And the flip side of the broad is a legitimate law-enforcement interest: Unless they know for sure that the provider isn't in bed with the crooks, they can't afford to let said provider tell them which servers they "get to" take off the racks.

Yes, this is an unusual position for me to take, but I'm very much in favor of shutting down spammers with extreme prejudice.

As for Washington vs. Amazon, there are far worse things Amazon could have been threatened with. Say, new rules imposing various liabilities on them, or a tax investigation....

The data associated with your server may not be on a single disk or even directly attached to the hardware that runs the operating system and applications for one thing. If the provider is making use of a SAN (Storage Array Network), your data might be scattered across many disks used by hundreds of other customers. If the server itself is a virtual machine, then your server may be running on a single physical blade server mounted in a blade chassis with several other blade servers. You may be one of 10 or 20 other customers running on the same hardware, completely isolated from each other.

The hosting company might offer to halt the virtual machine that's of interest and make a copy of its image, but will the officer in front of them know what that means in terms of forensics? Will it match what the wording of the warrant has told him they're obligated to provide? His forensics specialists will probably be concerned that they can't look at deleted files that are potentially still on the physical disk somewhere. Does the hosting company have its own forensic specialists who can work with the officer to extract something useful without shutting down a couple of racks of servers and storage?

Damn straight, Amazon was worried. And short of paying for your own stand-alone hardware, something that is going to get less attractive to the hosting companies as time goes on, where do you think you can go that your business won't be part of the collateral damage? Concentrated, shared storage and hardware makes sense to the hosting company because it's a more efficient use of power, space, cooling, and manpower to operate. All of those things are at a premium now.

I don't imagine that the situation was simple here, nor is it likely to get simpler.

Either the reporting is hopelessly muddling the story, or virtualization and cloud-type services are not involved in this situation. I note, for what it's worth, that the FBI took some, but not all, of DigitalOne's racks. That makes me think that we're still talking physical machines allocated to specific customers, and the overreach was in taking whole racks rather than individual boxes.

But as you point out, the infrastructure is shifting to something that doesn't just fit the mental models badly, but doesn't fit them at all. It will soon become like trying to get a warrant for the physical handset on which a telephone conversation took place, rather than the content of the conversation.

I don't think that will change the ways in which these kinds of intrusive and clumsy searches impact businesses. And, although I don't know that the FBI intended to punish DigitalOne for having what they consider to be dodgy customers, I doubt they're crying into their beers about that side-effect of the whole affair.

And the flip side of the broad is a legitimate law-enforcement interest: Unless they know for sure that the provider isn't in bed with the crooks, they can't afford to let said provider tell them which servers they "get to" take off the racks.

It's perfectly possible to get your own sysadmin in to look at the records and untangle which ones are which, either from the logs, billing, and usage records or working alongside the providor's staff. I've been an external auditor. I know how to make that thing work.

Yes, this is an unusual position for me to take, but I'm very much in favor of shutting down spammers with extreme prejudice.

There's always a crime bad enough to make us willing to elide a few rules and accept a little collateral damage when we fight it.

It's never, in my opinion, a good idea.

It is one of the first responsibilities of government to go about its business with an eye on the rights both of the accused and of everyone else who isn't accused. If they can't do that, then they shouldn't get to execute their warrants.

So why didn't they take an image of all the drives that were relevant? Because they're stuck in the G-Men mythos of the 1950s. Charge in waving a warrant and strike fear into the hearts of bad guys and commies everywhere. Nowdays that's just stupidly clumsy.

Like using drone missiles to kill militants in the Waziristan and hitting the wedding party. Or "kettling" hundreds of peaceful protestors to arrest the idiot kid with the brick.

*sigh*

They use HP BladeServers, which means that there's a single chassis containing multiple blades, each of which is seen as a single server (or several virtual servers).

As such, I can absolutely understand the FBI having seized servers rented by more than one customer -- hard not to, when you're talking about more than a dozen "servers" in a single chassis.

