> Mr. Barr has said that Facebook’s moves toward end-to-end encryption, which shields the content of messages from everyone but the sender and recipient, makes it harder for law enforcement officers to track malicious behavior online.
It's kind of supposed to be hard, by design. Read the constitution on what it takes to get a search warrant. You're not supposed to be "tracking malicious behavior." You're supposed to be tracking individuals, once you have some sort of actual tangible proof that a judge individually signs off on, that they are doing something nefarious. It wasn't supposed to be a drag net fishing expedition where you can key word search everything anybody has ever said via a digital device at any point in history. No, they were pretty clear about that when they wrote that pesky constitution thingy (and for good reason.)
What is it that you think the Constitution says about getting warrants?
It's not my understanding that the Constitution was designed to make it difficult to investigate crimes. As I understand it, the US largely inherits the common law principle that the public is entitled to every person's evidence. The backstory I understand behind the Fourth Amendment is that the British used "general warrants" as a tool of harassment – where a general warrant was essentially a slip of paper that deputized a group of soldiers to toss houses and confiscate goods on a whim. The intent wasn't to make warrants hard to get, or to gate all conceivable searches on warrants, but rather to make sure that what warrants were issued were at least particularized with a real, defensible purpose.
Another observation that bolsters my particular understanding is the variety of conditions in which the Supreme Court, going all the way back into the era of the founders, authorized warrantless searches. The border search exception, for instance, dates back to the founders.
My feelings about law enforcement and encryption are complicated but hew mostly to the HN party line. However, I feel sometimes like I arrive at my conclusions in a very different way than people who invoke the Constitution here.
But even in the event the government demonstrates probable cause the constitution doesn’t require us to make it as easy as possible for the government to search our homes, papers, and effects. If the police suspect you of murder and get a warrant to dig up your basement you aren’t the one who’s then required to dig.
Now imagine the government said no one should be allowed to pour cement in their basement because it makes it difficult to investigate suspected murderers. That’s what Barr is advocating.
I don't believe the Constitution demands that we make it "easy" for law enforcement to collect evidence, though I'll again note that the animating common law principle comes close: the public is entitled† to every person's evidence.
I work closely with cryptography and think about cryptographic freedom mostly the way other people on HN do. I asked a specific question about the Constitution. The debate about whether we should be "allowed" to encrypt things is incredibly boring, we almost certainly don't meaningfully disagree about it, and I'm not interested in having it.
† or "has a right to" or "has a claim on", depending on whose paraphrase you're reading
> the public is entitled to every person's evidence.
This is w.r.t once it is known to law enforcement and courts. But that's beside the point - I think they person you're replying to is not necessarily disagreeing with you, just extending on what you wrote.
How do you reconcile your principle of "every man" as the overarching concept, with the fifth amendment, doctor/patient, lawyer/client, married couples, executive privilege, etc. There are many examples of privileged exceptions to "every man".
I don't see how "every man" would ever allow the government to demand a tool maker change their tool for the purposes of future evidence collection when that tool has "privileged" uses.
Although I agree with you that the fourth amendment was not made to make it hard to get a warrant, only to restrict warrants to specific, narrow searches with evidenced probable cause.
We don't have a generally recognized doctor-patient privilege in US federal law.
The Fifth Amendment, as I understand it, was added as a protection against torture.
Attorney-client privilege, which is much more limited than people think it is (see: current US drama), is fundamental to the working of our legal system, which depends on attorneys to function.
All you're really observing here is that we order some principles above the entitlement of the state to evidence. That's certainly true! But nowhere above that entitlement is there a countervailing general right to personal privacy; my understanding of the system we live in is that that right, to the extent it exists, is ordered lower than the state's right to evidence.
> We don't have a generally recognized doctor-patient privilege in US federal law.
You are mistaken.
While currently under assault, Roe v. Wade is the paradigmatic case for the recognition of doctor-patient confidentiality (i.e. "privilege") by the Federal government.
> The fundamental right to privacy, guaranteed by the Fifth and Fourteenth Amendments to the U. S. Constitution, protects against unwarranted invasions of privacy by federal or state entities, or arms thereof. As early as in Roe v. Wade, 410 U. S. 113 (1973), the U. S. Supreme Court acknowledged that the doctor-patient relationship is one which evokes constitutional rights of privacy. [0]
> This doesn't say that the federal rules of evidence recognize doctor-patient privilege, and, in fact, the same site says explicitly that it doesn't.
With all due respect, I disagree with your assertion that "the federal rules of evidence [doesn't] recognize doctor-patient privilege".
SCOTUS's saying they
> simply hold that this record [Whalen] does not establish an invasion of any right or liberty protected by the Fourteenth Amendment. [0]
implies that there could be an invasion of a right protected by the Fourteenth Amendment, just not in this case.
While you are strictly correct that this is not a representation of doctor-patient privilege, SCOTUS's assertion that Whalen does not violate the Fourteenth Amendment suggests the possibility that some distribution of medical data could violate the Fourteenth Amendment.
As a side note, your assertion that the "same site says explicitly that it doesn't" recognize doctor-patient privilege is questionable. Would you mind pointing out which passage is explicit about this?
Nerding out is a good way characterizing where we've gotten and--as I suspected earlier and am now certain--I don't understand what "Federal Rules of Evidence" means in the larger discussion of what kinds of disclosure would violate someone's constitutional rights.
That is a big question and maybe someone like 'rayiner or 'marcoperaza would be a better person to ask, because I have no legal training.
Based on my interested but layperson understanding of the law, my understanding is that it's an open question about the extent to which the Constitution provides a right to privacy. But I do not understand it to be an open question, or at least "as open" a question, about whether the principle of access to evidence is ordered higher than that right to privacy, whatever it may be.
(As, just, like, a person shooting the shit on a message board, I should say that of course I value privacy highly, and can think of a number of situations in which I'd order privacy higher than access to evidence! But I can also think of situations where it'd be the other way around. So, for instance: I highly value my right to discuss sensitive political topics privately, without being susceptible to dragnet surveillance trying to find "terrorists" by combing through everyone's messages. But at the same time, I'd like to see Wall Street executives be held more culpable for the harmful decisions they make to abuse their power and access, and those Wall Street execs no doubt feel a strong privacy interests in protecting their discussions about how to, say, price synthetic securities.)
In Griswold v. Connecticut [1], the Court found the state's law to to be in violation of "right to marital privacy" and deemed right to privacy as right to protection from governmental intrusion.
One Justice cited the fifth amendment to get there, another the ninth -- and plenty of legal scholars have argued the ninth amendment basically acts as justification for finding privacy provisions in the Bill of Rights that aren't specifically mentioned in the other eight amendments.
You're right that right to privacy is an open question of sorts (especially under the Bill of Rights), but there is nearly a century of case law protecting it in various forms.
There are a number of ... not-very-good books on the subject (I picked up Carolyn Kennedy's 1990s effort, it's ... poor).
A challenge is that privacy itself is an emergent concept (this is my view, not one widely shared), which is a response to ever-more invasive or capable technologies. As such, much of the relevant caselaw and legal thinking is fairly new, and reflects advances in publishing (Brandeis and Warren), recording, transmission, and detection.
There are some historical antecedants.
Some of the more interesting non-legal-scholar work has come from Jill Lepore in recent years. I'd suggest her work as at the least a good entry point. She's a historian, and should be copiously documenting sources which may be of interest. Unseen: A History of Privacy (2013) https://scholar.harvard.edu/jlepore/presentations/unseen-his...
The forbidding of destroying evidence does not require one to produce evidence in the first place. Deciding against installing cameras in my house does not mean I'm guilty of destroying evidence.
I think that's a fair point, but the analogizing goes both ways: yes, your phone is generating a lot of information about you that simply wouldn't have existed in the pre-Internet era, but at the same time a lot of information that would have existed in that earlier era is now inaccessible by default, without any effort on your part.
I think the government is on the wrong side of this issue, but I don't think they're making the broad "going dark" concern up. I think technologists need to engage more fully with the law enforcement concerns here rather than dismissing them.
There are already a lot a more sources of information today (beside encrypted nessages) than there was in the pre internet era. At that time you simply called from a public phone (for example), even less trackable. Not to mention all the nowadays technology that ease remote tracking of any sort (micro sensors, cameras etc etc). So no, to me it does not go both ways
I think it's more that they have a right to seek it without interference after the fact. You can not be compelled to disclose the evidence that would be used against you, or any information required to obtain it (and thus constitute a disclosure).
If Facebook/WhatsApp's system was built to put them in a position to incriminate you after the fact, then probably the kind of criminal who would use it is the kind you'd convict by other means.
That leaves you with the choice of whether or not to incriminate yourself.
If you are talking globally each country has its laws or no laws on the matter (as you’d expect there are also contradictory court rulings within a country/ state )
This is definitely the more cogent point, and I expect why the FBI et al. are harping on this point with their PR and legal efforts.
In a world where my provider encrypts, the more ironclad self-incrimination protection does not apply. And there are various loopholes to pressure the provider to enable bulk collection.
In a world of e2e everywhere, the participants must be targeted, and they have the benefit of the 5th amendment.
It gets interesting when you juxtapose that (the gov having limits) with the First Amendment. That is, within certain limits, you can say whatever you want. Say whatever you want, and the gov can't easily "hear" it.
Why is your default position here the government has a right to “hear” anything anyone says? Even with end to end encryption you’d be free to mail a copy of your chats on Facebook messenger to the NSA if you’d like.
What is the purpose of a search warrant if it doesn't gate searches? Supreme Court case law has generally upheld that a citizen's privacy is not to be invaded without a search warrant.
"Any assumption that evidence sufficient to support a magistrate's disinterested determination to issue a search warrant will justify the officers in making a search without a warrant would reduce the Amendment to a nullity and leave the people's homes secure only in the discretion of police officers.''
That's really not at all true; there are lots of searches that deeply invade privacy and don't require a search warrant, including border searches, administrative searches at airports and courthouses, and searches incident to arrest.
You are confusing different concepts of frequency/scope and comparing. All air travelers being individually searched vs a single individual case of private investigation into property are 2 equal cases, for the purposes of law. The number of people affected may eventually normalize the acceptance of behavior, but is otherwise a singular legal situation.
