This is all mute: (i) the communication has been affirmatively determined, in whole or in part, to constitute foreign intelligence or counterintelligence or is necessary to understand or assess foreign intelligence or counterintelligence;
Item I probably is intended to cover FISA warrants. Which is what the NSA has been using to get info from companies already. So I read this as they can keep the communications indef if it is encrypted or they have a FISA warrant, FISA warrants are already NSA general procedure for getting everyone's emails and call records. ----------------------------------------------------------------------------------------------- -ITG (ITechGeek) i...@itechgeek.com https://itg.nu/ GPG Keys: https://itg.nu/contact/gpg-key Preferred GPG Key: Fingerprint: AB46B7E363DA7E04ABFA57852AA9910A DCB1191A Google Voice: +1-703-493-0128 / Twitter: ITechGeek / Facebook: http://fb.me/Jbwa.Net On Sun, Dec 14, 2014 at 9:57 PM, Mirimir <miri...@riseup.net> wrote: > > On 12/14/2014 10:39 AM, Tim Mitchell wrote: > > Morning all, > > > > > > If no one has yet seen Section 309 of US HR4681, it contains > > some very dubious language that sounds like it is legalizing > > indefinite government retention of encrypted communications. > > The text is as follows (Section 309.b.3.B.iii): > > > > (B) Limitation on retention.--A covered communication shall > > not be retained in excess of 5 years, unless-- > > .... > > (iii) the communication is enciphered or reasonably > > believed to have a secret meaning; > > Based on Snowden releases, this is SOP. And in any case, it's clear that > the NSA ignores civil law, given that the US is at war. Always. Forever. > > > This might be going out on a limb here, but "enciphered" > > and "reasonably believed to have a secret meaning" could easily > > be interpreted to apply to any and all encrypted Internet > > traffic, including Tor. > > We know from Snowden releases that they retain as much intercepted > traffic as they can, for as long as they can. There's recursive triage, > based on context, occurrence of keywords in metadata and content, > flagging by analysts, and so on. Over time, less-interesting content > gets decrufted and chunked, and eventually deleted. But metadata is > retained indefinitely. > > For encrypted (aka enciphered) intercepts, there's no readily > interpretable content. So triage must be based primarily on metadata and > context. And it's arguable that encrypted intercepts of particular > interest (from Tor and other anonymity networks, VPN services, extremist > websites, and so on) are retained indefinitely. > > > I'd be curious as to what experts in this area think about this, > > and how to go about raising awareness if this is indeed as > > serious as it sounds to me. > > Tor traffic among clients and relays is encrypted with perfect forward > secrecy, so retention is not a very serious threat. Each chunk of data > is encrypted with a different session key, and so is a separate puzzle. > Learning a particular Tor relay's private key does allow an adversary to > impersonate the relay. But it doesn't compromise prior traffic through > that relay. > > > Full text of the bill can be found here: > > https://www.congress.gov/bill/113th-congress/house-bill/4681 > > > > > > > > Thanks, > > Tim > > > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