I'll absolutely agree that it sucks for the (innocent) companies affected -- and also suggests that the FBI need to update their seizure practices to take things like blades (and virtual machines) into account -- but seizing something like a complete blade enclosure is a different case from randomly grabbing an assortment of physically separate servers in different chassis from a rack.

Law enforcement is a tradeoff, and just as we slam them when they don't do their jobs, or do them incompetently, we should praise them when they do do their jobs, in this case taking down a particularly noxious and hard-to-catch sort of cybercriminal.

Many of my British friends would agree with that statement.

Others have discussed the technical issues; I'll just note that absolute moral positions can be dangerous. It's one thing to do your best to minimize harm and inconvenience to bystanders. But refusing to accept any possible harm to bystanders...

Absolute moral positions can be dangerous. "Innocent until proven guilty in a court of law" is insanely dangerous. And yet entire societies base their legal systems on it.

But exceptions and mitigations that depend on whether you happen to particularly dislike the crime under discussion are even more dangerous. Because there's someone who will use that exception for some other misdeed, one that you don't take seriously, but they do.

Tell me. How much collateral damage would you say is acceptable when fighting spammers? Is it calculated as a proportion of the financial harm inflicted by said spammers, or do we go by percentage of annual income that the companies in question will lose?

Or is there no limit? Can the FBI do the equivalent of "kill all; God will know His own" and take everything from a company hosting a suspected spammer?

And why should these innocent businesses pay that kind of cost, rather than insisting that the FBI use more efficient policing methods?

There are still places which at least pay lip service to the notion of "rule of law", and where said law includes some passing nod to the idea of data protection as a thing which applies to individual human beings.

(Yeah, I know: So why does the URL in my post point to Hostmonster? I'm starting to think that's a really good question...)

Nothing there says the "person or things" must be a suspected criminal or the property of a suspected criminal. Probable cause will cover all the places evidence of a specific crime might be, including plenty of places which - upon inspection - will turn out to be unrelated. I think this seizure is quite closely analogous to searching two or three or five separate back yards for a single crime weapon, which is clearly reasonable. (Householders are deprived of the use of their property for the time the search is going on, after all.)

For computer crime where remote access and remote wipe are possible, first you get physical custody of the server or servers (as laid out in the warrant and justified in court) and shut them down, then you take any data image, then you do the forensic audit on the static image. You can't either take an image or perform forensics on a running system because a) it changes the state of the system, destroying checksums and evidential value, and b) the software on the server may have a nonobvious data-destruction payload lurking somewhere.

Keeping material definitely known to be unrelated to the crime is, of course, unreasonable and illegal. Fortunately it doesn't seem to be happening.

I did point out in the original article that the FBI explicitly emphasized the international reach of its powers. As Jones said,

Their efforts demonstrate that no matter the country, Internet criminals will be pursued, caught and prosecuted.

This is not to say that the FBI's claimed reach is its real reach. Different legal systems may well offer better protections. International hosting is certainly a good idea. Perhaps one day there will be "offshore" hosting the way there's "offshore" banking. Were I a small country with good infrastructure and a reasonably small latency to the US, I'd certainly consider whether it might be a new national industry.

first you get physical custody of the server or servers (as laid out in the warrant and justified in court) and shut them down

With the rise of on disk encryption, that's actually changing. There's equipment now that can piggyback on a power cord long enough to get it plugged into a portable UPS, and 'wigglers' that will keep the system thinking that there's someone actively working at it. All to keep the machine from going to sleep/shutting down and removing the encryption keys from memory.

Also, the Pinboard guy, Maciej Cegłowski, is a great writer, well worth reading. Argentina on two steaks a day is a good place to start.

If you're talking about the USA courts, you're forgetting that only applies to the criminal justice system, for good reason, and specifically does not apply to the serving of warrants. Also, you're strawmanning up here.

