Isn't this a bigger deal than just monitoring supposedly private Facebook communications? This would also violate attorney-client privilege too, right?
Somehow I don't think even the NSA's system is going to pick up on the fact that it's an attorney-client conversation. The conversation itself would not be admissible in a court action, but if the NSA were looking for known "confidants" of the flagged terrorist suspect then it wouldn't be surprising that the Visa was flagged for cancellation by one of those automated NSA algorithms.
NSA lives in a world where they don't normally have to worry about attorney-client privilege because they're not trying to bring cases to trial, they're trying to gain intel on enemy networks, and ideally prevent them from gaining entry to the U.S. in the first place. So I'm not even sure if attorney-client communications is something their analysts would even check for (that is, if a human analyst even ever saw this conversation).
Why would the not-an-American-citizen lawyer speaking to a not-an-American-citizen have attorney-client privilege from the perspective of an American governmental organization?
Edited to add: It's remarkably difficult to quickly find information about attorney-client privilege in settings other than US, UK, Canada, and Australia. I found a brief mention that the privilege does not apply to in-house counsel in the EU, and that Brazil breaches it with a court order, but that's all. I'd hope I could find more given some more time, but I need to get back to work.
[when americans visit other countries, do you expect to not have any rights here? to be treated to different laws from the locals? to not be able to talk privately with your lawyers? what do you think the rest of us are like? as bad as you?]
And it's clearly impossible that this is simply shorthand for the most common situation Americans or citizens of a given nation that enforce it are likely to encounter.
No, clearly 3 words are supposed to accurately summarize an entire area of rights and law!
The same kind that run third party provided spyware on their personal computers in order to take exams in law school.
(In other words: Practically all newly minted attorneys in the US)
There is no education in law school in the US at least on responsible data handling, and— in fact— schools often direct students to behave irresponsibly with respect to data security.
Most (all?) schools offer students the ability to take their exams on paper, but doing so is a substantial competitive disadvantage because examinations are usually timed and writing on paper is much slower, students are marked down for legibility and copy-editing noise, etc.
I don't have a citation studying it— but by all appearances it's only a small minority of students that opt out of using their laptops. ("Most Stanford Law School students take their examinations on laptops")
IIRC the California bar exam now also uses one of these spyware exam packages.
I'm mostly amused that we have a whole information-security critical profession who is nearly required to behave negligently wrt information security from day one. :P
Wow, no kidding. Why the heck could it need "Administrator level account permissions" (both on OSX and Windows [1])? I guess you could run it in a VM and wipe it afterwards.
I do not argue that it should be covered. Just that it is irresponsible. I would argue that GMail accounts are as well.
"Picture this, man convicted of murder after subpoena to online marketing date reveals targeted ads for icotoners and shovels after GMail exchange with lawyer."
It's a stretch of the imagination but we live in a crazy world.
You're implying he had a choice. The article implies that Facebook was his only means of contacting the client, and that situation was presumably his clients choice.
NSA lives in a world where they don't normally have to worry about attorney-client privilege because they're not trying to bring cases to trial, they're trying to gain intel on enemy networks, and ideally prevent them from gaining entry to the U.S. in the first place. So I'm not even sure if attorney-client communications is something their analysts would even check for (that is, if a human analyst even ever saw this conversation).