From: TELECOM Digest Editor Newsgroups: comp.dcom.telecom Subject: Can Your Newsgroup Activity be Monitored? Reply-To: TELECOM Digest Editor Date: Sat Jun 3 01:55:00 1995 In some newsgroups of Usenet in recent weeks a discussion has gone on about whether or not law enforcement people and/or other government agents can 'monitor newsgroup reading/posting'. Even a couple of the well known Digest e-zines have had threads on this topic. As to be expected, a lot of paranoia has evidenced itself in remarks by the folks posting to this thread. As to be expected also, a great many Usenet denizens think it just absolutely terrible -- an awful violation of their 'right' to privacy -- that their postings can be examined by persons or agencies or business establishments who wish to make a 'profile' of the persons involved. Aside from the fact that such monitoring is problematic at best, and impossible on any massive, systematic scale at worst as the attached special report will explain, I personally find it quite humorous to read the rantings of people who somehow think thier precious little comments on the Internet should somehow be different than letters to the editor of a newspaper; their buying habits as recorded on the computers of stores, their credit history and lots of other resources available for review under certain circumstances. Somehow, they have forgotten about the countless mailing lists compiled each day, as one example. They seem to have forgotten that government agents are members of the 'public' the same as themselves, and are entitled to read and discuss the public comments of others, the same as themselves. While the government certainly is forbidden to instigate crimes or encourage others to commit crimes (I agree this last part is often times ignorned by over-zealous federal agents), the fact is there is nothing in the constitution at all which forbids the government from oberserving or participating in any **public** event or process. It may all be a moot point, as this special reports discusses. PAT Date: Sun, 28 May 1995 15:51:59 -0400 (EDT) From: Paul Robinson Subject: Monitoring Newsgroup Readings Organization: Tansin A. Darcos & Company - Silver Spring MD USA Someone wrote to me about the possibility of a government or others finding out who reads a particular newsgroup. I said it was impractical because there is so much material that it would take a lot of effort, assuming that a provider even keeps logs, or is even required to do so. This expands on my comments earlier. > Paul: > > I read your post to (name deleted) on monitoring downloads with some > interest. In reference to logging who reads what Usenet newsgroup, > do you know HOW such logging is done? Use the 'man tin' command. There is an 'X' service that allows tin to log who accesses what. Other news readers may do logging also. NNTP can log what process accesses the network from what port, and that can be tracked back to whoever accessed that port via that process, if logs of processes are kept. In short, if they want to collect the information, they can, if they can change the software. That also means they can't collect the information if the software does not do so. It also means if you access news indirectly, they can't collect it unless they log all file accesses. And that again, still points to the one who got the messages. It doesn't tell what happens when they have them if they transport them elsewhere. For example, if they access alt.sex article 102487, they can access it via NNTP by requesting group alt.sex, then article 102487, in that manner. They can also access it by opening or copying file /usr/spool/news/alt/sex/102487 (the name may not be exactly right, but you should get the idea). Or any group: alt.sex.with.children.under.1, alt.binaries.snuff-films, alt.religion.satanic, alt.cult.cargo, rec.rape.how-to.get-away.without.being.caught, misc.bombs.fuel-oil-and- fertilizer,biz.jobs-offered.mercenaries, misc.jobs.wanted.terrorist, etc. If the system doesn't log file accesses, they can't know. Sun NFS allows a file system to be on another machine. Novell allows disk drives to be on different computers. Multi-user systems allow some form of multipack or networked disk drive support. If the file access is authorized, then the system might not log it. Or it might. But if you have thousands of processes all sending material and retrieving it, the logs would be huge. Then, let's say I use a slip connection to hook up to their NNTP server directly, and I download every new article every day from hundreds of groups. If I then store those on my networked system, and then allow people to call my system up, pay me 2c a minute for time spent on line, and allow them to bulk download via Zmodem, any or all messages in any and all groups, and all I log is connect time, there is no way for me to tell anyone what they downloaded if their system keeps the statistics on which articles they have taken. (They can request articles coming in after a certain time, and thus only get new ones.) People send me checks or money orders, for time. I credit their account, then cash or deposit the checks. I don't keep a record indicating whose check is related to what account, all I log is how much time they bought. Or maybe my service is via a dial-up where the phone company sends me a check for each connection. Or a 900 number. They can have one account, or 1,000. As long as I get paid, I don't know or care, as long as I make money out of it. So if I don't keep logs, I cannot tell someone, regardless of threats or rewards, punishment, penalty or bribe, who is doing what. You cannot give information you do not have. No torture in the world can release the unknown from someone. > Would a