Which ends up with you responding to my "It's one thing to do your best to minimize harm and inconvenience to bystanders", by inflating to "Or is there no limit?". Abi, that's uncalled for and beneath you.

If you consider posts Handslive #3, xeger #8, and john #14, you can see that there is no "surgical strike" option for this sort of case.

In such a context, to forbid any collateral damage whatsoever, means that cyberscammers, megaspammers, and other criminals operate with impunity, forever -- because they may be violating the laws of a dozen nations, but they'll have carefully arranged things so there's no way to touch them without affecting someone else.

If you declare "better that than than touch a single innocent customer", then you're just making the perfect the enemy of the good, and I can't argue with you.

...at which point Prince Edward's Island secedes from Canada.
Coming soon on the Skiffy Channel... "Ann of Green Servers"!!!

I still see "share a hosting provider with someone the FBI gets a search warrant for" being a road to to financial loss for an innocent business. Assuming arguendo that there is no way that the FBI could mitigate that effect with better technical solutions, is this just something businesses have to suck up? And, if they do, must we simply live with the damage that that will do to freedom of speech?

I used "innocent until proven guilty" as an example of an absolute that is (a) pretty damn crazy, and (b) utterly necessary. It was a response to your assertion that moral absolutes can be dangerous, and your strong implication that they should not therefore be the basis of our beliefs or actions. The fact that it does not apply to the serving of warrants makes it no less dangerous and no less important.

My reaction to you is substantially based on the way that your comment at 3 carves out an exception for spammers, whom you're for "shutting down" with "extreme prejudice", as though that crime is somehow special. I have often seen that line of argument used to support the elision of rights and freedoms that we, as a society, value. I've never been comfortable with it.

If you declare "better that than than touch a single innocent customer", then you're just making the perfect the enemy of the good, and I can't argue with you.

Well, I am a "though the heavens fall, let justice be done" kind of person, yes. Perhaps that means you can't argue with me.

But it's worth understanding the mental model under which the law, as I understand it, operates. Picture a boat in a canal, with ropes to the towpaths on the left and the right. If the people on one side pull firmly and continuously, without opposition, the boat doesn't go forward. It hits the side of the canal. To go forward, it needs both sides to be pulling, in essential opposition to one another.

It is the job of law enforcement to go after crime, vigorously and energetically. But it is also the job of the citizen body to set the limits of their actions and enforce them with a matching vigor and energy. Because no one else is going to stick up for our rights if we don't.

john (#14): If the search warrant didn't specify that the FBI could seize whatever it wanted no matter who owned or was using it (or at least any rack containing anything that might be related to the criminals), then the FBI violated the Constitution (and the agents involved committed felonies).

eric (#17): It isn't that difficult to ensure that a system steps on its in-memory encryption keys if it's seized. Physical intrusion detection hardware (including motion sensor and GPS), plus requiring a crypto-secure heartbeat message over the Internet (with some tricks so that a different Internet connection fails the test) will at least add several orders of magnitude difficulty to the problem of acquiring encryption keys by seizing hardware.

abi (#21): The solution for a business is multi-hosting, in separate data centers (and, depending on paranoia level, countries).

0. The only way to make a system secure is to encase it in cement and sink it in the ocean.

In the meantime, yes, this falls into the category of "random shit the world can throw at your business", right along with having someone drive through your display window, or other improbable incidents. I'll note that I'm increasingly jaded about "ultra-high-reliability" of services in general -- even the big boys can't seem to handle black swans.

As xerger@8 said, they appear to be using a blade chassis. I use them at work. You can't just pull a single blade if it is basically a VM plant for the various hosted servers in some configurations.

If they are using something like ESX and it is setup what would happen is the server would simply move to another blade and startup. Most of these chassis configurations are the same way. You'd need to manually migrate it and shut it down. But then you have a bunch of other issues. I suspect Digital One has not been fully forthcoming in what happened.

The bigger thing here is the fact that the laws are lagging behind the tech. Our current laws cannot handle virtual machines, or cloud computing. which is where all hosting has been moving for the last few years.

