You don't come to HN just to hear what you already think, so in that spirit here's what I think.
First, from what I can see, everything we know about this proposal was filtered through an NYTimes reporter. In other words, we have no idea what the specifics of the proposal are. The issue that's lighting everyone up is the "likely" requirement that "Developers of software that enables peer-to-peer communication must redesign their service to allow interception."
This, to my eyes, could mean one of two things: either (a) the DoJ expects independent developers to backdoor any voice app implemented with encryption, or (b) the DoJ wants a lever to use to get Skype to comply with law enforcement investigations.
Option (a) is crazy-talk and won't happen, if only because there's already judicial precedent for the idea that source code is a protected form of speech; you can't ban encryption in the US, and we're epsilon from overturning the idea that you can even restrict its realization in an actual product from international commerce. A more pragmatic reason this could never happen is that industry wouldn't allow it, and contrary to the notion of the government as a big clumsy untethered gorilla that can run wild, it actually is difficult to pass and enforce laws that incur 8-figure costs at Fortune 500 companies. It's also too easy to lobby against.
Option (b) is where I will annoy the hell out of you, because I don't think this is a totally unreasonable thing for the DoJ to pursue (whether they should actually get it is a separate issue).
In the United States, we don't actually have a right to be free from investigation. We don't even have an enumerated right to privacy! We're free from unreasonable searches and seizures of property, and court-authorized wiretaps simply aren't unreasonable in our jurisprudence (or even our common sense understanding of the law).
My crypto-fan acquaintances on Twitter are fond of pointing out that this proposal would do nothing to catch Bin Laden, which is of course true (no law will). But I don't think this is about Bin Laden; I think it's about garden-variety prostitution rings, racketeering investigations, drug and weapons smuggling, and other day-to-day law enforcement issues. As I understand it, wiretaps are an integral part of these kinds of criminal investigations, and it is a bona fide problem for LEO's that voice communication is moving to encrypted IP networks.
The reality, again as I understand it, is that 80% of criminals are simply too stupid to migrate from Skype to something more secure to avoid wiretaps. So if this is a law that basically says "people should not be immune from wiretaps by technological default", well, that seems sensible. If you care about the security of your voice comms, set something more secure up.
It's hard for me to get too up-in-arms about the idea that the FBI wants to tap Skype, since they can already tap GSM and they can already tap my land-line phone.
Some people, I think, feel intruded upon since this represents the FBI treading on their own personal technology. But remember, with a court order, the FBI is already capable of backdooring your machine with surreptitious keyloggers and all manner of other doohickeys. This rather moots any "P2P encryption" you might be relying on.
"While the opinion in Lawrence was framed in terms of the right to liberty, Kennedy described the 'right to privacy' found in Griswold as the 'most pertinent beginning point' in the evolution of the concepts embodied in Lawrence..."
Let's avoid a rathole, stipulate that privacy is a Constitutional objective recognized by the Supreme Court, and re-focus on the fact that you clearly don't have a right to be free from wire taps.
Well... in the process of investigating and punishing people, the justice system pretty much inherently must negate many otherwise recognized rights.
You do have the right to be free of wiretaps - except in the course of a court-ordered investigation. You have a right to not be a slave - except when you violate the law and the state forces you to work, etc..
This is why its important to limit the purview of government, why even if we allow prosecutors to spy on people, we might not want them to easily spy on people, etc.
We don't want them easily spying on people, but we might not want it to be virtually impossible for them to spy on people by default. I use the word "might" because I myself am not sure. But I definitely see the dilemma they face, and my reaction to it is not knee-jerk.
The level of difficulty the government has in spying on people should be inflicted through the judiciary - obtaining a warrant and the like with appropriate punishments for setting aside this process.
I have not looked deeply in to this though, so apart from that point I have no position on this proposal.
The only way I can find it at all feasible is if the government supplied crypto binaries that you could / should / etc link against. If that has a backdoor which gets broken, you're not at fault. If your code has a backdoor because someone made you put one in, it'll end up being your fault if someone gets spied on illegally.
But remember, with a court order, the FBI is already capable of backdooring your machine with surreptitious keyloggers and all manner of other doohickeys. This rather moots any "P2P encryption" you might be relying on.
Au contraire, they'll never get my encrypted FrogPad that lives in my pocket and sleeps under my pillow!
It used to be the case that the police couldn't tap your land line without a warrant. How long did phones even exist before the government was already abusing this power? The government can't be trusted to have a mechanism like this and not abuse it (setting aside the fact that the existence of such back doors means once someone cracks it, anyone can tap you).
First, from what I can see, everything we know about this proposal was filtered through an NYTimes reporter. In other words, we have no idea what the specifics of the proposal are. The issue that's lighting everyone up is the "likely" requirement that "Developers of software that enables peer-to-peer communication must redesign their service to allow interception."
This, to my eyes, could mean one of two things: either (a) the DoJ expects independent developers to backdoor any voice app implemented with encryption, or (b) the DoJ wants a lever to use to get Skype to comply with law enforcement investigations.
Option (a) is crazy-talk and won't happen, if only because there's already judicial precedent for the idea that source code is a protected form of speech; you can't ban encryption in the US, and we're epsilon from overturning the idea that you can even restrict its realization in an actual product from international commerce. A more pragmatic reason this could never happen is that industry wouldn't allow it, and contrary to the notion of the government as a big clumsy untethered gorilla that can run wild, it actually is difficult to pass and enforce laws that incur 8-figure costs at Fortune 500 companies. It's also too easy to lobby against.
Option (b) is where I will annoy the hell out of you, because I don't think this is a totally unreasonable thing for the DoJ to pursue (whether they should actually get it is a separate issue).
In the United States, we don't actually have a right to be free from investigation. We don't even have an enumerated right to privacy! We're free from unreasonable searches and seizures of property, and court-authorized wiretaps simply aren't unreasonable in our jurisprudence (or even our common sense understanding of the law).
My crypto-fan acquaintances on Twitter are fond of pointing out that this proposal would do nothing to catch Bin Laden, which is of course true (no law will). But I don't think this is about Bin Laden; I think it's about garden-variety prostitution rings, racketeering investigations, drug and weapons smuggling, and other day-to-day law enforcement issues. As I understand it, wiretaps are an integral part of these kinds of criminal investigations, and it is a bona fide problem for LEO's that voice communication is moving to encrypted IP networks.
The reality, again as I understand it, is that 80% of criminals are simply too stupid to migrate from Skype to something more secure to avoid wiretaps. So if this is a law that basically says "people should not be immune from wiretaps by technological default", well, that seems sensible. If you care about the security of your voice comms, set something more secure up.
It's hard for me to get too up-in-arms about the idea that the FBI wants to tap Skype, since they can already tap GSM and they can already tap my land-line phone.
Some people, I think, feel intruded upon since this represents the FBI treading on their own personal technology. But remember, with a court order, the FBI is already capable of backdooring your machine with surreptitious keyloggers and all manner of other doohickeys. This rather moots any "P2P encryption" you might be relying on.