Not a lawyer, but let’s say the cops were searching my house. If I threw the keys to my unbreakable safe out the window, such that they could never be found, I doubt a judge would care for the distinction. That the evidence exists but cannot be accessed is still going to find you in contempt.
Now let's say that instead you threw the keys to your unbreakable safe to your friend across the Atlantic Ocean. And you say that you didn't know that the people entering were cops. And your friend won't give the keys back. The evidence may exist, you cannot access it, neither can the police. The court has no jurisdiction over your friend and you have no authority to force your friend to give you the keys back.
At that point, whether you are in contempt or not depends on the answer to the question "did you know that the cops were entering to look for evidence before you threw the keys?" Whether the judge holds you in contempt or not is a function of the free choice of the judge and is not related to the answer to the first question (though whether or not the judge should hold you in contempt is a function of what the judge believes about what you believed).
If it were keys to a safe that existed outside of the warrant requirements (in another country in fact), then it would likely not be illegal. The regulators would unlikely be able to legally access that safe anyways without extra due process, so it’s mostly about protecting against unwarranted access.
The keys still exist and are accessible. What the kill switches does is make a fishing expedition harder. If the police knew of the existence of a specific document, or even all documents pertaining to certain terms, they could issue a targeted subpoena which Uber would have to comply with (at least in the US).
That metaphor doesn't seem directly applicable to cutting off cloud access.
If we're trying for a metaphor that would be a similar situation pre-digitization, the cloud servers containing business documents could be considered head office, and the office being raided would be the branch office. The branch office would continually be communicating with head office for their operations, and that communication would be shut down during the raid.
This isn't a great metaphor because the "head office" has become sort of stateless and ephemeral with digitization, but that's part of the interesting question the OP was posing, how does law enforcement collect evidence when that evidence is hosted on cloud servers in nebulous datacenters?
By creating a law for seizing the IT system of a company. “Provide everything”, and if we later find that any other document existed back at that time, then it’s contempt of court.
In the US such a law would likely be declared unconstitutional by the fifth amendment due to being overly broad:
“””
United States v. Bridges, 344 F.3d 1010 (9th Cir. 2003)
There was probable cause to search the defendant’s office based on the information in the application that documented his efforts to provide illegal tax advice to various clients, including undercover agents. The search warrant in this case, however, was overly broad. It listed, among the items to be seized, “All records . . . documents . . . computer hardware and software . . .” Though this list was detailed, it was too expansive. There was simply no boundary to what could be seized. In addition, the warrant did not specify the crimes that were the subject of the search (nor did the warrant incorporate the application) so there was no limitation in that manner. Though the application was detailed, the warrant was not. All evidence should have been suppressed. (No discussion of Leon).
As long as no police has confiscated (in most countries this involves the police man touching it, I bet) the equipment you can break it or make it inaccessibility however you like. It's your stuff, after all.
>Not a lawyer, but let’s say the cops were searching my house. If I threw the keys to my unbreakable safe out the window, such that they could never be found, I doubt a judge would care for the distinction.
What if the safe was never in your house at all, but it was in a foreign country across an ocean? And when the cops showed up, you simply threw the keys across the ocean too?
If the cops know of something particular in the safe, then maybe the judge could find you in contempt for not producing that thing when ordered by the court, but otherwise, I don't see how they have any legal leg to stand on.
Your password is sort of protected. A judge can hold you in prison for contempt for refusing to provide a password but there is an 18 month jail limit, at least in federal court.[0]
This theorycrafting is cute, but in reality you've mixed up corporate entities and yourself as a person in a criminal case.
And if a corporate entity finds a way to openly defy a national government, it tends to happen that those governments find a way to change the law (they're the ones making it, right? :P) for that defiance to become punishable by other parts of those governments which can sanction the corporation, prevent their operations within the country or even throw people in jail.
One is, what does the law say? Did they violate it? Is it illegal for a foreign subsidiary to temporarily shut off access to a branch office? How would we like this to work? Policy arguments about law enforcement vs. due process and government overreach.
The other is, politics. If the local government is captured by a cartel of taxi medallion holders who don't like Uber, the government is going to find a way to screw Uber, regardless of whether Uber is complying with existing law. But then it's politics and Uber is a multi-billion dollar corporation, so they have the option to capture the government themselves.