I don't know enough to say whether the seizure falls in the "reasonable" category. I know more than when I started reading this thread, however.

This strikes me as another of those cases of "Malice or incompetence? Why not both!"

Unfortunately, the Netherlands has been recently been buying into the "Data Retention Laws" for ISPs and similar surveillance concepts. Before that they were a good location, and in general it makes sense to put facilities into multiple countries so you at least don't have all your stuff hit at the same time, whether the failure is from clumsy police or earthquakes.

Serge@20 ...at which point Prince Edward's Island secedes from Canada. Coming soon on the Skiffy Channel... "Ann of Green Servers"!!!

Arrgh, no! Back in the 2000s Canada was trying to promote call center business as a way of providing employment to former fishing villages and similar locations. On the surface it makes sense - literate work force that speak English well. And then you look at the problems of providing enough physical diversity to the call centers to make your customers happy, and find that the facilities are designed to support the needs of a fishing village. There does appear to be some cable diversity getting off of PEI, though we were never sure how real that was, and from there you can go down to Halifax or up to a railroad route to Montreal, but of course there's only one telco office in Charlottetown, so that's a single point of failure, and they'd have to build an access ring to the office building where the call centers were going to be, which didn't appear to have actually occurred to anybody. And most of the areas they were trying to promote had issues like that (even if they weren't islands), and while some of them had service from the newer carriers, a lot of them had really old technology that Bell Canada had never bothered upgrading because there wasn't any demand.

Didn't we just have a thread about the extreme stupidity of declaring a crime so outre as to justify any legal response whatsoever, and how it all goes horribly wrong?

abi @ 4: "It will soon become like trying to get a warrant for the physical handset on which a telephone conversation took place, rather than the content of the conversation."

This is the most interesting facet of the story to me--technological change is clearly outpacing the law here. We can't even agree what the proper analogy is--is this case like law enforcement temporarily shutting down a legitimate business because it, through no fault of its own, was the site of a crime? Or is it like shutting down an entire floor of an apartment building, inconveniencing dozens of residents, because one apartment housed a criminal?

Law works by a combination of precedent and legislation, neither of which are particularly nimble. Computer technology is changing faster than legislatures can pass laws, and as it changes, analogies back to settled precedent become increasingly comical and misguided. The legal norms relating to technology increasingly mismatch the reality, and I feel they are entering a phase of constant asynchronicity. That means law enforcement is going to have to invent new standards as they go, and I'm rather sure they'll tend to maximize their own power. As you ask, who will tug the other way?

“The Constitution may have its problems, but it beats the hell out of what we have now.”

Your data in the country can be as safe as you like, but as long as you host any of your data outside of the country (with eg. Google or Twitter or Yahoo), the US has potential access to it.

As long as Iceland wants to remain friendly with the US, the US will have leverage over them in ways that can be used to hurt you. If Iceland becomes no longer friendly with the US, the US will have *different kinds of* leverage over them, of course.

Additionally, there are only $SMALLNUM cables off the island, so there are a small number of points of control, and the people (telcos) who run them may be (are) susceptible to US leverage. And the TSA is another factor, as physical access is your last trump card, and they can make getting to your box exciting.

Iceland is better than other places, surely, as the Wikileaks people are demonstrating, but it's not the techno-anarchist utopia some people dream it is. This is not Islands in the Net. (Well, okay, maybe it is, at least the later bits of it where the data-havens' protections are shown to be... seriously flawed.)

FTFY. While the ocean floor location slows retrieval, the cement casing is vulnerable to anyone with a pickaxe and sufficient patience.

Hook, phone line and sinker?

This reminds me how my friend Elisabeth, up in Chicoutimi, never could send emails to my work address. Apparently there was a lot of spam originating from up there. Or maybe it came from a phishing village.

They wouldn't be.

