You are currently viewing SemiWiki as a guest which gives you limited access to the site. To view blog comments and experience other SemiWiki features you must be a registered member. Registration is fast, simple, and absolutely free so please, join our community today!

Now Facebook in data privacy spate

Pawan Fangaria

New member
In the midst of a long debate between Apple and FBI on the security of data in iPhone, today I heard a Facebook executive has been arrested in Brazil for not sharing the data about a criminal involved in drug trafficking.

Diego Dzodan, VP of Facebook for Latin America was arrested in Sao Paulo because he did not comply with court orders to share the Facebook data required for a probe in drug trafficking.

This brings us to a larger question on whether the privacy should be strictly maintained or share the data in case of criminal cases? If it has to be shared in special cases, then in my opinion a larger framework needs to be evolved about that practice on international basis. Who can share on whose behalf and how the permission (implicit under certain laws or explicit) to share be obtained?

Today, we have social networks where almost all of your personal data is there in public. This kind of sharing of information was never before. We have phones and others devices with huge memory to hold large data, which becomes a good reason to investigate with phone data rather then going through phone exchanges. Imagine the era before mobile phones, criminal investigations were done at that time too, but the only path was to examine the records of telephone exchanges.

Today, we have a world of connected devices. With IoT in place, more things are being connected, and security issue is already a huge outcry. I guess a framework be evolved on what can be shared under which circumstances, who can share under what laws?

Watching these instances makes me feel, a regulatory framework has become important and essential for data security. Otherwise the technologies we develop for security of devices can be solid technically, but inefficient in practical usage.
 

Don Dingee

New member
There were a couple of pertinent takeaways from yesterday's Congressional hearings:

The buzzword of the day was "warrant-proof" zones. Anything shared over a public network like Facebook seems to be fair game for a warrant, brought before a judge to review and agree to the search.

There is a difference, legally, between data in motion and data at rest. Any data that touches a tower and a carrier is subject to regulation and therefore law enforcement intercept. The big sticking point with the Apple case, and several others cited during the hearings, is the data is stuck on a phone behind a lock the feds can't seem to pick. (The FBI said they have tried working with 16 agencies for a solution - either those agencies can't do it either, or as one panelist suggested they aren't willing to share a solution and get drawn into the legal issues.) Facebook data, by definition, is data in motion that was shared over a network.

The Apple phone in question has been legally searched and seized, but is impenetrable. The FBI director said if it was a safe, they'd blow the door off. A technical expert said in an indirect response we're applying 18th-20th century methods and laws to a 21st century problem.

The question was raised in hypothetical situations over and over - at what point is a government cracking a phone justified? One questioner suggested that there are lots of drug cases and it would be hard to extend the reach to all those, but a matter of national security passes his litmus test. He tried to get Apple to say under what circumstances they would cooperate, to no avail. Several Congressmen pointed out that Apple has cooperated with the iCloud portion of the data (in motion).

A couple lawmakers were very frustrated that neither Apple nor the FBI was ready to propose legislative points, but both said new laws are needed. I suspect this has the other tech firms circling the wagons right now.
 
Worse yet, however we might resolve this in the US, it is almost certain that those regulations will not work, at least in exactly the same way, in other countries (think of China, Egypt, Iran). But data in motion, as Don puts it, doesn't respect international boundaries. I expect this to be a very challenging area for some time.
 

Daniel Payne

Moderator
With Facebook you can create a Private Group or even a Secret Group that simply doesn't show up in search results, and only the invited members can see what is being shared. I can understand how Facebook users with Secret Groups would not trust Facebook much if Facebook decided to let the police view all of the secret conversations.

Our neighborhood watch has created a Secret Group on Facebook specifically for the privacy aspect, because we don't want robbers, sex offenders and other undesirables to know what we are talking about.
 

Pawan Fangaria

New member
Daniel, as long as the data is there anywhere other than your personal physical diary, there is no guarantee that your data is secure. I have come to this conclusion after watching the vulnerabilities of the open systems we have today.

If the data is with Facebook, that company can be asked anytime by any person belonging to a public authority. The request can have a rider from court. And those court orders can vary from country to country. Now the issue is, how genuine the request is to show someone else's data. The police discipline also varies from country to country, so there is a danger there.
 
Pawan, fair point about Facebook data not being secure.
Personally I would never use Facebook for something that has to be marked Secret.
I (mostly) trust banks because of regulation and the big monetary repurcussions for violation the law. I don't trust bankers on their word. I don't trust Facebook on their word either and they don't have these big regulations and repercussions on handling your private data. They just have enough people believing they are trustable on their word to gather enough private data to monetize.
 

Pawan Fangaria

New member
Pawan, fair point about Facebook data not being secure.

Facebook lists all of the Government Requests on this page, with the vast majority of requests coming from the United States.
Good to see Facebook recording govt. requests (although this list shows only 2013 requests). However, the bigger question is under which law this data sharing was done because the requests are originating from several countries. How could validity of requests be ascertained? It's no secret, different countries have different rules, all may not be disciplined to request for only genuinely criminal data.
 
Top