sysadmin catalog everyone's .newsrc file, or is there a more > subtle way? I guess what I'm wondering is: can a reader achieve total > privacy (such as by renaming .newsrc)? Note: I'm not interested in > monitoring, just privacy. Remember, you're connecting to a computer program. You don't even need the .newsrc file; the newsreader programs will let you read any group, subscribed to or not, that the system takes. All they have to do is monitor what articles from what groups are sent to you, you would never even know, since the monitoring is done unobtrusively, simply by making the program log each user, each group, and each article read. Let's say the law required we collect the information, or we want to. How much would it cost? Let's set up a dictionary. Each time a user runs the program, it looks for them in the dictionary. If it finds them, it uses the count (a 2 1/2 byte number, 2^12) for their name. (We might use /etc/passwd to load the dictionary, but people can be added or deleted by the administrator, or different people added and deleted are given the same number, or shared accounts, or any number of things, or we may be allowing anyone to access the system and need to differentiate between people). So we create a new dictionary entry. We can create a 2 1/2 byte entry, allowing over 511,000 usernames. PER SYSTEM CONNECTED. The newsgroup name can be translated to two bytes, as long as there are less than 65,536 newsgroups. There are less than 15,000 now. That gives plenty of time, since even at 10 new groups a day, it will be 25 years before we have that many. And then we can always toss on another byte and start over until we get to 256*65536 groups, and so on. The time and date can be compressed to .../. .../.-..../ ....-.... ....-../.. .../.-.... ./...-.../. .... Sun Feb 31 1840 26 : 91 : 52 Zone -9 (/ separates fields; space separates 1/2 bytes, - separates bytes). Add on the 2 1/2 bytes for name, and you get 10 bytes. Allow 4 for the message number, 2 bytes for slack, and you get 16 bytes. In 16 bytes I can log each message anyone downloads. That means, on a 1.2 meg disk, I can record 75000 message transactions and fully recover every single usage of the news system. With a 1.44 meg disk, I can keep a small compressed dictionary off-line, or on-line for slightly more. The cost to carry this information is 44c per disk, so with operator copying time, and computer time, let's call it 1c per thousand records. The cost is so low as to be nearly nil. This is what causes the problem of privacy; the logging is easy and cheap, and in a space the size of a shoebox I can store 100 disks, or 7.5 million accesses, cost about $50. On a DC2120 tape costing $15, I can store 60 meg or so, about 4.2 million transactions, so for about 1/3 the amount of money and space, I can store the transactions on 40 tapes, or 2.4 GB, 168 million transactions. The cost then is about $600, including storage costs, and the cost drops from 1c per thousand to 28c per million. But then you can go to 5GB 8mm tapes (before compression, maybe 10gb with compression). Those probably cost $10 apiece, but the hardware is in the $1000 range, but at this point the cost per record is virtually nil. In fact, you could now archive every week's traffic, including the user logs, on about $2 worth of tape space, all 100 million bytes of Usenet news, all usage counts, everything. This means you can not only recover the entire set of message counts downloaded, but know who got which messages, and retain that information essentally forever, for usage that costs an extremely low rate per record as to be virtually nil. Isn't it nice to know that it may become impossible to deny you saw something that someone else doesn't want you to see? All it takes is to have the logging in place and the recordkeeping is trivial. Oh wait; all the logging shows is you got a message. It does not mean you read it, or didn't discard it after reading, or hit the space bar three times or the N key by mistake and not notice, or fall asleep and N through 1000 messages. This assumes I will do it if not forced. Or that I provide the service at all if not. Or that I provide more than exactly what the law requires and no more. Or that I archive my records in an easily accessible place. Or that I don't figure out (or pay someone) to tell me how to get around the law. Perhaps become a common carrier. Perhaps hire someone else to run the service, who has no assets and is judgement proof, to do the work sloppily. How are you going to prove intentional misconduct and simply incompetence, or negligence? How are you going to know to find me if my name isn't anywhere. For all you know, I could be a very famous, wealthy person and have the money to hire people to do the work for me, and even to act as the executives of the companies who do this, and they can all split up the liability so nobody knows who is responsible. It all depends on how hard I want to cover myself. I don't have to do anything illegal. Just do everything exactly by the book, and stick by the precise letter of the law. And if the laws are conflicting (as they often are), gum up the works by requesting clarification, in the mean time, doing it in the least effective way. Perhaps running something through a governmental agency or quasi-governmental one. In some states, all it takes to create a new city is to have the residents of the area in question vote to incorporate. So maybe me and 10 other people decide to incorporate the "City of North Silver Spring, MD" and as it happens, it just happens to corresponde exactly to the property lines of the 10 houses here. Maybe because of a quirk in the laws there's no minimum size for a city. And we allow any resident