My understanding is that law enforcement, to preserve the chain of evidence, don't boot computers they've seized. Instead, they pull the disks (and controllers) and image them, archive the images as evidence, then clone the imaged onto an identical hardware chassis and boot that for forensic examination if they need to watch it start up.

(More likely they don't even do that; they stick a copy of the image in one of their own machines, mount the filesystems, and use their own forensic tools to scan it for suspicious stuff.)

For all Marco knows the FBI have taken an exact copy of his server and are pulling it apart in their labs right now. But probably not. (He's not their target, and the whole point of Instapaper is that it digests web pages down into pure text and throws away the images and javascript -- the stuff the FBI is most interested in[*] is vanishingly unlikely to be there.)

[*] I would expect them to scan any seized filesystems for known child pornography images, malware distribution pages, lists of stolen credit card numbers, and possibly DVD disk images of top-grossing movies. Stuff they can prosecute for possession or distribution of, in other words.

And what of justice for those victimized by these scareware scammers (not just spammers)? Is that worthless because the investigation didn't magically extract the right data without inconveniencing anyone else?

Yep. Which makes me wonder, why is it necessary to perform the seizure in the first place? Why don't law enforcement turn up on site with digital forensics experts and independent witnesses, shut down the systems, make their cloned disk images, and then leave the original equipment in place? Such a process would be less disruptive to everyone, and the evidence it provided would be just as good, as far as I can see.

First off, "magically"? On the subject of uncalled for and beneath the participants of this discussion...that is.

Secondly...it's worth being clear that I am not putting Instapaper above the victims of the scammers*. I am putting the systems of justice by which the police operate above any particular set of victims.

I moved to the UK in the immediate aftermath of the Guildford Four acquittals. I had not yet left when they shot de Menezes. I know what happens when the police don't have to watch out for collateral damage or take good care how they collect evidence. It's not pretty, and it's not good for either the police or the society the police are trying to protect.

The reason we have rules of evidence is because, without them, the police will do whatever they feel they have to to get the person they think is guilty. Sometimes, as in both the Guildford Four and de Menendez, the damage is in "think is guilty". But sometimes, it's in "whatever they feel they have to". And the two clauses break in parallel; once it's OK to elide the rules, there's always a good and pressing reason for the next elision. There's always an innocent victim this time whose needs are more important than the cold abstractions and absolutes on which the legal system is based.

Ever heard the saying hard cases make bad law? That's a piece of the same thing.

Third of all, I think it's clear from the thread that the FBI had better develop some new techniques to deal with the new realities of hosting. But pressure on the FBI to develop less disruptive techniques to extract data doesn't come from nowhere. It comes from attention being paid to the costs of their current methods. That's what I'm doing here: paying attention to those costs, highlighting the secondary and tertiary effects.

Secondary effects: Businesses go dark, lose money. Some of them change web hosts. Is that an acceptable cost? Probably. Power outages and technical failures happen, too.

Tertiary effects: Controversial businesses can't find web hosting, because neither the host nor the host's other customers want to suffer the secondary effects if they're avoidable. Is that acceptable?

I don't think so. Not because I worry about spammers and scammers, but because it's not just spammers and scammers who will be caught in that net. And some of the people who are entangled, who go dark, are going to be important people with important but unpopular things to say. And this isn't an abstraction. I cited an example of an organization that struggled to get a web host. I'm entirely confident that there are many more, smaller, quieter examples.

If those effects are wrong, and I believe they are, then the way to avert them is to push back against the thing that causes them and advocate that it be fixed. That's what I'm doing.

----
* There's potential here for an interesting and complicated narrative about the hipsters who use Instapaper, Pinboard and Curbed verses the more naïve people who are the stereotypical victims of these kinds of scams. It's not true; quite ordinary people use the former service, and very sophisticated users can get end up in the latter group. I don't think it's flavoring this discussion, but I'm declaring here so it doesn't start doing so.

abi is right, all down the line, from beginning to end. I'm going to join her in pushing back, to the extent that I can bear it.