It's clearly not singular, since I listed other broad classes of intrusive search, including one, search incident to arrest, that is individualized and every bit as intrusive as a warrant-based search.
> the British used "general warrants" as a tool of harassment – where a general warrant was essentially a slip of paper that deputized a group of soldiers to toss houses and confiscate goods on a whim
I feel like there are a couple of parallels to public servants/officials in contemporary societies to be made here (completely unrelated to your main point).
And how are these digital dragnets not a form of harassment? General searches like the ones facebook is obfuscating are the same thing -- deputies showing up and tossing things around, the only difference is that the person being searched is unaware of it, and there is no mess being made. If you are unjustly caught up in the dragnet then that harassment manifests physically.
You’re being obtuse. People didn’t object to general warrants because they were messy. They objected because the intrusion assumes a certain level of guilt in the population at large, and the individual suffers for it in a way that is contrary to the presumption of innocence.
I mean, the fourth amendment says a lot about warrants, both in the abstract and in regard to probable cause.
You're right that there are warrantless exceptions (most notably, Horton, which clarified the plain view doctrine), but I'm not aware of any case law that compels a third-party to break encryption/build a backdoor in order to satisfy a warrant. That was the genesis of the Apple v. FBI case. Even Lavabit, the rulings were largely procedural and didn't get to the merits of Lavabit's claims against the government's attempts to coerce a service provider into turning into a surveillance apparatus.
I’m not sure asserting Facebook is a third party is correct. They are a third party in the communication sure but are also the provider of communications medium. Compelling then to back door it wouldn’t be compelling a third parry
The 4th Amendment obviously doesn't comment on public-key encryption but it clearly wasn't designed to make it more difficult to investigate crimes (wouldn't investigating crimes be easier with unreasonable search and seizure?) and make it plainly illegal to wander around through people's personal effects looking for evidence of crimes.
Historically speaking, common law is what we call precedent; in other words, past judicial rulings informing current ones. This tradition is strong in the US, but not without exception. English case law, however, is barely taught anymore and even Supreme Court justices can have entire careers being blissfully ignorant of it.
I agree that it should be hard to read private communications of individuals without a warrant, but I also appreciate your type of response. I'm also pro second amendment and find it funny that some types who are strict constitutionalists of the fourth amendment are the opposite towards the second amendment.
The Fourth Amendment prohibits "unreasonable searches and seizures," which the Supreme Court has broadly interpreted to include things such as warrantless wiretaps [1] and even certain types of cell phone call metadata [2]. Effectively, if a person expects their conversations to be private, and society views these as reasonably private (e.g. not taking place in the open, where anyone could overhear), warrantless covert government access constitutes unreasonable search and violates constitutional rights. To quote Supreme Court Justice John Marshall II:
"My understanding of the rule that has emerged from prior decisions is that there is a twofold requirement, first that a person have exhibited an actual (subjective) expectation of privacy and, second, that the expectation be one that society is prepared to recognized as "reasonable." Thus a man's home is, for most purposes, a place where he expects privacy, but objects, activities, or statements that he exposes to the "plain view" of outsiders are not "protected" because no intention to keep them to himself has been exhibited. On the other hand, conversations in the open would not be protected against being overheard, for the expectation of privacy under the circumstances would be unreasonable."
Note that this statement was in agreement to a court decision saying that government wiretapping of a public phone booth was unconstitutional, because when you're in a phone booth with the door closed, you don't expect people to overhear you, and thus it's an unreasonable search and a violation of constitutional rights for the government to record your conversation. Note that this doesn't depend on notions of "trespass" or specific areas, and rather depends on a person's expectation of privacy:
"For the Fourth Amendment protects people, not places. What a person knowingly exposes to the public, even in his own home or office, is not a subject of Fourth Amendment protection. But what he seeks to preserve as private, even in an area accessible to the public, may be constitutionally protected."
OP is almost certainly correct that dragnet, warrantless searching of private message data by the government is a violation of constitutional rights, although it'll take a Supreme Court case to make a real ruling on the subject.
If we could all agree what the Constitution says, we wouldn't need constitutional law professors and there wouldn't be endless debates over what "bear arms" meant in 18th century English.
considering the abuses recently revealed with the investigation into the FBI when it comes to FISA warrants how do we trust any intelligence or law enforcement agency in this country.
worse, sycophants in the press are basically white washing the FBI abuse instead of highlighting it. the ACLU pointed out the abuses but only of course how they impact a very select group.
the fact we need to encrypt from our own government should people a hint that all sides are bad, not just one you don't like.
Even with a warrant, there shouldn't be an "enable surveillance" button that instantly cracks the targeted user's device and gives complete access to law enforcement. At the very least, they should have to physically compromise the user's machines in order to get any access. That should make things difficult enough to stop them from doing it routinely.
You assume that nothing is off-limits to law enforcement.
What about confessionals? I bet there have been illegal conversations between bad people in a confessional. Should they be subject to having cameras or microphones in them?
The law doesn't have a right to invade privacy to uphold itself.
That’s an interesting example. Some countries have laws that protect the sanctity of the confessional, but I think police in most countries could install a bug in there with an appropriate warrant (which hopefully wouldn’t be lightly issued). They can usually install bugs in your bedroom in a serious enough case, so there is no doubt that law enforcement does have a right to invade privacy. Even a regular search warrant obviously has the capacity to constitute a huge invasion of privacy.
The same way you would execute a warrant for say known/suspected drug dealer?
You go to court, get the warrant and execute it...think drug dealers haven't destroyed evidence before (flushing it down the toilet isn't just a thing in movies) while police are knocking on the front door?
Why would that be a requirement? How would you serve a warrant to search somebody's home without alerting them, if they won't leave or they have a camera system set up?
No-knock warrants to the rescue! (OK, that's definitely going to alert the resident, but it's explicitly designed to be served in a way that precludes significant reaction time.)
You serve it on the person who operates the communications technology they are using, or a person who will use the warrant to lawfully break into the premises where they’ll be speaking and install a bug.
In theory, end-to-end encryption should not be vulnerable to this, as long as you verify your friend’s key in person and trust the software not to let it change without warning you. Nothing distributed through an app store can be this trustworthy.
uh - I had to re-read this multi-times. Are you opining we should give up the right of privacy to provide a government who has known to abuse mass surveillance and trust them?
I took it to mean that the police might have to settle for actually serving a warrant to the person they're investigating or someone close to them, rather than some third party under a gag order.
While I support strong E2E encryption, I am not sure I buy this argument. Why couldn't they use an escrow key secured in the same ways as update signing keys? Or why couldn't they be compelled to silently push a special update that exfiltrates all of my messages in plaintext?
Virtual fort knox would be impossible to secure. In the modern age, whether through stupidity or malice, those keys WOULD be stolen, leaked, breached, what have you. Hell, the first time the US government tried this situation, the clipper chip, it was trivially bypassed and shown to be utterly broken by researchers
Sure, Clipper was a disaster, but we've learned a lot about encryption since 1998. I still think key escrow and gov't backdoors are probably a bad idea, especially when you look at the US's privileged position in the internet, which should really be a global or jurisdiction-free space. However, I don't understand why it would be so much harder to protect these keys than the update signing keys that Apple, Google, Microsoft, etc (not to mention every app author including Facebook) already have to protect in order to prevent malicious actors (including nation states) from trivially bypassing all security protections by pushing a signed update to the end-user device.
Honestly if your security model involves hiding from the FBI/NSA, you should not be using a cell phone to do your encryption/decryption. That device runs closed-source blobs and can be remotely configured, accessed, and updated by (at least) your carrier and the device manufacturer.
Don’t Apple, Google and Microsoft already have keys that can be used to automatically update and backdoor any of the billions of devices running their OSes?
Have each phone generate a public/private key pair, and upload the public key to an anonymous repository.
To escrow a key the client app uses a secret sharing system to generate 10000 key shares, with any 500 key shares being sufficient to reconstruct the escrow key. It encrypts each share with a randomly chosen public key from the anonymous repository. It sends these encrypted shares to the government.
If the government wants to recover the escrow key, it has to make a public request for help in which it publishes the 10000 encrypted key shares. Have an app on the phone that can receive notification of such requests, and if it sees that your public key was used for one of the shares it asks you if you approve the government's request to recover the escrow key, and presents the government's argument in favor of this.
If you approve, the app on your phone decrypts the share, encrypts it with a government key, and uploads it anonymously to the government.
In effect, this system provides a jury of 10000 randomly chosen anonymous phone users to review the access request, and 500 of them have to approve in order for access to be granted.
Relying on people who are actively using phones, to find time to make carefully consideted and measured judgements in the name of justice is ridiculous. Full stop.
> why couldn't they be compelled to silently push a special update that exfiltrates all of my messages in plaintext?
See the FBI vs Apple case from a few years ago for an analysis of that.
> Why couldn't they use an escrow key secured in the same ways as update signing keys?
I would expect a key escrow service implemented to the same standards as current large PKI deployments (CPUs, mobile devices, CAs, large software distributions, etc) to be reasonably secure.
However!
* It further enables "turnkey authoritarianism" if and when an abusive regime comes to power.
* It introduces a single point of failure where there isn't one currently.
* It introduces complicated legal compliance issues where there aren't any currently.
* It isn't at all clear how it would relate to decentralized services. (It isn't even clear to me how GDPR is supposed to interact with things like Mastodon and Matrix.)
* It wouldn't actually be useful, because non-escrowed encryption (and stenography in case such is entirely outlawed) are both _readily available_ to actual criminals.
tl;dr: I don't live in China. Let's keep it that way.
It might be possible for the US to successfully hang onto the keys, at least for a while, but you'd have to hand out keys to dozens governments. Given the general level of corruption in the world, some of those would probably be perfectly happy to sell access.
I hear this all the time but I don't understand why it's true. The security of your encrypted messages already relies on the security of the company providing the service. Facebook (and any other messaging app) can read all of your messages in plain text. Otherwise they wouldn't be able to display them to you. Allowing the government to get a warrant to retrieve those messages changes nothing about the overall security of the messaging platform.
