[sneak]

The fact that Obama declared on national TV that they only spy on non-US citizens (6.5+bn humans) without a warrant is the biggest news in the internet industry since the mass deployment of broadband a decade ago.

Knock it off. These specific government abuses may well destroy the bulk of the revenue streams for the largest companies in silicon valley. If that isn't on topic for HN, I don't know what is.

[anigbrowl]

No it isn't, that was going on all through the Cold War. It's just more efficient now.

This isn't just a government problem either; people in europe are at least as unhappy about firms like Google and Facebook warehousing their data, but at least over in Europe they have robust privacy laws that service providers have to comply with.

See for example these stories, in which (some) American users express puzzlement over Euros' insistence that they are the owners of their personal data:

https://news.ycombinator.com/item?id=3127185

https://news.ycombinator.com/item?id=3867166

https://news.ycombinator.com/item?id=3036157

There's a Facebook bias to these because those were the easiest threads for me to remember & get search hits on, but the principles apply to any firm that retains customer data. EU users have a legal right to demand companies divulge all dta stored about them, and insist on its permanent deletion - something that's not available to US users.

Now, you can hardly insist that governments be less powerful than the companies they are supposed to regulate. If you want real privacy, then you need it explicitly stated in law, and structured so that it can't be signed away in exchange for some commercial benefit, much the same as you can't legally sign yourself into slavery; such contractual arrangements are inherently invalid. This is going to require a constitutional amendment, because otherwise companies are going to defend their data hoarding and unilateral exploitation of said data on First Amendment grounds.

[unclebucknasty]

Interesting points.

One thing all of this brings to mind is that we appear to be nearing a crossroads (perhaps we've already passed it).

That is, we'll have to very soon decide en masse whether we are OK with the demise of privacy or not. This is irrespective of whether our privacy is lost to companies, government, or both.

Because it seems that by default, people are simply becoming accustomed to a world without personal privacy. In fact, stories such as that referenced on this thread are coming out with such frequency and ferocity now that one wonders whether it has the effect of simply jading people with sheer volume (whether designed for this intent or not).

In any event, we've been moving in this direction for some time. And, after some point those who still care about privacy won't be able to summon the support needed to effect a return to its protection.

[rayiner]

I don't think we're seeing the demise of personal privacy. For most of American history, "privacy" meant that what happened in the walls of your home or in the confines of some other private place remained private. You could expect privacy in your house and your coat pocket and in conversations you had with people in a private setting. And by and large, that's still the case. If you live on a farm like most people did in 1789 and go into town once a week to get supplies you pay for with cash, the government doesn't really have any data on you today that it didn't have back then.

Rather, what we're seeing is these conceptions of "private spaces" not being abstracted and extended to the new media people use to communicate (cell phones, e-mail, Facebook, etc). You might analogize between your GDrive account and the contents of your desk drawer, but that doesn't seem to be the model we're heading towards.

And I think the fundamental reason for that is the nature of the technology, not the law. A teenager might post a snarky comment on Facebook which back in the day he would have said out loud in the locker room, but that analogy doesn't change the fact that back then, the only people who heard that kid were other kids in the locker room, while today there are thousands of people with access to that data as it travels over some cell phone network to Facebook's data center to be permanently recorded forever. The internet is really not designed to keep communications over it secret or private in any way, and platforms like Google and Facebook are built on exposing as much private information about users as possible.

[anigbrowl]

As a Euro myself I hew to the more expansive version of privacy, in which you have a right to know what data others (private) actors store about you (not unlike an FOIA request to a public body in the US), and to have that data expunged. In general, EU citizens enjoy much more robust privacy protections, even when arrested (no perp walks or publication of mugshots, for example).

I agree that technology rather than competing philosophies of law or governance is the main driver here - witness the threads I linked to above where some people consider the work of EU-nation data commissioners to be an unwarranted intrusion on the private business relationships of internet entrepreneurs.

It's too bad we live on opposite coasts, as I feel we could enjoy a long conversation on this issue.