to vote. So maybe I turn my house into the Mayor's residence, and the City Hall, and stop having to pay property tax on it. And the other residents of the City - all friends of mine who bought their houses here and are in on the deal - keep reelecting me in a landslide election every year. I run for office, and nobody else bothers (nobody else wants the unpaid job), and the other 10 people are the city council, so we create our own laws, and we might pay the local county police to patrol the area as we did before, or we appoint, under the laws of the state, a couple of people to be police officers, and they pay the cost of changing their personal vehicle to a police car, to patrol the area. And maybe the county handles 911 since they get the revenues, and we simply get a call when someone has a problem, or I have a phone line and maybe a $3 an hour person around the clock to answer the phone for the "Police Department". So now, the city grants an exclusive franchise to an internet provider to this one company, or starts it themselves. Since the customer can invoke the 5th Amendment against this government agency, it can refuse to give any information not mandatory, and we can be required to accept applications without identifying information. You can't give out information you don't have. Or let's say I don't go through all that trouble, and just run a provider, and figure it's less trouble to do this since the government will pay for it. Of course, if a government agency wants this done, they're going to have to pay me a lot more than cost, and if they won't, I'll just not do it if they won't pay the $1 per transaction on the tape. This assumes that I even have the logging done. If they won't pay for it, then I'll invoke the 5th Amendment's right not to be forced to provide my private property without compensation, oh, say, $50,000 a month, plus transaction costs, plus anything else I can lard on. If they won't pay it, and the courts rule I can't invoke the 5th Amendment to charge them for my records, or can't claim them as confidential company property, I can always move my server to Canada, Mexico or someplace else, and simply have a telephone company supply me with an incoming FX line from someplace else, or possibly put my service in one place, that sells it to one customer, and they sell it to another, who sells it to another, who sells it to another, and so on, who sells it to the public. Then whoever wants it has to subpoena me to get my customer's records. So I provide them with a binary dump of 50,000 records covering one access of all articles on Usenet for one day (100 million characters of approximately 2K per article average. Assuming I have records). And then they have to find where the customer is. I just take a cash payment for that customer's access, I'm sent a money order or a check, I don't keep logs of who sent me the check, and I don't always deposit them in a bank, sometimes I cash them with friends, or pay bills with them, like my electric bill, or gas, or telephone, or my Internet supplier. So they have to go ask Pepco to come up with its bank records for last month, to determine which of the 20,000 checks a month was a payment from me, as well as the gas, telephone, and Internet supplier, and get a subpoena for all of these, and plus find which one is mine, assuming I didn't use the money to pay my credit card and perhaps charge it to that, or maybe it was paid by credit card from a friend of theirs as a wire transfer via Western Union or via Money Order or Travelers Check, which was bought over the counter at a bank for cash. Yes, all the paperwork is there, but it doesn't tell you who bought it. Just where they bought it. Or what name they used, if there even is a name. Nothing says my records have to indicate names; people may simply write account numbers. So maybe they have to trace my phone lines to find the party. This assumes that they have an order forbidding me from telling the party in question. So maybe I go into court and make a big public record filing to exclude the government from forcing me to trace the calls of ACCOUNT NUMBER 65032 PERSONAL NAME ALLAIN W. QUARLES, on the grounds that the government is not compensating me for the cost and inconvenience. I haven't told anyone anything, I just invoked my rights under the law. Or maybe I declare bankruptcy because the cost is too much, and I sell my service to a new company, that now has to be subpoenaed anew. Or the first company sells it to another just before the subpoena is to be served, and now the new company requires a new subpoena. If they can find where the new company is, since it has no permanent address, using several addresses, all over the county, the state, or the country. Or it's sold to several companies piecemeal, and so on. So maybe they track the customer down, who has not done anything illegal. I can sell anything to anyone and do not have to keep records, ask a hot-dog vendor or a grocery store how often they get customer name and address for each sale. As long as I am paid and I deliver, who I sell to is irrelevant and I am under no obligation to find out who they are. In fact, if I know nothing I'm in a safer position; I can honestly claim total ignorance of the customer if he turns out to be paying me with money they got from a drug deal. I can't be forced to forfeit my income because I received it from someone who got it in an illegal manner; I had no way of knowing. This assumes they can even trace my income, since I need keep no records. I only have to be able to show whatever expenses I receive for whatever I declare. I am under no obligation to show where I got my income from, only what I received, if I am even under an obligation