Facebook can't read the content of your messages. They can serve you an encrypted version of your messages that your device can decrypt. Look up end-to-end encryption for how exactly that works.
They can't read them in transit, but if you use Facebook's app to decrypt the message (which is the only option) then obviously Facebook can read your messages if it wants to.
While this is true, the app is a client whose code and behaviour can be analysed by end users to validate that it is not behaving nefariously. The same cannot be said for FB's servers or the data in transit, which is solved by E2EE.
Sure, but the facebook app doesn't do that (or at least no security researchers have noticed it doing that). The point facebook is making is that if they had a backdoor that let them read the messages that it could be used for other purposes.
Consider that right now to intercept end2end encrypted messages (and lets just assume facebook has that) a malicious actor has to get physical possession of your device, which implies that you have to be specifically targeted. With a backdoor malicious actors would then be able to target many other things, including for example facebook's servers, to access those messages (and all of them at once). I think simply avoiding the bad PR of "hackers downloaded everyone's messages between 2017 and now" is most of why they want this stuff end to end encrypted.
But there already is a backdoor that lets them read the messages. Facebook actually implementing the functionality to take advantage of that backdoor doesn't change anything. The security of your message relies on the security of Facebook's infrastructure either way.
If Facebook implements a switch in the app that would send your decrypted messages back to them, then a malicious actor would have to compromise Facebook to obtain those message. Right now, a malicious actor can obtain your messages by compromising Facebook and implementing that switch themselves. From a security standpoint that seems identical to me.
The app can bundle the message telemetry with the rest of the encrypted app telemetry when it phones home and even the best security researchers would not detect it. It can also process it locally for profiling and other advertising means.
They read the plaintext from the keyboard. Then the app can send it to them. The problem is how to prevent people to look into the network traffic (encryption?) and to decompile the app.
Since they control the plaintext -> encrypted transition, theoretically they could copy the plaintext payload in the encryption process. If this were hidden (say via steganographic means), it might not be detectable.
But it is true because all end-to-end encrypted messaging apps today have both ends being ... an app written by the service provider, which gets the public keys from ... the service provider.
Do you know WhatsApp encrypts your messages? Or do you just believe it because Facebook said so? How would you tell if the app was modified to disable it? Do you decompile and audit every binary sent to you by the Play Store? What abut the binaries your peers were sent? And what if their key directory served you a wrong key?
E2E encryption isn't useless, but I see a whole lot of technical people confused about why it's useful. Namely, it's a legal/political hack. The law says the government can make you hand over data you have. It doesn't say the government can force you to make arbitrary changes to your life or business to enable them to have whatever data they want. Obviously this would be two very different laws with very different impact: specifically, it would be a law enabling law enforcement to compel arbitrary action. Such laws are extremely rare and usually tightly limited.
But if such a law were to be passed, the technical infrastructure becomes useless. FB could just be forced to switch it off.
In the case where you’re using a centralized service provider with closed source clients written by the same company... sure. E2E crypto does not absolve you of the responsibility of ensuring you trust the client.
In an ideal E2E encrypted system the private keys should never be readable outside the systems you trust. The keys can be encrypted using personal credentials (like a password) and stored on the cloud. A simplified login flow looks like this: 1. download your encrypted keychain, 2. decrypt it using your personal credentials, 3. fetch encrypted data and decrypt it using your keychain.
But you still have to trust the application that does all this behind the screen to not leak your decrypted keychain or personal credentials. Facebook's messenger app is closed source so who knows that's happening there.
Facebook isn't the best example of anything really. There's plenty of services that encrypt messages end-to-end without the ability to "unlock" the message by the service itself. What I don't understand is the argument or case being made that giving anyone the ability to break encryption is a good thing. Smells to me more like ulterior motive to just get the backdoors put in. This isn't actually going to protect anyone any better. Governments have already long had tools to subvert things in various ways regardless of the need to actually break encryption. Why are we arguing for a larger surveillance state?
“Can” as in “I can change how my software is built so that in the future I will be able to” is different from “can” as in “there is nothing preventing me from doing this right now except the time it takes”.
Facebook “can” read messages in the former sense, but apparently not the latter.
I think the distinction is a meaningful one, legally.
That's why I'm confused about Facebook claiming it's impossible. It seems clearly possible without compromising anything about the current level of security on the platform. They would have to develop specific functionality for it, but it is possible.
Yes, and it’s possible for me to plant lettuce underneath my apple trees and deliver romaine to people in 10 weeks.
But the courts can’t force me to do that.
They can force me to turn over lettuce that’s already in the ground.
In both cases I “can” deliver a hundred pounds of lettuce to the courts. But the courts can only demand things I already possess. Not “whatever I am capable of collecting”.
However, one thing I'd be curious to learn more about from this community...
Facebook Messenger isn't encrypted now. What are the biggest examples where that has hurt users. I'm sure it happens, maybe frequently, but one thing that's impossible to get a sense of is the SIZE of the tradeoffs here. What's the biggest thing that's happened that we know about?
Listening to the tech lawyers today at the Senate hearing, the pro-privacy side hasn't made a clear argument about just how bad it is now in FB's case, and just how bad it was before several years ago in Apple's case.
(For FB you can understand why they wouldn't want to say their current system is a nightmare for users. Also, I understand a backdoor is different from the status quo or previous setups... not asking about a backdoor here.)
Messenger is encrypted, just not by default. You have to choose "private conversation" to encrypt. This is probably the right choice for most users since they'd rather have access to their messages across devices than e2e encryption.
Since I'd imagine, then, that 99% or more aren't encrypted, what has been the biggest issue that has resulted from this? We could then judge that against the negative outcomes of law enforcement not having access to, say, WhatsApp messages.
This backdooring of communication is a joke. Everyone wanting to hide something can pgp/gpg encrypt a message and paste it into whatever channel, from fb to irc, from email to counterstrike chat. This whole thing about protecting "children" (or whatever the latest excuse is) is the ultimate nonsense. This wont stop terrorists with enough money to organize something like 9/11, it will only enable spying on own and foreign normal cityzens who dont encrypt what they say. Everyone else who really has "something to hide" wont be affected.
The ultimate end goal here is to ban encryption without such backdoors. So GPG would simply be illegal, and evidence of its use would be evidence of a crime (possession of contraband).
Actually enforcing this is another matter, but enforcement doesn't need to be pervasive to be effective. 99% won't use E2E encryption if it's illegal to do so, making mass surveillance that much easier. The crypto-literate 1% sitting in their fancy darknets just won't matter, for the most part.
> Everyone else who really has "something to hide" wont be affected.
A tiny handful of agents for cryotographically sophisticated organizations are "just" using gpg and pastebin or whatever.
In the real world, the vast majority of bad actors are using the simple/easy/obvious communication solutions delivered to them by their phones and apps. And law enforcement (for both good and bad reasons) knows this and wants access to that stuff, because they know it's possible to get it.
Yeah right. And they were living in a jungle with absolutely 0 news for last 10 years. This period is gone, even before "Eschelon" was known fact, after Snowden you really must be ignorant to avoid this news. And if you are targeting a Guatanamo bay or life long prison you are surely not. Or you are long gone.
This whole sharade is targeting cityzens. I can only speculate why, one could be stupidity and ignorance, profit maybe, or even protecting establishment, mass control. I dont know. But surely it wont affect the "excuses" they are using now.
The reality is that plenty of criminals and bad actors use insecure communication channels like phone calls, SMS, and unencrypted app messengers.
Evidence recovered from these channels is constantly used by police and if apps and services all actually switch to secure E2E encryption, a lot of evidence will be beyond their view.
Turn your argument around- if everyone who hasn’t been living under a rock knows how important e2e is, why are Facebook and SMS and MMS still so popular?
As ordinary people just dont care. They should, but they dont. There is nothing at stake for them. But they are saying that are targeting bad actors who DO care. And now you think that some drug lord (which has seen Hollywood movie about himself using encrypted walkie talkies) with infinite amount of money, smuggling drugs with mini sub (just happened in EU week or two back), the terrorist who is risking air-to-land missile and with oil based money flow is going to use sms/mms? No. The ordinary people will. Maybe potheads.
There's a counter argument here that "ordinary people" represent a much more realistic source of danger than some super-criminals/high-level terrorists. Depressed dude who's read too much bullshit on some forum, so he goes out and starts shooting people is statistically much more likely to happen than another 9/11. This type of lone-wolf lunatics and small groups of ideologically indoctrinated people who operate completely on their own - basically some guys sitting together one night and coming up with the idea that "they should do something about it" - are the future of terrorist threat and significantly harder to spot than large organizations.
Paedophiles too – they target children on unencrypted social media sites. The victims have no desire to switch to a more secure platform, but if Facebook, Instagram and Snapchat were to become secure by default then those companies would stop sending law enforcement a continual stream of unsophisticated paedophiles to investigate. Many of them even use emails and IP addresses that are trivially linked to their real identities.
It's true that even the sophisticated bad guys will accidentally leak info and leave a trail that can help police, but it's also true that mass surveillance significantly increases chances for false positives. The idea of all law systems in the world is to first protect innocents, and only then punish the guilty. Mass surveillance works vice versa, they know that it will affect a number of innocents by mistake, but are ready to accept that in hope that it might make police work easier.
It’s unfortunate that you are getting downvoted. It’s difficult to say whether the “majority” of bad actors are using insecure communications but certainly a very large number of the ones who get caught are. Search any legal database for “Facebook,” or visit a criminal court, and you’ll find lots of examples of people who have been caught grooming children or discussing other crimes on insecure channels. Here’s is a typical child abuse example from Australia, two months ago: https://www.caselaw.nsw.gov.au/decision/5d95952ce4b0c3247d71...
An obvious parallel is that BTC — easy to surveil — still dwarfs XMR — obfuscated chain — in usage on darknet markets. People are generally eager to accept security tradeoffs in order to use the convenient default, even in high-stakes situation (e.g. dealing drugs).
