Accounts with third-party service providers were used “for exfiltration or infrastructure,” according to a post by law enforcement on LockBit’s seized darkweb domain.
They said they would protect your privacy, not facilitate criminal activity.
If the whole reason you want privacy is to facilitate criminal activity, you’re going to have a bad time.
But it also raises the question: Doesn’t political dissent often get categorized as “criminal activity?”
I think the bigger question is if these services will stand up for obviously bogus charges when it comes to political dissidents. I actually don’t really have a problem with them being willing to shut down accounts associated with ransomware. However, I do understand how exceptions made for “criminal activity” can end up being directed at people who simply have a differing political opinion.
Finally, when it comes to political dissidence: If you are under the thumb of an authoritarian government, is violence taken to achieve freedom considered a “criminal act” by these privacy companies?
These companies have potentially put themselves in a very thorny situation in regards to their intended purpose.
I definitely agree with you. If a warrant is valid and attained honestly and legally in good faith through real evidence of serious crimes, that’s different than sending dick pics through Prism. In theory that mirrors how IRL should work.
Is there any kind of social contract RFC proposed to set global standards for boundaries? To your point, companies prefer to have clear discreet understanding of the laws, compliance, and generally accepted best practices. Easier, safer, cheaper. Everyone wins.
Imagine variable scoring on different traits per entity, that would make different rules/boundaries applicable! E.g., North Korea’s independent journalism score makes them inapplicable for XYZ activities (email account access, phone unlocks? 🤷)… CSAM 100% inexcusable, tiers of limits on disinfo or hate speech…
Would anyone reading this take something like this seriously? I can’t own this. I’m not at all an expert. But I have friends at places like Mozilla, EFF, and standards bodies, to whom I could reach out and maybe help with intros.
…And then you realize your tl;dr is ‘who wants to play pretend world police with me!!!’… and to what ends is it enforceable? Realistically any major entity can pull out of anything at the cost of their customers (and potential civil damages suits). Microsoft can stop supporting SPF, Schneider can stop supporting standard voltages. It’ll cost them customers, but it’s not regulatory/mandated, correct? If pornhub builds a city in the Pacific and refuses to relinquish emails about human trafficking, does the UN send armed forces? Obviously not. But do they get disconnected from 1.1.1.1, 8.8.8.8 or w3c’s yellow pages?
So what would make someone or some entity, trusted? Just curious for the thought exercise to see what you all think, and the sociological repercussions.
They said they would protect your privacy, not facilitate criminal activity.
If the whole reason you want privacy is to facilitate criminal activity, you’re going to have a bad time.
But it also raises the question: Doesn’t political dissent often get categorized as “criminal activity?”
I think the bigger question is if these services will stand up for obviously bogus charges when it comes to political dissidents. I actually don’t really have a problem with them being willing to shut down accounts associated with ransomware. However, I do understand how exceptions made for “criminal activity” can end up being directed at people who simply have a differing political opinion.
Finally, when it comes to political dissidence: If you are under the thumb of an authoritarian government, is violence taken to achieve freedom considered a “criminal act” by these privacy companies?
These companies have potentially put themselves in a very thorny situation in regards to their intended purpose.
I definitely agree with you. If a warrant is valid and attained honestly and legally in good faith through real evidence of serious crimes, that’s different than sending dick pics through Prism. In theory that mirrors how IRL should work.
Is there any kind of social contract RFC proposed to set global standards for boundaries? To your point, companies prefer to have clear discreet understanding of the laws, compliance, and generally accepted best practices. Easier, safer, cheaper. Everyone wins.
Imagine variable scoring on different traits per entity, that would make different rules/boundaries applicable! E.g., North Korea’s independent journalism score makes them inapplicable for XYZ activities (email account access, phone unlocks? 🤷)… CSAM 100% inexcusable, tiers of limits on disinfo or hate speech…
Would anyone reading this take something like this seriously? I can’t own this. I’m not at all an expert. But I have friends at places like Mozilla, EFF, and standards bodies, to whom I could reach out and maybe help with intros.
…And then you realize your tl;dr is ‘who wants to play pretend world police with me!!!’… and to what ends is it enforceable? Realistically any major entity can pull out of anything at the cost of their customers (and potential civil damages suits). Microsoft can stop supporting SPF, Schneider can stop supporting standard voltages. It’ll cost them customers, but it’s not regulatory/mandated, correct? If pornhub builds a city in the Pacific and refuses to relinquish emails about human trafficking, does the UN send armed forces? Obviously not. But do they get disconnected from 1.1.1.1, 8.8.8.8 or w3c’s yellow pages?
So what would make someone or some entity, trusted? Just curious for the thought exercise to see what you all think, and the sociological repercussions.