But like the poor schmoe in Night by Night, I don't know that I have the heart to lose another fight.

All my adult life, I've been watching the systematic destruction of the protections provided by the rules of evidence*, in cases and situations where the issues were clear and easily explicable, and it's been a consistently losing fight.

This one is a hard case and it is going to make bad law.

I'm not going to make that sort of downer prediction again. It's not good to dwell on if you're determined to fight anyway. Gramsci wrote from prison about pessimism of the intellect and optimism of the will, and I guess that's what I'm advocating.

*and by rule of law and by the constitution generally, in the sense of protections which bear on all people. The advances we've been making have been bringing classes of people formerly discriminated against under what protections remain.

SOP -- again, my understanding of it -- is to abruptly pull the power cable, then image the (not checked, possibly corrupt) filesystems. Fixing a modern journaling filesystem from such a "dirty" image isn't hard and avoids any risk of time bombs.

Well, how would you go about serving a warrant against the scammer's servers in a blade farm, without interrupting service for any other customer? But also remembering that (1) the hosting provider may be a conspirator, and (2) the suspect may have booby-trapped the server?

Third of all, I think it's clear from the thread that the FBI had better develop some new techniques to deal with the new realities of hosting.

Given both historical precedents and technical realities, the "new techniques" are likely to take the form of regulating the architecture of hosting providers, or at least demanding "easy-open" back doors.

Well, how would you go about serving a warrant against the scammer's servers in a blade farm, without interrupting service for any other customer?

A fair question, but to put it differently, why isn't that the FBI's problem rather than the customers'?

a. There's the collateral damage done by FBI raids. How big a deal this is mainly is determined by how common the raids are, and how much damage is done to bystanders. If the raids are rare and the damage is a day or two of unscheduled downtime, it's probably manageable. If the raids are common and the damage is often wrecking the business, then there's a serious issue there.

What we want here is for the FBI to take the likely collateral damage into account, and only do raids that result in a lot of it for serious crimes that can't be dealt with another way. This is almost exactly the same concern I have with SWAT team raids. I get that there are situations where the only sensible thing to do is send a whole bunch of armed, armored guys into every opening in the building, tossing flash-bangs and trying to quickly rescue hostages and disable or kill anyone threatening. But there's enough chance of killing bystanders that this should only be done in very rare situations, not (as often happens) to search the homes of alleged small-time drug dealers.

b. There's the chilling effect, if (for example) socially or politically unacceptable sites tend to get raided. If the gay bondage porn site, the white supremacist site, or the Wikileaks mirror are subject to raids that involve shutting down everything else in the datacenter, that becomes a practical force for making it harder for those sites to get hosting.

c. There's the use of the inconvenience as a method of punishment or retaliation. For example, if I can seize all your computers for months or years, I can cost you several thousand dollars, can shut down your business and deprive you of a livelihood. This can be and has been done as a form of harassment, notably to some Wikileaks supporters in the US when crossing borders. It can be useful not only in harassing people you don't like, but also in silencing critics and in applying pressure to get people or companies to cooperate with you. All those things have happened with existing tools available to police, prosecutors, and the US federal government at different times.

"Magically" was still inappropriately snarky. There are plenty of civil ways to say what you wanted to say. But John @46 is correct. The FBI has many people with much more technical expertise than I do. And the burden is very much on them to provide a solution.

But one approach would be to fail the other servers in the enclosure—those not suspect—onto blades in a separate frame, and then take away the targeted one. (This assumes a heck of a lot about the hardware and the OS, which I don't know, but it's not rocket science or a bleeding-edge technical problem.)

I do also think that you overstate the likelihood of collusion both in reality and in the FBI's thought processes. Do they assume that the telephone company is in league with a criminal when they wiretap his phone? Not so much.

If the FBI have probable cause enough to include the host in their warrant, then they should be casting the net very differently than if they do not.