If anyone's interested in the history of this stuff and why government agencies have these expectations, I suggesting checking out The Puzzle Palace from James Bamford
After reading that book and getting a better sense of the scope of intelligence operations over a wider swath of history, these types of requests come from make a whole lot more sense (whether you agree or not, you get a sense of the place they're coming from). Not making an argument in regard to what's right or wrong, but it does provide a tangible dose of reality. Also, given this was written in the 80's and much has come to be known since then, I still think this book holds its own in terms of clarity because it discusses historical topics without the messiness of the internet, social media, etc. Bamford has several more recent books, but I have not read those.
I recently read Permanent Record[1][2] by Edward Snowden and it'll be interesting to contrast his account from Bamford's some 30-40 years ago.
I have to say, Snowden's autobiography was a fantastic read and a chilling look inside the 3-letters agencies. Highly recommended, as the topic is evidently pretty circumstancial to us right now and for the foreseeable future. Also, if you grew up anywhere near the 1980-1990's, especially as a computer geek / nerd, you'll probably love this book for nostalgic / human / relatable reasons.
If you read the article, it’s talking about not putting in a backdoor, and not Facebook saying “we have access to all encrypted messages, we’re just not giving them to you”. As it stands, they’re end-to-end encrypted so not even Facebook can’t see your messages, and that’s what Barr doesn’t like
> they’re end-to-end encrypted so not even Facebook can’t see your messages
Not quite. Facebook still controls the endpoints, so when you see the message so can they. This is obvious: you use their app to view the encrypted message, hence the app has access to the cleartext.
If the app is not phoning home with the cleartext, this seems okay.
You need some software to retrieve/read text anyway, so this becomes an exercise about trusting trust, etc.
An extreme argument? If you don't care about security, perhaps you are right.
In any other case, using a closed source endpoint from the company that promises you "encryption" is completely crazy. They "only" have the ability to decrypt all your messages, remove encryption altogether without notice, targeting ads based on your conversation history, and installing targeted decryption backdoors. Yeah not big deal at all, seems like something really trustworthy.
It's still better than nothing, although in the hands of Facebook it might actually be worse than nothing.
Not at all. Good security often involves some black-and-white thinking, which not everyone is accustomed to.
If Facebook controls the endpoint, then they have the power to access the plaintext, full stop. Using their product (hopefully) implies a choice to trust them not to abuse such access.
I'd argue for not trusting a cryptosystem that requires you to use a particular vendor's CPUs. Open standards and independent implementations at every level should be table stakes.
Although I argue the black-and-white "everyone is a potential adversary" thinking is misguided. Your threat model determines requisite security measures, and you usually have to trust someone. (Although Facebook should probably not be that someone)
The fear is that Facebook could push updates to targets that the US government is interested in and initiate a phone home. The update mechanism is the "front door" that could be used to implant a backdoor.
I agree that this is a risk for basically any networked app, but can't we distinguish whether this is an active concern or a hypothetical one?
In order to actually provide your messages to Facebook, the app needs to either call home when you view the message or write the cleartext somewhere on-device to send home later. If you view the message and then the app calls out with data we can't inspect, or writes something locally that we can't inspect, it could potentially be exfiltrating the message you viewed. If not... am I missing an attack vector, or is that message safe?
(To be precise: this would only prove forward secrecy, meaning safety for that viewing of that message. If we can't see the app's code, it could have testbench cutouts like Volkswagen or WannaCry, or more likely could only trigger for certain users or in certain cases à la Greyball.)
Yeah this - as far as I see it, there's nothing that prevents FB / WhatsApp from "accidentally" shipping the private keys on my phone / machine to their server.
Also, where is the private key stored and when/where exactly is it passed into the decryption algorithm? When/where is the original private key generated and managed? Inside fb software somewhere?
I'm sure realistically the US gov could creatively accomplish what they want.
I have little desire to decompile every update and/or constantly analyse what their app is doing. They've proven to be untrustworthy on multiple occasions, and haven't given me much reason to think they've changed.
They might convince me if they open their client and server code, but even then they're yet another walled garden only interested in keeping their monopoly by building inferior products and using regularly capture to prevent any competition from doing the same thing they did to MySpace.
You can't read encrypted packages being sent by the app. The message telemetry could be bundled by the app with other telemetry and you wouldn't know despite your technical skill.
Not sure the fallout of the public finding out would be worth it over the value add of reading messages, maybe I'm wrong but that's how I would look at it.
If I login to Facebook.com from any random device+browser, I seem to be able to read my "Facebook Messenger" history - maybe this is different if I use the Messenger app, but it seems like there's no E2EE here since I get the plaintext from anywhere.
On WhatsApp there seems to be E2EE enabled but I have no idea what the keys are. A layperson definitely has no idea what the keys are.
Could Facebook build an "NSA mode" where the old keys (K1) are quietly replaced with some known keys (K2) for a particular user at a particular timestamp T?
This means that all messages before T are to be parsed by using K1 and all messages after T are to be parsed by using K2.
As a WhatsApp user, would I even know if "NSA mode" has been enabled for my account? This would enable courts to allow surveillance for all future messages, but the old messages would still be E2EE.
What if you involve Apple+Google into the mix and have them silently deploy a rogue update to a particular user's WhatsApp program - couldn't you just ask a court to write some kind of surveillance warrant which orders the 3 companies to work together to give the alphabet agency a way to remotely take the keys?
That's exactly what the Assistance and Access Act of 2018 in Australia was for. It allows law enforcement to compel third parties to subvert encryption. This doesn't necessarily mean break the encryption itself, but could mean deploying a malicious update to a target device that keylogs or screen captures, or otherwise allows eavesdropping. Keep an eye out for similar bills in your respective governments, it passed without struggle in Australia despite the seemingly negative opinion the public and media had on the issue.
Facebook Messenger conversations are not E2EE by default. When you start one, you have to choose "Secret" in order for E2EE to be applied. This is only available from the Messenger app on mobile devices.
WhatsApp is default E2E and is quite visibly indicated in the application. You can probably make the call on how visible the E2E features in Messenger are yourself if you take a look.
That would require to join Facebook and I'm not coming back there. I'm aware of WhatsApp being E2E, yeah, everywhere except for backups. Another user replied that Facebook plans to go E2E completely, that's surprising but good.
> On WhatsApp there seems to be E2EE enabled but I have no idea what the keys are.
The keys are shown right in the contact's profile under "Encryption", same as Signal. It even has a feature to validate their key by taking a picture of their screen. How could it be any easier for laypeople than that?
> This code can be found in the contact info screen, both as a QR code and a 60-digit number. These codes are unique to each chat and can be compared between people in each chat to verify that the messages you send to the chat are end-to-end encrypted. Security codes are just visible versions of the special key shared between you - and don't worry, it's not the actual key itself, that's always kept secret
So basically it's just a random unique number and could have no relationship to the key whatsoever. We'll never know.
From the content of the article it also seems like it maybe should have that title. In the body they say they won't open their messaging product to law enforcement. Nowhere does it suggest (or deny) they can open messages. Some clarity on this would be nice.
Agreed. "Can't" implies they are unable to do it at all, which means they will not give the information to random LEO requests, because they simply can't.
"Won't" implies they select who they want to give the data to, which mean they probably give that data to other actors, without users even knowing about it.
How would a can't be possible here? They're being asked to modify the client code to enable surveillance. A client can't be secure against changes to its own code, and a protocol can't be secure against the client sharing the data it receives.
It's surprising to me that so many people give the benefit of the doubt to enterprises, when they (at huge effort and expense) emit "mealy-mouthed" rebuttals that leave open the possibility that they actually are doing evil.
These people aren't stupid, and their legal and PR teams understand the fine details of the English language.
It says what they mean to say, not what we wish it would say.
>It surprising to me that so many people give the benefit of the doubt to enterprises, when they (at huge effort and expense) emit "mealy-mouthed" rebuttals that leave open the possibility that they actually are doing evil.
And the alternative is an organization which has an absolutely stellar track record at not doing evil (obvious sarcasm should hopefully be obvious).
Neither party is can be taken at at face value here.
We've had innumerable discussions about the practical impossibility of what various Governments are asking for in relation to encryption. Those who know... know. There's no more debate needed, the mathematics speaks for itself, the history of security breaches speaks for itself (and is only ever gaining in its volume of evidence).
The technology industry needs a template reply referring to the obvious examples of the two pillars, mathematics and history of security breaches, to dismissively reply to any further such requests now and anytime in the future. We shouldn't need to get caught up in any of their cleverly constructed strawman arguments and appeals to emotion. Those who keep bringing these topics up are essentially performing a DoS on the technology industry by tying up resources having to argue established fundamental truths and logic over and over.
So, why do we have to keep spinning our tyres on this?
1. Control: The well established push towards surveillance and the police state that protects the status quo. Technology has accelerated the enablement of this.
2. Power: The powers-that-be don't like being told by 'nerds and geeks' what is and is not possible, despite the very same 'nerds and geeks' creating the technology that has enabled the acceleration of Control. The technology industry's continued non-compliance undermines their desired image of Power.
But, because this whole argument is so purely a power play it's not likely to stop (without fundamental changes to the fabric of society at least). As such, a template reply is needed to mitigate this DoS
It is absolutely technically possible to provided communications with the ability for a government to read them. No one debates that.
Many claim that the security and privacy trade off in doing that is not worthwhile.
The technology industry needs a template reply referring to the obvious examples of the two pillars, mathematics and history of security breaches, to dismissively reply to any further such requests now and anytime in the future. We shouldn't need to get caught up in any of their cleverly constructed strawman arguments and appeals to emotion.
This is absolutely the wrong response. This is a political argument, and the correct response is in the field of politics, not a glib template argument that appeals to technologists view on security trade-offs.
Political arguements is a fool's game as they are experienced manipulators after power. Sociopaths in other words. Not playing the expert's games is the only way to win against them.
Force them to insist upon what every expert says is impossible. The only "answer" they can have to that are more spin spun bullshit or making it their own. A "don't use me ever" form of encryption if they actually succeeded (any other option is better) or they create a tower of babel standing on a vertical gnat's hair - an inevitable collapse on any foolish enough to use it that only damages the arrogant fool who made it further.