[betterunix]

"For most of American history, "privacy" meant that what happened in the walls of your home or in the confines of some other private place remained private"

The problem is that today there are very few private places, and it is very hard to get to a private place unnoticed. Private, secluded places are becoming rare as security cameras are installed. Even if you can find such a place, your trip to it might be recorded by security cameras and license plate scanners. Even if records of postal mail had been kept in the past, it would have been very difficult to make use of that data -- but data mining techniques are changing that.

"The internet is really not designed to keep communications over it secret or private in any way, and platforms like Google and Facebook are built on exposing as much private information about users as possible."

I once had this view, but I have come to see that it is flawed. Most people are not making an informed decision about this, and there is almost no effort to teach the background needed to make such an informed choice. What we are seeing are governments and corporations taking advantage of the general population's ignorance. It is not that people do not value privacy, it is that they do not even realize the extent to which they are giving it up.

[rayiner]

I don't disagree that many people aren't making an informed decision about this, especially all the kids and young teenagers who use Facebook and Google, etc. But my point is about the technology, not the people. The technology isn't designed to keep information private. SMTP sends plain-text e-mails through intermediate servers. Anybody can inspect the packets flying by on their network, which mostly have plain-text contents. Apparently at Google (from what we've learned from the David Barksdale stalking story: http://gawker.com/5637234/gcreep-google-engineer-stalked-tee...) lots of people have extensive access to customer data. I don't imagine the situation is much better at Facebook.

The technology didn't have to be designed that way. Google could, e.g. encrypt your gdrive contents client-side, and I bet there would be a way to store e-mail accounts encrypted so only the inbox/outbox would be stored in plain text on Google's servers. Facebook might be harder but it would be an interesting technical challenge to see what extent to which Facebook accounts could be stored encrypted on Facebook's servers. But by and large the internet is not designed that way. It is designed to leak your data all over the place, to every sysadmin at every intermediary, which makes privacy very hard to achieve, whether from the government or from companies.

[sneak]

> I bet there would be a way to store e-mail accounts encrypted so only the inbox/outbox would be stored in plain text on Google's servers.

What makes you think that's not being done now?

[unclebucknasty]

Yes, the historical conception of privacy meant certain things, while other things weren't a part of this conception, simply because the technology of the day made them inconceivable.

For example, it would be akin today to someone believing that the people should be free from being spontaneously teleported by the government against one's will. It's just not something we worry about.

But, putting that silly (but salient) analogy aside, there is an underlying ethos with regard to our conception of privacy that I think is true historically, as well as today. It survives changes in technology and generally weathers the test of time. I think that ethos feels something like the Constitution with regard to federal government rights not specifically expressed. That is, they fall to the states and the people.

So, likewise, I think people believe (at some level of consciousness) that the government simply should not be where it doesn't belong (i.e. in areas of their private lives) and that the government should have access to the minimal information about us required to do its job. And for privacy advocates, this extends to erring on the side of rights vs. security when in doubt.

In short, I think most people would agree that just because technology provides the possibility of more government access to our information, it doesn't mean they should have such access.

Mind you, I am not saying that any of this is codified, but rather is a part of people's conception of privacy. So, I disagree with your assessment of what people consider private.

With regard to your Facebook snarky comment example, I think we're talking about different things. Publicly posting such is, I think, a conscious decision that what is being posted is not deemed private. However, the notion that everything uploaded, e-mailed, or otherwise stored or communicated (even if not marked for public consumption, or clearly is not intended for same) should be accessible to the federal government is an entirely different matter. And, I believe, most people would view such carte blanche access as an invasion of their privacy.

[anigbrowl]

I fully agree. In the short term, I'd urge particular attention to the US-EU Free Trade Agreement talks that are underway at present. I'm strongly in favor of an FTA, but I think there's a lot to be learned from how the disparity between the US and EU laws on privacy are handled therein.

Over the long term, I really do think a constitutional amendment is necessary, which is a 10-year project at minimum.

[malandrew]

If I were in the government of other countries, I'd be setting up more programs to woo technical talent from the US. In Brazil, Rio de Janeiro's Botofogo district is a prime location for tech talent to go to. It's an international city with a great quality of life that Americans tend to love. Berlin is another city that could be actively wooing dozens to hundreds of American developers.

Make it a no strings attached program. All you need to do is move to the country and work with software/hardware. You would be given assistance to either join an existing company or set a new one up. Your choice.