They do make copies. Most of the forensic process is done using (verified true) copies of the hard disks. That is, however, not evidence, merely artifacts of evidence. The true evidence is the original hard disk, but you take copies to work on, because (some) steps in the investigation MAY modify the bits.

So, taking the whole hardware does make sense from the way the case law is (or, at least, to the best of my understanding of the case law).

No, I am not in any legal profession, nor am I a forensic investigator. I do, however, read up on the matter once in a while, as I find it interesting (and it has occasionally given me ideas for recovering data off broken servers and thus saved an awful lot of hassle).

Jules @ #39:

Fore "purposes of analyzing", yes. For the purpose of providing evidence in court, they need to be able to provide the original seized hardware (or, at least, that is how I've understood things; see discussion above).

Out of curiosity, whom are you responding to?

You yourself note that your method implies a lot about the provider's architecture; I suspect that any such method will have such implications, different for each method. It still seems to come down to mandating that hosts use an architecture that can support LEO seizures. They did it with the old and new telecoms, I see no practical barrier to doing it with cloud providers.

Albatross #47 said a lot of what I've been too inarticulate to assemble; I'll add that downtiming a company for a few hours balances a lot lighter than risking someone's life in a shootout.

Suing for monetary damages does happen-- I've read about it in regards to police and court bad behavior. I haven't heard of anyone suing the FBI, but it may well be possible.

However, there are cities that pay out large sums per year in court awards, and it doesn't change institutional behavior.

I'm pretty sure that the only thing which does that is politics, and so far as I know, outrage at abuses can drive politics, but the money doesn't.

Because such privilege is absolute, even with a warrant, the FBI or other police would not be entitled to access that data without the consent of the relevant client.

Every time I've spoken to a cloud service provider, I've asked them to make a clear statement that they would tell an FBI agent with a warrant to get lost. Not one has ever been prepared to say so.

There is a pretty good chance for a lot of hosts that they have got privileged data - either emails from a client to their attorney or vice versa, for example - on their systems, and that they are therefore under a legal obligation to resist any warrant.

We prefer to keep the data under our direct control to ensure that our lawyers don't get struck off for breach of privilege and so that we can resist a warrant.

Well, you guys also have a much better chance at resisting a warrant successfully.

I don't think Blades'R'Us is going to get very far with the FBI arguing that there's privileged data somewhere in that datacenter and they can't let the FBI in (maybe if it seems likely that the warrant covers privileged data, but I don't see the feds listening if they have a warrant for non-privileged data, y'know? Seems like a good way to lose a door.) Knocking on a law firm's door, on the other hand...

Yes, Heather K. does point out one instance that came to my mind. Here in the UK, several major accidents/disasters have developed the idea of Corporate Manslaughter: there's some of the same issue of personal and collective responsibility there. Entangled with this is the workplace safety law. It helps if you at least try to get employees to work safely and use the right equipment.

Actually, I wonder if a data hosting specialization has/will evolve specifically and explicitly catering to privileged data.

When you say entire societies base their legal systems on it do you mean that entire societies claim to base their legal systems on it or that entire societies actually practice it, if the latter which societies do you believe actually do this? I suppose at this late date that nobody really believes that the U.S practices what it preaches?

There's a distinction between the legal system, in the sense of the body of laws which govern the society, and the real-world choices around the enforcement of those laws.

US laws, along with the laws of many other countries, are based on the idea that you can't punish anyone until you've figured out that they're guilty. Those laws are the reason that Guantanamo Bay has such a population of gentlemen in natty orange one-piece garments. (Those laws are under assault, as Messrs Manning and Reid, intra alia can testify.)

In other words, American practice varies from its principles. I think this is a bad thing. Indeed, that's why I reacted so strongly to the implication that the police should be able to be a little casual about their search procedures if the crime (email scamming) were sufficiently vexatious. Because that's how we get from the principle to current practice.

But to shrug it off cynically and say, "Meh, that's what you get in America" pretty much robs one of the moral force to demand that the US do it better.