Force them to insist upon what every expert says is impossible.
What does "impossible" mean here?
It is certainly possible to build an encrypted messaging system that doesn't use end-to-end encryption and that allows someone within the company that runs that system to read the messages.
There are plenty of existing messaging systems that work this way, even today (eg, FB Messenger in non-private mode, Slack, plenty of video products).
Plenty of them have a long history of operating without having unauthorised information leaked.
So again - what is impossible?
I agree entirely that E2E encryption is much better, but we are fooling ourselves to say anything else is impossible.
Political arguements is a fool's game as they are experienced manipulators after power. Sociopaths in other words. Not playing the expert's games is the only way to win against them.
I'm not entirely convinced by this argument. I think that banning E2E is primarily pushed by security agencies, and I think politicians don't particularly care about this topic at all.
I think the best way to think about this is that such backdoor is like giving policemen ability to travel back in time to any time and anywhere any conversation between any citizens happened (no matter about what and how private) and invisibly eavsdrop to gather any information that will be used in the court of law against people involved in the conversation. It will be used to prove something but also to discredit a person. It may also be used as a blackmail tool in the process of plea bargaining. All against possibly innocent people whose innocence is not so blatantly obvious that law enforcement can't imagine a way to attach some guilt to them.
First of you can't give police such universal time machine because it doesn't exist and some coversations will be beyond their reach (because end to end encryption will not cease to exist if facebook and apple stop using it).
Secondly this analogy should show to anyone, even senator, that this is not a good idea. Especially in USA.
I never thought I'd say this but well done Facebook.
That being said, a few things come to mind:
1. Can they hold out against the inevitable pressure that's gonna be applied now that they have actively come out against the government and said "No".
2. Does this mean they can do it but just won't do it?
3. Will we ever find out if the government secretly forces them to do it?
In response to your third inquiry: They haven’t created a warrant canary, so we’ll never be able to tell. That’s the thing about Facebook: You never know what the truth is. I’ll continue to treat Messenger as compromises by the FBI/NSA.
Let's say FB does such a move. And let's say that it's such a wonderful tech that only FBI has access to those messages. You know what will happen next? Criminals and those child molesters that Barr uses as Boogeyman will simply create an app that will have E2E encryption without any backdoor. Unfortunately for Barr technology is here and it's easy to use it.
Why would a child sign up for an E2E app where it’s easier for paedophiles to anonymously groom them? Sophisticated organised criminals don’t use Facebook Messenger, but this article isn’t about them.
This debate has been raging since the Clipper chip controversy 25 years ago. I worry that encryption will only continue to weaken. It already occurred in Austrailia.
It will happen eventually, I believe. There is simply to much potential power to be wielded for politicians to ignore it long-term. Government only ever takes more power, and the common man does not care enough about this issue to stop it.
There are many US Amendments (notably the 4th) and Supreme Court decisions where the ruling decreases the government's power, sometimes dramatically.
Examples[1]:
- Loving v. Virginia: Invalidated state laws prohibiting interracial marriage.
- Roe v. Wade: Women have a constitutional right to an abortion during the first two trimesters.
- United States v. Nixon: President cannot use executive privilege to withhold evidence from criminal trial.
- District of Columbia v. Heller: Citizens have a right to possess firearms at home for self-defense.
- Citizens United v. Federal Election Commission: Corporations and unions can spend unlimited amounts in elections.
...and then there are a lot of decisions related to upholding/broadening the Fourth Amendment (very relevant to this Facebook issue) that Wikipedia has a full list of[2].
SCOTUS and the constitution act as limiting factors on the government's power, that does not disprove the general rule that government power tends to increase over time.
I was not disproving that a typical govt increases in power over time, only that "governments only ever increase power" isn't true.
There are steps forward, steps back, and then the general trend. Considering the fact that the US used to have millions of slaves (whose ownership was Constitutional and enforced law police), weaker freedom of speech, lower bars for police searches, and no FOIA, I'd suggest the general trend here since 1776 is a decreasing power of govt.
I strongly disagree. It will lead to criminals having their own app to communicate while rest of normal commercial communications will be broken with potential of criminals stealing stuff left and right. All it will take is for some big politician to lose all their money in a heist for these useless attempts to forever disappear.
I actually root for this to happen as fast as possible so all these attempts to go away forever already so that law enforcing agencies go do their actual job.
The fix for that will be to make using those levels of encryption illegal and to put you under suspicion for criminal activity (suspicion of terrorism, for instance) in addition to the criminal activity of using that type of encryption in the first place.
Yes, routing mechanisms, etc exist to make it harder to find out who is using the encryption but the law enforcement power could then also be extended to take down anyone participating in such a network as well as setting up honeypots that somehow get around entrapment laws.
Criminals, almost by definition, are good at doing things without law enforcement catching on. It's possible to try to crack down on this stuff, but like anything else they'll only catch the less competent people.
Catching the less competent people isn’t a bad thing, though. Someone who is competent enough to commit crimes and get away with it is also competent enough to get a well-paid job and choose to live a pro-social life, without the risk of one slip-up sending them to prison.
I suspect that as usual, congressmen will grant themselves exceptions. I absolutely agree that banning or attempting to control encryption will not prevent the bad guys from using it, and will only prevent law-abiding citizens using it to protect themselves and their data.
Sorry but I can't and won't trust anything that has anything to do with Zuckerberg. This year I have fully deleted my Facebook and Instagram accounts and WhatsApp is going by the end of the year when I visit family for Christmas and can help them switch over.
Sadly they won't be ditching WhatsApp themselves but if I can get them using something else to communicate with me and my wife hopefully over time they will see there is a world without WhatsApp. Small steps and all that.
As for what we are switching to that is where I am still undecided. Signal seems the obvious choice but I want to look at all the viable options so I am open to any and all recommendations. Must haves are E2E encryption out of the box, group chat, voice and video (person to person, groups calls not needed).
Assuming that the systems are truly encrypted end-to-end, how do we know for sure that noone can actually decrypt it? I mean, apart from the Eng team that directly works on that part, are we basically trusting them at face value that it works? Or does this code need to live in an open-sourced environment so as to make it more trustworthy?
To be clear, I don't mean trusting the encryption algorithm, that part is easy because math. I mean trusting that that algorithm is actually what's being used under the hood and actually noone can decrypt it for any reason.
Criminals will always be able to easily encrypt messages, unless math is banned. Is the government going to ban every language that has simple encryption libraries? You can easily create your own private keys and encrypt your own messages with a few lines of Python code, and no one can break it. I don't think this is about child porn or terrorists at all. They're only the usual justification for wanting to snoop on everyone.
I dont trust Facebook and frankly, dont care about end-to-end encryption as there are a myriad of ways to communicate if necessary. But I definitely do not trust Barr or the Justice Department or any AG in any way shape or form as they have proven to act immoral,criminal and are clearly beholden to their political puppet-masters and campaign donors. So in the end, its better to have both side incapable of deciphering the data than either capable.
Lets examine the character and truthfulness of both Facebook and William Barr.. There's not a grade low enough to characterize the lying and deceit of both of them.
I have no trouble believing that Facebook is lying an Barr is supporting this lie. We'll have to see how fast someone is convicted based on encrypted Facebook Messages and what excuse Barr and the DOJ use to rationalize it.
> No, they were pretty clear about that when they wrote that pesky constitution thingy (and for good reason.)
They were clear about many other things, but the idea of interpreting constitution as it was meant by the founders has long been dead, with the coup de grace having been delivered by Helvering v. Davis. The constitution is dead, and its skin is worn by 9 people in Supreme Court who get to decide what they want it to mean basically any way they please.
I would say that Wickard v. Filburn is a better example of a coup de grace. Setting up a social security program at least has some reasonable relationship to "provide for the general welfare". But growing food on your own land for your own consumption has no reasonable relationship to "interstate commerce".
That’s contrary to what the authors of the constitution have meant when they wrote it. See my other comment. Roughly speaking, if the “general welfare” was supposed to mean “anything the congress wants to do to provide for general welfare”, there would be absolutely no point in enumerating the powers it does have. Madison was extremely clear about that, and this is how this article was universally understood (otherwise, the constitution would have had no snowball chance in hell of passing) up until Helvering v. Davis, when it was promptly thrown away and replaced with the opposite of original intention.
While I sympathize with your argument, I have to point out that, considered as a general argument about why specific powers are enumerated in the Constitution, the first blow against it was struck long before Helvering v. Davis. In McCulloch v. Maryland in 1819, the same expansive logic that wasn't supposed to be used, according to Madison, was applied to the necessary and proper clause, in order to argue that a national bank was constitutional even though that specific power is nowhere enumerated.
In fact, you could argue that it goes back even further than that: in Marbury v. Madison in 1803, the Court ruled that it had the power to declare acts of Congress unconstitutional, even though the Constitution nowhere says the Supreme Court has that power. One could argue that that is implicit in "judicial power" (and that's basically what Chief Justice Marshall argued in his opinion), but the larger point is still valid, that way too many things were left unstated and implied in the Constitution for arguments like the one of Madison's that you refer to to work in the long run.
It's also worth pointing out that not all of the Framers agreed with the viewpoint Madison expressed that you refer to. Marshall, for example, was one of the ones on the other side: he thought rulings like the one he made in McCulloch v. Maryland were perfectly well within the intended meaning of the Constitution and were not expanding the intended Federal power at all.
I think you’re right. I think Helvering v. Davis was the mortal blow that enabled further expansion of federal government beyond, as Founders intended, the Enumerated Powers, but the Wickard v. Filburn was indeed coup the grace.
I would disagree. The 16th amendment gave the goverment the power to do something like social security as it explicitly allows the taxing of income. The case you mention mainly concerns how the federal government may spend money collected via taxes.
Wickard v. Filburn in my honest opinion seems to allow the goverment even greater involvment in personsal/individual matters under the guise of interstate commerce.
Not at all, no. The 16th amendment allows federal government to impose income taxes. Obviously it makes the tax part of social security constitutional. In no way however it makes the spending part of the social security constitutional, because it clearly doesn’t say anything about what the government can use that money for. For that, we had the Enumerated Powers of Article I, Section 8, along with any powers explicitly listed in constitution, like for example 16th amendment.