Of course, that leaves the meta argument. Maybe deciding what should happen based on the second method is worse than the first, so how do we prevent that from being what happens?
No, what I'm saying is that governments aren't compilers you mess around with at will when you're as big as Netflix. The fact that something might be illegal is a changeable state by that very government if they decide a corporation has been jerking them around too much. Something being legal right now is a temporary state.
Did you miss all the screaming of US corporations in relation to EU Acts like DMA? Those changes are exactly what happens when you start to think that law and people behind it are separate.
You are aware of the fact that tax evasion means these companies are freeloading on the tax money the rest of us (including: you) are paying? Especially in the case of uber which is essentially using public infrastructure to make their money having them pay taxes should be normal.
I agree that customer data needs to be protected, but it is bold to assume that is the case at all with these powerful corporate entities: if they lie to the state when filing taxes what makes you believe they are ernest when it comes to the protection of their users privacy?
Maybe it is a weird ideology I am holding here, but the more powerful an entity is, the more transparent it should become — nowaday we got this completely reversed with poor people being naked in front of the state and big corps literally fooling everyone.
Edit: some also seem to think the state is the behemoth that jumps on the poor little companies here. To that I just have to think about the account of the German public prosecutor Bäumler-Hösl (of wirecard fame) where she told about a raid on a bank where she and 4 collegues were opposed by 130 (!) company lawyers.
In general this is not what they do. What they do is read the tax code carefully and structure their operations in such a way as to minimize taxes, e.g. because tax is paid on "profits" (revenues minus expenses) so they shift more expenses into jurisdictions with high tax rates etc., causing "profits" to go down in those jurisdictions and up somewhere else.
Then they don't pay any taxes in the jurisdictions with higher tax rates and politicians go on TV and complain about the companies following the laws that the politicians enacted. Because if they actually fixed the laws, the taxes would be paid based on the extent to which the company does business in that jurisdiction, and then companies could only avoid taxes by not doing business there (costing the country jobs) or, for taxes associated with local sales, by raising prices there. Neither of which the politicians actually want to do, so instead they pass laws that allow companies to avoid taxes and then complain about it when the companies do it.
Thinking the systems that a company has are so sensitive that the company is basically above the law is the insane thing.
It is just a company--a group of people granted certain rights. They have databases...fancy filing cabinets. Just because the company is famous shouldn't preclude their filing cabinets from being searched (presuming legal processes are used and not abused).
> They have databases...fancy filing cabinets. Just because the company is famous shouldn't preclude their filing cabinets from being searched (presuming legal processes are used and not abused).
That analogy doesn't work, because the "filing cabinets" are actually sitting somewhere else, possibly in another country/continent. It's not obvious that authorities in one country has authority over documents stored in another country.
I think it is not crazy to think that if the contents are used from some country then intentional obstruction of justice stuff like kill switches or dropping VPN connections should be treated as intentional obstruction of justice. AKA reality of use matters more than "location" of data.
I and many others think the government should have 0 business in my filing cabinet. That difference in world view might be what makes this topic more complex than you seem to think.
[Not parent poster] So even the most heinous act of violence become unprosecutable when the suspects/accomplices have moved all remaining evidence into a magically inviolable filing cabinet?
No? Then the world is a lot more complex than property rights trumping everything else.
I think it’s very hard to say, and it just gets harder the more I think about it (like many things tend to).
On one hand, if the condemning evidence can’t be provided by someone other than me, should the case be prosecutable?
On the other hand, any sentient human can come up with examples of cases where it might be reasonable to search my belongings for evidence; multiple independent witnesses point to me being guilty of murder and investigations have otherwise stalled. Or anything of the sort.
What if all the independent witnesses are not independent? What if I’m not the guy, but just a lookalike? What if I’m being set up by the authorities?
The easy thing to do here is to say well okay SOMETIMES it’s okay to search one’s belongings but not for like any silly reason or anything like it has to be a real serious one. Then it’s just a matter of where to draw the lines, and who should get to decide.
I like the more absolute stance I made earlier; the government shouldn’t have any business in my personal belongings. Some crimes will go unpunished and that’s a price I’m willing to pay.
For companies that deliberately obstruct justice work? Have the board and a healthy amount of executives serve 20 years in a high security prison, seize the assets and investigate their investors' due dilligence process. Gather proof with infiltrated workers.
