Why are EDR's from LE even a thing? If it's really such a matter of life and death, they should have a judge on call (i.e. a judge-type judge, with a robe and a gavel) to issue an emergency court order. So it's a real court order and not some simulation from a police department. Of course that can also be forged so this question is only about why judges are removed from the loop. If it's really a matter of life and death, wake up the damn judge. If that's too big a deal, you are doing too many of these "emergency" requests.
Our courts and legislative bodies have not grown in size linearly with the population, but the modus operandi of these institutions has also not changed. The distortion of too many people per representative without a change in how representation functions explains a lot of our issues.
> how much money can we expect e.g. Google to spend verifying court orders targeting users on free plans?
You don't pay money to enter Walmart but they are required to spend as much money as it takes to ensure you don't die in a fire while giving them zero dollars. Likewise food safety standards required by law aren't a sliding scale based on income. The relevant factor isn't how much money you made off the mark its how much harm your behavior can cause to that person.
If you put yourself in possession where your failure causes them greater harm you bought yourself a potentially expensive obligation that you wouldn't have for example if you just served search engine results based on search query or ads served without knowing the persons life story and the contents of their diary since the 3rd grade.
The actual answer is however much it takes to do a reasonable job or we ought to just fine you so much per screw up that you are forced to go sell shoes instead of search engine results.
The government can and should help make this procedure reasonable as it is 99% of the problem. Such orders ought to be cryptographic signed by hardware tokens that are physically in the judges possession on a device that isn't online THEN emailed to google. This relies purely on 1970s technology and probably should have been implemented about 20 years ago if we weren't collectively complete morons.
While this is implemented just coming from judges official government emails as opposed to their personal emails or a billion idiot cops would be substantially more secure.
Part of the problem is, because any cop can send an emergency request, in California there are 93,000 cop e-mail accounts, every one of which has to be protected from hacking.
By creating a bottleneck of, say, 10 judges per state who can issue emergency warrants (generously paid to staff a 24/7 rota) there are only 10 people whose e-mail accounts have to be kept 100% secure.
What if we taxed Google like we should and then use that money to properly fund out legal system and come up with solutions to the problem that you've pointed out?
A simple illustration of how it could be useful: Search and rescue teams.
Somebody notices my car parked there with the whiteboard laying on the dash saying "Griffith Shadow 3/24". Any responsible hiker seeing that is going to call it in.
The search and rescue team will look at that whiteboard and note the label tape at the bottom with various bits of information. It should be obvious that I'm inviting search and rescue to use the information printed there, why should a judge be involved?
(And the S&R guys will know it's probably serious--from reading that board they know I should have been able to call for help.)
> It should be obvious that I'm inviting search and rescue to use the information printed there, why should a judge be involved?
For the same reason you still need to enter a sudo password when you use sudo for a trivial self-evident thing: It is not the trivial self evident thing we want to prevent, but the difference between a cop tracking the ex they are stalking and that missing person is literally just their no own judgement.
Trusting cops not to abuse a certain power is bad when you can just implement a little systemic friction that prevents large scale abuse.
> If it's really a matter of life and death, wake up the damn judge.
This really isn't a reasonable expectation. There are only so many judges, and being on-call 24/7 for all emergencies is not part of their job description, and it probably should not be, either. They need clarity of mind when they're making decisions, not to be in a sleepy mood. Moreover, you seem to be proposing a solution in search of a problem. There isn't widespread abuse of this by cops in the US (that I've heard of, anyway) to justify upending an otherwise effective procedure.
> There isn't widespread abuse of this by cops in the US (that I've heard of, anyway) to justify upending an otherwise effective procedure.
There's massive abuse of police power to get access to data that would normally require a warrant. The only reason EDRs aren't abused more often is because it's often easier for cops to use more "straightforward" approaches like threatening the person/organization they want to get the data from, or lying (or misrepresenting) in order to get the other party to "voluntarily" give up the information.
There's also massive abuse by police of the tools and information provided to them for non-official purposes. Police personnel that will casually run license plate checks for friends and local businesses will abuse other tools as well.