Which was (to make the point I think you are making explicit) at least an actual amendment to the Constitution, the way changes like that are supposed to be done. One can argue about whether it was prudent policy, but at least it was using the mechanism for change that the Framers explicitly provided.
Isn't it time to consider writing a new Constitution then?
Most countries have had "a few" (2, 3, 4...) since the inception of the formalized idea. We now know how to draft "good enough" Constitutions by common standards (relatively to history and other countries).
It's a famous US peculiarity in Constitutional Law studies: to have gone the amendment path for so long. To have been so resilient to epochs, to change, to greatness. And yet as of the 21st century, it shows elements of "unfairness" and approximation that seem hard to sustain further, to "sell" to the masses for much longer, or so it seems from a nerdy-law standpoint.
There's evident success but it may have been at the expense of a significant degree of actual democracy — as you suggest for the judiciary branch: this infringes on the legislative branch in this case, and outright fails the accountability check absolutely required from lawmakers. By comparison, judges are elected in the US system, which is accountability put in place to counter or mitigate their ability to make the law by way of setting precedents, giving citizens an indirect say in the matter.
I don't know. I've always pondered on this question. I observe tension rising in this direction over the last 20 years (since Bush Jr essentially). Maybe it's just my personal bias speaking — no wonder a programmer sees the law as inneficient code to be refactored asap! ;-)
"Isn't it time to consider writing a new Constitution then?"
The Bill of Rights would never pass today. It's too radical.
So, no thanks. I'll keep the scraps of the Constitution that I can hang onto rather than subjecting it to whatever our modern political system comes up with.
The Constitution was built on solid philosophical ground, truly advancing the state of the art for governments and freedom. It was written and ratified by people who risked everything for what they believed, and they had the humility and restraint to do a good job. And they actually relinquished their own power for the greater good.
Isn't it time to consider writing a new Constitution then?
Maybe, but it’s not going to happen. Once the politicians understood that all they need is to put enough of their guys on the Supreme Court, any incentive to change how the country works through changes in constitution is gone: why would you go through all that hassle, if all you need to do is invoke the magical spells of General Welfare and Interstate Commerce, and it all through federal law?
We don't have a mechanism to replace the Constitution. Short of getting all 50 states to agree on it (good luck) it's never going to happen without a civil war.
On the contrary, Article V clearly states that it would require legislation on the part of two-thirds of the States, or passage by two-thirds of the House and Senate, and subsequent ratification by three-quarters of the state legislatures.
This would convene a Constitutional Convention, which in turn could rapidly pass an Amendment rendering the existing Constitution null and void upon ratification, after which they could turn their attention to creating and ratifying a new Constitution.
Not only would this be perfectly legal, I consider it an excellent idea.
> Not only would this be perfectly legal, I consider it an excellent idea.
An excellent idea in the abstract sense of hey, that's a really clever way to update the constitution, or an excellent idea in the sense of the politicians operating in America today can be trusted to update the constitution properly so let's do that? Only one of those isn't totally crazy...
And not only the politicians, but every lobbyist and lawyer and judge in the land would want a crack at changing things to their vision of a better Constitution.
A Constitutional Convention is basically opening up one heck of a can of worms. Because remember, a Constitutional Convention gets full power to try and rewrite almost ANYTHING.
In neither sense, because a popular movement to replace the Constitution could only succeed by replacing the existing legislature with one which is amenable to such a course of action.
It's far-fetched, I readily concede that. But it has a lot to recommend it, the very act of proposing and bringing to reality a Constitutional Convention would be a powerful engine of change, with a better-than-even chance we'd end up with a better system than we have now.
Personally I am concerned that such a convention would lead to major changes (in the wrong direction) on individual rights and issues like privacy, censorship, and accountability for the powerful. On the other hand the original constitution is slowly becoming unworkable due to years of contradictory case law.
If the amendment process is flexible enough to allow for throwing out the entire constitution and writing a new one, I feel like a more practical way to achieve drastic change would be to 1) write a new, idealized constitution, 2) diff it against the current one, 3) bucket the changes, 4) propose and ratify a series of amendments that gradually morph the constitution into what's desired.
Now, I don't expect that to happen either, but it seems more plausible. While it might be incredibly satisfying to throw everything out and start over, I'm not sure that's even wise, even ignoring the practical considerations.
Regardless, I think there's a lot of good in there that has held up really well over time, and we shouldn't be so quick to think we can do better. Some things have to go (like the overly-broad interstate commerce clause), and some things need to be added (like stronger rights to privacy), but I think we still have a solid base to work with.
Regardless^2, I don't even see the Equal Rights Amendment getting ratified (even ignoring its currently-expired state); anything larger seems too daunting. Our political client isn't amenable to any kind of constitutional amendments, and I expect that to be the case for many decades to come.
Regardless^3, the political machine seems to -- correctly -- believe that stacking the supreme court is the way to effect constitutional change nowadays, and they're unfortunately doing a good job of it so far.
The effect would be the same. We would end up with a country of, by, and for the red states, for better or worse.
It would be much better to focus on enforcing the existing Constitution, than to write a new one that would also end up being ignored when it proves the least bit inconvenient to the government. The world is full of "democratic" countries with lofty-sounding constitutions.
3/4 of the states are not “red states”. Look at the composition of the Senate. Each state gets 2 senators, but there are only 53 republican senators, not 74-76 as one would expect if 3/4 states were solid red.
In reality the country is divided enough that no wholesale rewriting of the constitution would ever be possible in the current political climate either way, using the amendment mechanism. Hence the importance of using the SCOTUS to reinterpret it one way or another instead...
3/4 of the states are not “red states”. Look at the composition of the Senate. Each state gets 2 senators, but there are only 53 republican senators, not 74-76 as one would expect if 3/4 states were solid red.
I strongly disagree with your definition of "red states," given the electoral-vote map from the last Presidential election.
In any case, my point is that rewriting the Constitution would have no beneficial effect anyway, because we'd just continue to ignore it.
This would actually not work exactly as stated, since there are several parts of the constitution that cannot be amended (every state being entitled to equal representation in the senate, for example). But most of those problems could be worked around
What makes you believe that this part of the constitution cannot be amended? Article V only says that it requires consent of the affected states - which would be all of them, so it's a high bar, but it's not outright prohibited.
That is a very interesting question. One could argue that the spirit of the clause necessarily implies that it cannot be amended itself without consent of all states.
Another possibility would be to nullify the powers of the Senate. So all states would still be entitled to an equal representation, but it's in a body that is purely decorative, so they're welcome to it. This is also arguably counter to the spirit of that clause - although that would be more difficult to argue, since the power of all states would be equally diminished...
But either were to actually happen, the question would rather be, to whom would you make that argument, and what power would they have to enforce such a decision anyway? I would dare say that if anybody got the supermajority necessary to amend anything, they could just roll with it and disregard any objections - just as they disregarded all those who considered the Constitution illegitimate, on the basis that its ratification didn't follow the requirements set by the Articles of Confederation.
You _do_ have a mechanism, you cited it in your statement. Sure its a difficult mechanism, getting agreement from all parties involved, but changing the highest law of the land _should_ be difficult.
When I said "we don't have a mechanism" I meant that it's not spelled out in the Constitution, e.g. how the process for Amendments is in there. It's basically just "common sense" that if everyone agrees, you can change whatever you want.
I do agree that it should be extremely difficult, and it obviously is.
Historically they've been pithy, but there's nothing stopping someone from proposing an Amendment that says "Article 1 of the Constitution is hereby replaced by.... Article 2 is hereby replaced by...."
The Constitution places no limit on the scope of amendments, so in theory Congress could pass an amendment that says "The text of the Constitution is replaced with _____."
There's one notable limit in that an amendment can't deprive a state of equal Senate representation:
>...provided that ...[restrictions on amendments before 1808]; and that no state, without its consent, shall be deprived of its equal suffrage in the Senate.
Of course you can. “Shall not be infringed” would never be interpreted as overriding the explicit amendment procedure in Article V. Most countries have found easy solutions to the paradox of laws that attempt to restrict their own amendment: https://en.wikipedia.org/wiki/Entrenched_clause
probably not, depending on which side CA lands. the western US is probably actually pretty well equipped to stave off the east from invasion. there's, grossly oversimplifying, hella mountains (north) and hella desert (south). not only that, but california feeds a lot of the nation.
honestly, the 3 pacific coast states (CA/OR/WA) are probably pretty well equipped to secede and start their own country if they should see fit to do so. massive coastline, tons of food production, hugely powerful economy in cali.
It still depends on the military. CA is certainly an economic powerhouse, but if the bulk of the military doesn't side with CA, I doubt groups like the National Guard (assuming they don't also support the federal gov't) or private militias (which, let's face it, are children with toys compared to the US military) will be enough to repel the US military, mountains and deserts be damned.
> no wonder a programmer sees the law as inneficient code to be refactored asap! ;-)
Almost every time I hear programmers talk about the law arguing that it should be treated like software and be far more precise and absolute than it currently is I'm reminded of this comic: https://xkcd.com/1831/
There's good reason why most laws contain measured language such as the infamous "reasonable person." They are purposefully written to support changing interpretations as societies expectations of reasonableness and acceptableness change.
Many programming based approaches to the law treat it more like a codification of exactly how a person should behave in every situation, and precise penalties should they violate strict protocol.
It also reminds of the of Etherium DAO. How the mantra for Etherium was "the code _IS_ the contract" for so long, until it turned out the code had unintended behaviour and the so called "contract" was rolled back.
> Almost every time I hear programmers talk about the law arguing that it should be treated like software and be far more precise and absolute than it currently is I'm reminded of this comic
Yep, it's hard. However, there are two things going on. The first is that there are people who are highly motivated to reinterpret or misunderstand a law they don't like or think is wrong. Even when it's pretty damn clear.