Tech leaders need to learn that criminal conspiracy is not part of a good business plan. If they start using mafia tactics, so can Justice.
The problem is deeper than that. When a physical space is raided, its scope is obvious. Digital spaces don't have that characteristic. There can always be hidden indexes.
Yeah it's hard to see how any French official would have authority to conduct searches 10 meters beyond French borders, let alone over all of Uber's computers located in dozens of other countries.
Hard to see how a company can imagine it can do business in a country and not follow that country’s record keeping laws and be subject to criminal and civil statutes in that country.
If you do business in France, you are accountable in France. Your problem to provide the asked documents if it's the law to provide them. That you are using computers elsewhere to store stuff should not be any relevant.
You shouldn't really be able to have it both ways, should you?
Uber's files and computers located in French territory are of course accountable to French authorities, but that's simply not the case for those located in other jurisdictions…
Unless there is some international law or treaty mandating that?
Authorities might not be able to seize computers and files in another country, although I think interpol can get involved in tax fraud or tax evasion matters.
Preventing access to your accounts during an audit is quite fishy, especially for an onsite audit without warning which, in France, is supposed to happen only if the authorities have doubts that you could make some evidences disappear. During an audit, the CEO is supposed to provide the documents, the inspectors are not supposed to access your files themselves I think.
(So blocking access for security reasons is bullshit, to answer someone else, the right thing to do is to have all the pieces in order for when an audit happens anyway)
Unless it’s legally mandatory in such a way that superior authorities can’t overrule it, then it doesn’t seem to matter? (such as the President, appellate courts, etc…)
Clearly in this case Uber got a superior authority to do so, and in any future case that will still be a likely possibility.
It's not a matter of what's located in France. It's a matter of what documentation about your company requires you to keep. Regardless of where the computers you use are physically located if you can't produce the required documents you get to be fined, be shut down, and/or go to prison. No company gets to play the game of "we're doing business in Uzbekistan but our accounting servers are in Sealand so we don't have to file any taxes or provide any other records." Not only is the idea absurd, anyone who thinks that is congenitally stupid or stupid by choice.
Attempted insults only decrease the credibility of the writer… anyways I didn’t claim Uber is supplying less than the legally required amount of paperwork?
Nor is it likely.
All the accounting, insurance, banking, regulatory, etc… paperwork legally necessary for even a large company in France can easily fit in a set of binders that fit in a single bookcase.
So it’s literally possible for all of it to be ready and available for inspection before anyone even touches a keyboard. And in fact that was the case for every company in France pre 1960s.
If a company is doing business here, the actual location of file is irrelevant.
Also when the government is really motivated, he can arrested the founders or executives directly (Pavel Durov). Which is what they should do to Netflix execs if they are doing business illegally.
>Also when the government is really motivated, he can arrested the founders or executives directly (Pavel Durov). Which is what they should do to Netflix execs if they are doing business illegally.
You're in favor of holding executives hostage to demand access to data? If they actually did something illegal, they can be arrested/tried for that, but arresting executives as a means to coerce companies into doing stuff is a total perversion of the rule of law.
> You're in favor of holding executives hostage to demand access to data? If they actually did something illegal, they can be arrested/tried for that, but arresting executives as a means to coerce companies into doing stuff is a total perversion of the rule of law.
Turns out that witholding data as a company executive is outright illegal, so yeah, we're in favor of it and they can get arrested and charged for for it.
>Turns out that witholding data as a company executive is outright illegal, so yeah, we're in favor of it and they can get arrested and charged for for it.
Except in this case it's not the executive that has the data. The data is sitting on some cloud server somewhere, and the executive no longer has access because the CISO got wind of the raid and locked his account. If you're holding the executive, you're not holding the executive because he's refusing to cooperate with a warrant, you're holding the executive as a hostage so HQ would turn over the document.
> You're in favor of holding executives hostage to demand access to data?
This is a very emotional way of saying "you're in favour of enforcing contempt of court rulings against people who try to obstruct the judicial process".
This situation already happened with X/Twitter when the Brazilian Supreme Court attempted to compel Elon & co to disclose the social media accounts of alleged rioters. Unfortunately, it seems few people learn from even recent history.
EDIT: Article on the kills switch https://www.theguardian.com/news/2022/jul/10/uber-bosses-tol...