> There's massive abuse of police power to get access to data that would normally require a warrant. The only reason EDRs aren't abused more often is because it's often easier for cops to use more "straightforward" approaches like threatening the person/organization they want to get the data from
Nobody said anything about "police power" in the general case. The discussion here is about EDRs, which you yourself acknowledge aren't abused frequently. Therefore it follows that making EDRs harder would not really solve that problem. You'd need to make other avenues for getting people's data more difficult before you contemplate changing this one.
Actually nobody is in a position to say they aren't abused frequently so that is a completely unreasonable position to take given the centuries of corrupt behavior.
I wouldn't even know about the corruption if they were not so completely sure to be untouchable.
One anecdote: a friend moved into a new neighborhood, a gated community. One evening when walking the dogs, a neighbor who is a cop greeted her by her full legal name. She said she never uses her middle name anywhere. As far as we know, there is no way the cop could know her middle name without looking her up. Who in any social situation greets someone by their full legal name (and that too without ever being introduced)?
As far as she can tell this was their way of telling her that the officer knows who she is, knows where she lives, and is watching her. Who does that?
The cop might have been going for intimidating, but there are a number of ways he could have had access to her middle name without abusing power:
- In my county (and every other county I've looked into in the US) real estate transactions and deed recordings are public record, available online, and sometimes include the purchaser's middle name.
- If it's a gated community, it almost certainly has a HOA, which would have an application/notification process (probably including ID info, potentially including a background/credit check) to feed information to the HOA board (which cops, being local government-oriented people, might be inclined to be involved with).
Occam's razor - when your friend moved into this gated community, it is almost certain they had to provide some background information, including name to the gated community. Might even had some contractual requirements that needed background checks. This person maybe just looked at the monthly flyer that was stuffed under every owners' door "please welcome Jimmy John Joe Smith living in 123 Fancy St." ...
My state has hundreds of judges. I daresay they could convince some of these to run an oncall rotation for a slight compensation bump. It's not like the police are filing these EDRs every day.
> It's not like the police are filing these EDRs every day.
Do you have a source for this? I just went to check T-Mobile for example and their site says they got 164k of them in 2020. [1] That's about 450/day, and it's just one company.
All the more reason to get some oversight into the system. The CDC reported 24.5K homocides in 2020 [0], so one company's EDRs represented 6X this figure. I find it difficult to believe that each and every one of those 164K represented a true life/death scenario that would necessitate a breach of privacy by a government agent without any due process.
Do you honestly believe the number of emergency data requests aimed at preventing a suicide is more than a 2 digit number out of those requests? Nobody and I mean nobody in government gives one damn about a person in crisis unless that person is literally standing in the high place about to jump in which case they will surely show up in time to file whatever paperwork is required to initiate the cleanup.
> any police jurisdiction can use an EDR to request immediate access to data without a warrant, provided the law enforcement entity attests that the request is related to an urgent matter of life and death.
You shouldn't read so much into a single sentence like that when it's so broad. That's just a summary they wrote offhand. It's not an absolute statement about every jurisdiction or company. Google around and you'll find there's more to it than that. Like "serious physical injury" for example.
> You shouldn't read so much into a single sentence
I disagree. That sentence is unambiguous. Either that sentence is blatantly incorrect or an EDR does imply life or death. The two possibilities are mutually exclusive.
Ridiculous. Look up how many homicides and suicides there are every day in the US. A lot of them are associated with such emergency requests.
It's so funny that you are using the word "proof" without using any logic or reasoning, but just talking out of your head -- "that number seems too large, so it must be wrong"!
My state has hundreds of judges. I daresay they could convince some of these to run an oncall rotation
They probably already do. Most jurisdictions have rotating pager duty. The on call judge is called the duty judge.
Imagine a discussion between cops and judges about secure software engineering without anyone knowing what a pointer is. That’s what legal discussions on HN are like.
I assure you I was under no illusion that it's impossible to reach any judge outside court hours. What I was trying to point out (and what you still seem to not be considering) was the sheer magnitude of the proposal. At some point it becomes a difference in kind, not just degree. Like imagine asking a dev to be on-call a handful of days during the year, vs. one day each week. The former is infrequent enough that many people would manage it fine; the latter really demands that you stop pulling them away from their normal job and start hiring people dedicated to that one.
Now you could try to argue the scale is actually smaller than I expect, and I'd love to see numbers to that effect, but the numbers I've seen so far don't suggest that.