The second thing is there are some passages in both the Bill of Rights and the law that aren't as clear as they could be (and not because they're intentionally written that way to provide latitude). I think these are "bugs" that could have been addressed with better drafting. I often ponder how one would re-write the constitution to be more clear, more effective and yet still resilient to change over centuries. It's a hard problem but I think there are certain meta concepts that could be applied that would be net improvements.
American law system does evolve itself through case law. Things which are not clearly defined in the original language are clarified and adjusted through cases. Does it always get everything correct? No. But it's one of the best systems you can get on this planet.
Love the idea of programmers writing the Constitution.
"It works for 95% of the cases, should be fine!"
"Just write up a first working version and we'll iterate from there!"
The writers of the Constitution were experts in history, philiosophy, religion, political theory, war, and even they hesitated and put multiple safeguards in case they got things wrong.
What a laugh that the average computer science grad (or worse, just brogrammer) could even understand the range of considerations to be encoded into a country's operating principles...
just as much a laugh to deify the original writers of the constitution. do you really think we havent learned anything since? and why are you talking about average programmers being involved in this hypothetical process?
i have no doubt we as a people could write a far improved constitution; the problem is that there is no suitable mechanism to get there, no way to avoid corruption
As someone who studied law, I agree with your general sentiment. I was not implying that programmers do that. ;-)
I would however temper your dismissal of "average grads": in lawmaking too, drafts may be written or refined by young people who need to learn! But not without ultimate supervision, of course. Just like young code monkeys are totally able to touch production code in some settings.
As for the deeper matter, "the range of considerations to be encoded into a country's operating principles..." — love the wording, btw.
There's a long way until we are anywhere near expressing the full range of human languages in 'machine compatible' code, programming languages. One could argue there's not even a point in that, since you essentially attain redundancy; and there are more promising ways like ML to tackle the linguistic problem. However it's not black-and-white, the entire sum of norms that apply to us is a crazy vast space, and one that all (individuals and companies) should "optimize" to their particular case. In this as in many things, computing tools can help — and we certainly don't replace surgeons, senators or judges, we should already be content to immensely enhance their capabilities through technology. IMHO.
"Refactoring" was my tongue-in-cheek way of saying that there's much to do in the way of organizing information in the legal space: datasets from which to base logic or standards upon are basically non-existent beyond non-computable literature (that could be modeled, we're talking structure of the law not content, hierarchy and structure of norms, not what citizens put into it). Morphing said structure to become mappable is nigh-impossible to do without concerted effort of most parties. I vetted first-hand some ideas with people working in the field, but the general obstacle is more economical, it's a business strategy/politics problem more than a technical one. I have no idea myself but I doubt this quadri-centennial culture is in any way, shape of form less entrenched at the highest public/federal/international levels.
As someone who took actual law courses, I can only share your sentiment. Briefly,
- that xkcd is (as usual) pretty spot-on
- the most ancient piece of "law" that we have is Hammurabi's (~3200 BC but don't quote me on that), and it's translated to "code". In a weird turn of linguistics, I guess modern incarnation of "code" as a concept (i.e. computer programs) is a very specific subset of "ordering reality", applying "norms", defining "systems". But we should not confuse the two, there's a reason we write law in human languages and code in computer languages and the two have proven quite unable / unsuited to reach the other's purpose.
- a very active domain of lawmaking activity is "harmonization" (as called in the EU), the idea of making different law systems interoperate better with others (e.g. between States within a federation, countries in a Union, internationally altogether). The benefits (in litigation, cost) are enormous, and it's a massive undertaking for that sector. This is the kind of domain optimization I'm thinking about, where computing as a means can help humans better perform the job by orders of magnitude. Think e.g. tackling complex comparative graphs, effect/impact, etc.
> Many programming based approaches to the law treat it more like a codification of exactly how a person should behave in every situation, and precise penalties should they violate strict protocol.
Indeed, a chilling hell that hopefully we'll never be foolish enough to implement. But you know, I know, that the mere existence of the concept means someone, somewhere, sometime will do it. Note also that, in a "positive" way — e.g. to define a meritocracy in a private environment like a company or club — it's been proven viable (the case of Dalio is probably the most famous, but you could argue most corporations are/become such programmatic systems).
- The whole notion of "blockchain as law", "code = contract" is, AFAIK (I read a lot about that in recent years), idealistic. Wishful thinking. It is no more no less "law" or "contract" than your run-of-the-mill compliance-motivated feature. It's born of the will to define a new space from scratch, to 'evade' current systems — physical and digital: banking, surveillance, etc. I don't wish to state about the intent, but the constitutional view is quite clear: such a departure from the accepted "norm" is secession or revolution, and the only way to change that is to become the norm and thus define itself as legal. It does not matter if it's a 1776 paper or a 2019 state of the art technology, the concept of legality remains. TL;DR: everything is/becomes illegal from the standpoint of preserving the existing regime / order / norms; in effect no new regime is ever "legal" under the ancient: you effectively revoke the old, then create a new one.
I'm not sure how versed in public/state legal matters and the history of these things most blockchain proponents are when they believe creating a new legal domain is in any way different or easier because you write it in Java instead of English.
The business angle is more legit, literally so when it conforms to "good practice" (regulations etc.); however self-defeating it might seem to the idealistic "new law / regime" proponents.
Short story, all the talk about evolving law with/using blockchain technology is fluff. It's like saying "internet" or "social networks" will solve "social" altogether. Confusing pipes for content.
Jefferson was staunch about the idea that the constitution should be rewritten every 19 years, so this idea of Originalism is conservatism draped in rhetorical clothing.
Founder intention is absolutely unknowable and it's a ridiculous argument.
> the constitution should be rewritten every 19 years
No, he did not. He thought that the government should work on cycles of 19 years, which could include re-evaluating the Constitution, but focused mainly on extension of debts, term limits, governmental ownership of land. The "Jefferson thought we should rewrite the Constitution every 19 years" trope is used to launder disliking a Constitutional provision but having no way around it but to throw the baby out with the bathwater.
If only there was a body of scholarship that we could look at to discern what their intent was.
I'm being glib, but your broader point is right - Jefferson was skeptical of permanency, but other Founders weren't. I also think Jefferson was just wrong. One of the things that needed to be balanced or accounted for was figuring out how to provide a sense of stability, which the Monarchy had done previously. I am super skeptical that the US would have survived as long (or survived the Civil War) if the Constitution went through a re-write every generation. There's no way to have any sort of long term vision in this scenario.
Jefferson was staunch that all laws including the constitution should have expiration dates and be forced to be reauthorized by each generation (which he put at every 19 years) as it would be unethical for one generation to impose thier laws on the next
Originalism says that the constitution must be interpreted as it was meant when the relevant clauses were authored. It doesn't say that it must be preserved exactly as is. In the originalist framework, you rewrite the constitution by amending it, according to the procedures outlined therein - rather than by creative reinterpretation by the courts over time.
> Founder intention is absolutely unknowable and it's a ridiculous argument.
Yeah, if only they left some kind of papers where they described in detail what they intended. For example, with respect to the Helvering v Davis case, which I mentioned, and which decided on what the constitution meant when it talked about General Welfare, wouldn’t it have been great if we had some authors of the constitution explain it like this:
> Some, who have not denied the necessity of the power of taxation, have grounded a very fierce attack against the Constitution, on the language in which it is defined. It has been urged and echoed, that the power "to lay and collect taxes, duties, imposts, and excises, to pay the debts, and provide for the common defence and general welfare of the United States," amounts to an unlimited commission to exercise every power, which may be alleged to be necessary for the common defence or general welfare. No stronger proof could be given of the distress under which these writers labor for objections, than their stooping to such a misconstruction.
> Had no other enumeration or definition of the powers of the Congress been found in the Constitution, than the general expressions just cited, the authors of the objection might have had some color for it; though it would have been difficult to find a reason for so awkward a form of describing an authority to legislate in all possible cases. A power to destroy the freedom of the press, the trial by jury, or even to regulate the course of descents, or the forms of conveyances, must be very singularly expressed by the terms "to raise money for the general welfare."
> But what color can the objection have, when a specification of the objects alluded to by these general terms immediately follows, and is not even separated by a longer pause than a semicolon? If the different parts of the same instrument ought to be so expounded, as to give meaning to every part which will bear it, shall one part of the same sentence be excluded altogether from a share in the meaning; and shall the more doubtful and indefinite terms be retained in their full extent, and the clear and precise expressions be denied any signification whatsoever? For what purpose could the enumeration of particular powers be inserted, if these and all others were meant to be included in the preceding general power? Nothing is more natural or common, than first to use a general phrase, and then to explain and qualify it by a recital of particulars. But the idea of an enumeration of particulars which neither explain nor qualify the general meaning, and can have no other effect than to confound and mislead, is an absurdity, which, as we are reduced to the dilemma of charging either on the authors of the objection or on the authors of the Constitution, we must take the liberty of supposing, had not its origin with the latter.
Alas, founders just dropped by, left us with the constitution, and then disappeared in the puff of smoke. They didn’t write any Federalist Papers, no notes from the constitutional convention survived, and whether the General Welfare clause meant “federal government can do whatever it wants” or exactly the things they took effort to enumerate doesn’t matter, since the constitution would have passed either way, it’s not like the state delegates even cared one way or the other...
More seriously, while I can understand arguments that the constitution of the founders wouldn’t work for America in 20th century, the idea that we cannot know what the founders intended is completely and utterly absurd, because in most cases we know exactly what they intended.
Originalism in what respect? The Second Amendment specifically stated that a well regulated militia was the purpose of the right to bear arms.
The "originalists" on the Supreme Court had no problem interpreting that to mean everyone gets a gun, regardless of their participation in the militia to defend the state. U.S. v Miller (1939) and the rise of a professional national army made the Second Amendment irrelevant until 2008.
That's when your boy Scalia wrote the majority opinion of D.C. v Heller, where the conservative majority reinterpreted the Second Amendment to ignore the first part (and the previous Supreme Court decision (U.S. v Miller) and state that rather than being in the context of a militia, the right to bear arms should be applied to individuals without context.
Far from trying to apply the principles of the founders to the Constitution, the conservative judges have again and again proven that they exist as a political adjunct to the Republican party, in the true model of activist judges overturning precedent whenever it doesn't fit their politics.
