If they show up at your home and take your email server, who you gonna gag?

Unreasonable or overly-broad gag orders are one reason I always advocate running your own services whenever possible (granted, this needs to be easier).

[schoen]

The distinction you mention is real, although not all warrants against providers come with gag orders, and some warrants against people's homes authorize surreptitious searches, such as by breaking into the home when the target is away. (This was done for a personal computer as early as 1999 in the Scarfo case.)

Lately law enforcement has been seeking warrants to hack people's computers and some of them have been granted; typically those have also been surreptitious searches. I think this is the greatest risk for surreptitious government access to self-hosted information, because some agencies have been getting pretty excited about this and there are a lot of contractors who will supply them with vulnerabilities and tools even if they don't have the expertise to develop those themselves.

[hendersoon]

That is certainly true. The difference is that before they didn't need a warrant at all if your cloud-stored data was over 180 days old. A court order alone was sufficient.