It may be commonsense reasonable, but if a warrant was issued, and didn't list all the properties, it's not a legal search.

Moreover, there are parallels in the present. If I rent a room, and the police have a warrant to search my landlord's property... the portion I rent is not covered in the warrant. If they intrude to my private spaces (which may include defined areas of open space, such as a shed or garage) they are in violation of the warrant.

David Harmon: I don't know that I'd describe this as improbable. Given the broad scope of warrants for electronic search, and the ways in which data moves/gets stored, the specific odds may be small, but the repercussive effects are huge. The coffee shop in my plaza had a car plow through the window/wall. It cost them about three hours of business.

That's a whole lot different from the effect of a police agency having all of one's client's data in their offices; and depending on their good faith to do nothing with it.

The tech vs. law question isn't new (the first "roving" wiretap was meant to deal with the use of public telephones, and allowed the police to tap the calls a person was on, not the phone in question). The question of tracing counterfeit monies has always been a game of pre-emptive catch-up, with almost all of the features of our coinage being vestiigal aspects of the time when coins were valuable; in their own right.

re suing for damages: If the FBI had a facially valid warrant the are immune to lawsuits under the, "acting in good faith" protections of the caselaw interpretations of the doctrine of sovereign immunity.

To say that the U.S is immoral does not rob one of moral force. However as I have no rights in America I expect that I do not have any force whatsoever to demand that it does better. What pointing out that the U.S does not have any moral stature provides one is the moral force to demand that one's own government not bow to American demands.

My America should indeed do better, but need I ask if other countries are themselves without this flaw?

Would a better analogy be a valid search warrant served on an accountancy firm, or other business service firm, for printed records relating to a specific business and/or person? To serve such a warrant will involve a) suspending the accountant's normal business in at least one office for some period of time, however short, and b) a police examination, however brief and cursory, of the other records present in the office - I see no way to exclude records unrelated to the warrant without examining them!

(Incidentally I think courts willing to treat police claims sceptically, robust investigative journalism, and other social contexts are at least as important as the written law to prevent police and executive abuses. This does not necessarily fill me with optimism. On the other hand I have just learned that the UK's Independent Custody Visitors - like prison visitors but for police cells between arrest and charge - have a remit which explicitly includes all terrorist suspects, and multiple people currently have full security clearance to visit any such suspects. So hopefully there'll be no more "falling down stairs".)

In other words, before we can have Serge's "Ann of Green Servers", we need the intervention of Ann of Green Cables.

The problem with your analogy is that the FBI also stopped other clients of the accountancy firm from doing business, or at least materially hampered their ability to do business, for the duration of the search.

Which is, I will note, the way that the investigative agencies generally pressure accounting firms--"you can co-operate, or we'll investigate ALL your clients and publicize that we're doing so." It's been a really effective way of keeping accounting firms from, for example, letting their (former) employees have access to the materials they relied on in their work so they can use them in their own defense.

I will note that I consider this abusive behaviour in both cases. Tom Kirkendall has done a great deal of writing on this subject under his category criminalization of business

I've heard The Press (back in the days before the oligarchical take-over) referred to as The Fourth Branch of government. (Separate from, but in its way as important as, Executive, Judicial, and Legislative.)

I think we could do very well to return to this idea. (In fact, I kind of feel this is the function the blogosphere is serving these days.)

I am of the opinion that the bigger and more important a country becomes the less likely it is to follow the noble words that supposedly guide it.

I live in a small country, but not one that is small enough that I would feel confident it practices what it preaches.

That doesn't mean that I'm discouraging "fight the good fight", not at all. But I think that's the fight that needs to be made, first, in addition to the real good fight.

But I really hit send to say it's "'Anne of Green Cables' with an E", #20, #67.

I'm going to take the coward's way out and blame it all on Serge. "I thought it was Anne-with-an-E, but I assumed Serge would know what he was talking about! You can't pin any E thing on me!"

What fools these mortals be.