I think the originalist supreme court members cut a lot closer to the original truth than your interpretation, at least with regards to Madison, and Jefferson.
Arguing that the 'well regulated militia' clause is a requirement rather than prefatory is something that original documents do not back up. Painting the originalist movement as a bunch of shills doesn't seem to be fair, or helpful.
Important takeaway with regards to militias: both papers argue that a generally armed populace is a necessary but not sufficient requirement for the fledgling nation to maintain it's own common defense.
Jefferson's opinion given in a letter to John Cartwright many years after the fact (duty to possess, with no regard to serving as a part of a well formed militia. Duty to serve also referenced separately later in the letter):
Keep in mind also that we know for a fact that arms were kept for private use by the Hamiltons, as well as at Mount Vernon and Monticello, they were far from tools of the new federal estate to be taken away upon their existence becoming troublesome.
The Second Amendment doesn't say that militia is the sole purpose of RKBA, and even the cursory reading of the state RKBA provisions that preceded the Bill of Rights, and which were the source of 2A, show that they specifically talked about "defense of self" and individual rights. Take a look at the list here, and note the years when those were enacted:
For example, Pennsylvania had this in 1776, more than a decade before 2A was ratified:
"That the people have a right to bear arms for the defence of themselves and the state; and as standing armies in the time of peace are dangerous to liberty, they ought not to be kept up; And that the military should be kept under strict subordination, to, and governed by, the civil power."
Vermont had almost the same, word for word, in 1777.
The reason why 2A in the federal constitution doesn't really bother to mention this is mostly because it was in large part meant to be a contract between the feds and the states, protecting the latter from encroachment by the former. This is also why e.g. 1A says "Congress shall make no law" - and indeed, early on, it was perfectly okay for states to limit freedom of speech, subject only to their own state constitutions. The states had very real concerns about the feds trying to disarm their militias, since the Brits tried to do exactly that during the War of Independence; and that is why the militia clause is there.
But it doesn't mean that 2A is narrowly scoped to that rationale alone - the journals from the debates over the meaning of the amendment, and other correspondence between the participants (which are referenced by the Heller majority opinion, by the way, so they're not just inventing this interpretation) makes it clear that RKBA was seen as applicable on the broadest level:
"I ask, sir, what is the militia? It is the whole people, except for a few public officials."
- George Mason, Virginia Convention on Ratification of the Constitution
The reason why the issue with the lack of clarity didn't really arise early on is simply because the federal government didn't have the grant of power to pass legislation of this nature that would target individuals rather than states. The earliest 2A cases were attempts to reference it in disputes between states and citizens, and in those the courts have ruled that it is out of scope there (this was before the 14A incorporation doctrine). US v. Cruikshank was the pinnacle of that approach. But if you stick to that approach consistently, then you have to do the same with 1A, 4A, and 5A - there's nothing special about 2A that would make it distinct from all those. So the Heller decision didn't re-interpret 2A - it merely pointed out that 14A applies to 2A in an obvious way.
I also find it curious that you cite US v. Miller, even though the decision in Miller didn't say anything about membership in a militia, but rather the suitability of the firearm in question to militia service - the judges decided that a shotgun with a barrel shorter than 18" has no "reasonable relation to the preservation or efficiency of a well regulated militia", because "it is not within judicial notice this weapon is any part of the ordinary military equipment" (i.e. sawed-off shotguns are not used by soldiers). So Miller essentially said that 2A does not protect firearms that do not have a military purpose. Ironically, taken to its logical conclusion, this means that it protects exactly the kinds of firearms that are the most heavily regulated today.
> But it doesn't mean that 2A is narrowly scoped to that rationale alone - the journals from the debates over the meaning of the amendment, and other correspondence between the participants (which are referenced by the Heller majority opinion, by the way, so they're not just inventing this interpretation) makes it clear that RKBA was seen as applicable on the broadest level:
> "I ask, sir, what is the militia? It is the whole people, except for a few public officials." - George Mason, Virginia Convention on Ratification of the Constitution
This quote is consistently taken out of context to support a radical position on the second amendment. The quote is made in the context of class inclusiveness — he's not suggesting every member of the population was a member of the militia. Furthermore, Congress would define the militia as free, white males 18-45 in 1792 — hardly a broad application.
Here is the full quote:
"Mr. Chairman, a worthy member has asked who are the militia, if they be not the people of this country, and if we are not to be protected from the fate of the Germans, Prussians, etc., by our representation? I ask, Who are the militia? They consist now of the whole people, except a few public officers. But I cannot say who will be the militia of the future day. If that paper on the table gets no alteration, the militia of the future day may not consist of all classes, high and low, and rich and poor; but they may be confined to the lower and middle classes of the people, granting exclusion to the higher classes of the people. If we should ever see that day, the most ignominious punishments and heavy fines may be expected. Under the present government, all ranks of people are subject to militia duty.
Under such a full and equal representation as ours, there can be no ignominious punishment inflicted. But under this national, or rather consolidated government, the case will be different. The representation being so small and inadequate, they will have no fellow-feeling for the people. They may discriminate people in their own predicament, and exempt from duty all the officers and lowest creatures of the national government. If there were a more particular definition of their powers, and a clause exempting the militia from martial law except when in actual service, and from fines and punishments of an unusual nature, then we might expect that the militia would be what they are.
But, if this be not the case, we cannot say how long all classes of people will be included in the militia. There will not be the same reason to expect it, because the government will be administered by different people. We know what they are now, but know not how soon they may be altered."
> Congress would define the militia as free, white males 18-45 in 1792 — hardly a broad application
It's a very broad application, when you consider that it is exactly the set of people who had any political rights at the moment (i.e. voting citizens), who were also deemed fit to serve.
FWIW, Congress eventually passed the Militia Act of 1903 (same one that established the National Guard and the State Defense Forces), which gave a revised definition that is still in force today, and which dropped the "white" requirement - but kept the "male" and the age range, because those were still deemed the basic criteria for any kind of military service at the time. It would make sense to update it again to remove the "male" part - but we'd probably have to fix the draft to apply to all genders equally, first.
Not that any of it matters. The point is that militia duty was the most important reason to protect RKBA from the states' perspective, hence why it was the one that ended up in the text - but that doesn't mean that it strictly defines the scope of the right. Again, looking at the state constitutions at the time, of those that are explicit about the scope of the right wrt individual self-defense, all include it, and none exclude it. The same people who wrote those, also drafted the national constitution. It would be rather surprising if they suddenly decided that it means the opposite in that case - and, indeed, from the minutes of the conventions, we know that they did not.
> It's a very broad application, when you consider that it is exactly the set of people who had any political rights at the moment (i.e. voting citizens), who were also deemed fit to serve.
That's very explicitly not a broad application, which was exactly my point. It's a very narrowly defined group of people who can be "trusted" to perform their militia duty. If we are to follow that original intent, we absolutely have a right to qualify those who keep and bear arms to people who can be trusted to faithfully execute their duty. This group does not includes "all the people, excluding some political officers".
I always find it amusing when the same people who argue for originalism also place all kinds of qualifiers, inferences, and mind-reading around that intent, as you have done here. If militia service wasn't an important idea to include in the wording in order to gain consensus, they wouldn't have included it. Some states wanted militias to keep slavery in check, others valued individual rights, and others yet wanted to make sure they could repel the British if they came back. It's a bit arrogant to try and assign any one motive to a diverse group like the founders.
Not that any of it matters. It's a piece of paper that's open to interpretation. Currently we are stuck with a radical interpretation, but any reasonable person can see how that policy is failing us, and the popular will exists to change it.
How much broader you can get than "anybody who can vote and hold a gun"?
FWIW, I'm not an originalist (nor right-wing in general), nor a huge fan of the constitution. I am pro-gun, but coming from the left, not from the right.
I also don't think that there are any actual originalists currently on SCOTUS, and the ones that claimed to be (like Scalia) were selectively using that excuse, but that's another story.
I don't think I'd go that far. The US legal system has been pretty consistent with respecting Case Law when making new decisions, and it's rare when a landmark decision is made without any precedent.
Interpretation of the constitution generally means building on previous interpretations, which means you'll always get some "drift" away from the original intention (case in point the second amendment, which has drifted very far from the original "well-regulated militia" framing towards inalienable, unquestionable gun rights.) But the drift should typically be incremental in nature, and we've seen few examples of purely "novel" interpretations by the courts.
I don't see how the Trump administration is, on one hand, banning Chinese telecom equipment because of alleged backdoors, then turning around and asking US firms to put in backdoors. Sure, they're your backdoors, but it hurts the US's credibility.
The government’s argument has always been along the lines of: “Don’t worry. The US is better than China and our secret backdoor keys will never be leaked. Trust us :)”
The concept is national security. Credibility is a non issue, same with which administration is in power. This is done because of national security concerns and it absolutely makes sense to reject a foreign powers communication equipment and at the same time continually push for access to hardware being developed in country or abroad.
Yes because "the west" is really respectful of Freedoms....
No nation on the planet respects liberty. None. You just have assimilated the oppression your government places on you so be something "you dont care about anyway" or "I never wanted to do X is the first place" so as to delude yourself in to the belief you are free
No Different than many of the people from nations that we view as "totalitarian" but they claim to be free
Not sure if it's even that simple. The US keeps allies which are essentially uniparty totalitarian dictatorships of some sort or another, some deeply unpopular with the populace, but all of them geopolitical allies.
Every government does this. They want powers for themselves because they are in charge already, and consider it their duty, not that of other governments which they see as potential meddlers or foes, to know what you are doing. They don’t consider it their jurisdiction to want this in other countries - which is why they call it espionage instead.
It's kind of supposed to be hard, by design. Read the constitution on what it takes to get a search warrant. You're not supposed to be "tracking malicious behavior." You're supposed to be tracking individuals, once you have some sort of actual tangible proof that a judge individually signs off on, that they are doing something nefarious. It wasn't supposed to be a drag net fishing expedition where you can key word search everything anybody has ever said via a digital device at any point in history. No, they were pretty clear about that when they wrote that pesky constitution thingy (and for good reason.)