[sofixa]

> Furthermore, in the EU there is not something such as the 4th amendment, Law Enforcement and Intelligence agencies can grab your cloud data without requiring a warrant. Unless the data is stored in the US, which is one of the reasons they are so eager to keep it "home

You're commenting under an article that explicitly says how US intelligence agencies and police get around the need for warrants. Many rights in the US are more theoretical than practical if someone in power decides so.

Also, there are strong expectations of privacy in the EU, as well as due process, warrants, etc. There are of course abuses, and especially "terrorism" can enable some shortcuts (to be fair, often for very good reason multiple EU countries have had tens to hundreds of dead from terrorist attacks that could and should have been prevented), but I don't have the impression it's in any way even close to as bad as the US. Do you have any information/sources to the contrary?

[janmo]

Look at the technique they used with Silk Road:

"Because the SR Server was located outside the United States, the Fourth Amendment would not have required a warrant to search the server, whether for its IP address or otherwise."

- Assistant US Attorney Serrin Turner

[ivan_gammel]

To me this statement only makes sense if it explains why an American law enforcement agency can hack a foreign server without an American warrant. And it just demonstrates the limits of American privacy protection.

If you think this was about European legal system, you are mistaken. If Americans were hacking European servers without due process involving European authorities, this was probably highly illegal here.

[janmo]

There is a pattern:

Silk Road, SkyECC, EncroChat, TorMail+Freedom Hosting.

What do they all have in common?

Their servers were found or their encryption were broken under mysterious circumstances involving classified "techniques". In 3 out 4 cases malware was sent from the services to their users once taken over.

All were hosted in the EU, even stranger, all of them had servers hosted by OVH. Although SR was not directly hosted by OVH Ross Ulbricht had a vnc server (virtual desktop) there which he apparently used to administrate the SR main server and on another OVH server he had a deadmanswitch and his will.

In a sense this is the counterpart to the survival bias. But in this case we only know where the taken down services were hosted, we don't know where the survivors are being hosted.

All this has serious Crypto AG vibes. Back then it was: trust us, we are from Switzerland, we are neutral....

[ivan_gammel]

It doesn’t make sense to build a conspiracy theory on randomly selected facts, when there’s an obvious explanation that in all those cases the law was broken and law enforcement acted as they were supposed to act. Other ISPs and hosting providers are cooperating with lawful requests too.

[janmo]

If these takedowns were lawful, why do they lie and hide the details about how they did it?

Read carefully the sections related to the encrypted containers and the OVH servers and tell me your opinion: https://www.justice.gov/d9/press-releases/attachments/2019/0...

[ivan_gammel]

I do not see any lies or omission of important details in this document. Looks like OVH complied with some legal request and just handed over everything they had, including encrypted copies of hard drives. Americans then just cracked the root password.