to do that. So maybe I say I made $3,000 one year. It's not my responsibility to prove I made that much. Nor am I under any requirement to prove that is correct. If I make a statement knowing it to be wrong, in theory I can be prosecuted, but they have to show that it was intentional, and was intended to commit some crime. And they have to do that within a certain time frame. Assuming that I even have to say anything. If I make less than a certain amount of money, I don't even have to file a tax return or keep any records at all. Or I can incorporate, split my operations into separate corporate entities, and have each make a small amount of money. Each must be subpoenaed separately as long as I comply with the requirement to operate each as a separate corporate entity. I can follow the exact requirements of the law, and keep exactly the records precisely required - which may be zero in some cases - and do no more than the law requires. All I have to do is figure out how much trouble it is to do things. As long as I follow the rules and obey the law, they can't pierce the corporate veil and come after me personally. Or maybe I decide it's cheaper to break the law. Let's say that a particular recordkeeping system will cost me $40,000 to implement, but, if I get caught, the penalty for not keeping the records is $50. Okay, then, I don't keep the records, if I get caught (which may never happen), I pay the $50 and forget it, saving $39,950. Or maybe it's $5 a day. If it costs $4,000 a year to obey the law, $5 a day is less than $2,000 a year. Or maybe, every year a neighborhood firebug burns down my records just before tax time. If I can't reconstruct my records, I have to go by memory and may lose some deductions. Who would know that I hired the guy to burn leaves in my yard and he "accidentally" destroyed all my records. The only requirement I have - if it even is a requirement - is to have paid the correct amount of tax. If I overpay income tax, I don't even have to file a return for 3 years if I want the refund, and it's only failure to file if I'm required to do so. I'm not sure what the law is. Maybe I don't have to file if I'm owed money, if I don't want it back. Or maybe I do. Or maybe I can file a return, and invoke the 5th Amendment on each question. After all, I'm not trying to evade the law. I am trying to comply with the law exactly as written. If a tax return is required, then it is a mandatory document, the equivalent of compelled testimony and the information cannot be used against you in a criminal case. But the document can be used to incriminate you for perjury, so you can refuse to answer a question if you think you might perjure yourself. Especially if you don't have the records to show what you are claiming. But I know people have been prosecuted and the information on a return has been used against them. That can mean only one of two things. Tax return filing is voluntary, and you don't have to file at all (that might be right, since the IRS says the system is based on 'voluntary compliance'), or the form, if you're required to file one, is mandatory, but the information supplied on it is not mandatory, in which case you can file the form, but take the 5th Amendment as to every question. They cannot have it both ways. You can't be compelled to provide testimony which may be used to incriminate you. Nor can you be compelled to provide information you don't have. The law can't require someone to keep records, it can only disallow deductions you don't have or provide penalties for not doing so. And if you don't have records of income, then you can say you can't provide the information because you are not certain of the accuracy of the records, and cannot give a precise answer which would answer the question without committing perjury. The law can't even require someone to read or write. So maybe they do find my records, they go through a long process, and guess what is discovered? My customer is located in Canada, so they have to go to Canada and get a judge there to order them to tell them who his customer is, they start all over using the laws there. Eventually, maybe they find out his customer is in Mexico. And again, all over again, if they find him, they find out his customer is in the Netherlands Antilles, where you can't even find out who they are, and their customer is in London, whose customer is back in Canada again, whose customer is in the U.S., and eventually track it down to random pay phones in New York City. But they have to go through the whole chain to find where the records are. None of us has to hide anything or do anything illegal. All we have to do is make the chain so long that the expense to get the information costs more than the information is worth. And if I don't know where the stuff goes, they can't make me tell them anything. Especially if I simply get friends that I do not know where they are to do these things for me. In short, controlling information is futile as long as those who have information can transport it elsewhere so that they have to start over to find out where it's going. And sooner or later I can break the requirements down to either be a service operating only in intrastate commerce, which need not follow federal laws since they don't apply, or be too small to be applicable. Does a provider with one customer have to keep records? A provider who buys from a provider in the same state, and sells to a single customer in the same state? We're in intrastate commerce again, and the Federal Government has no jurisdiction and the laws don't apply unless there is a Federal interest. All I have to do is find out how to cut the coverage and size so narrowly that federal law isn't triggered at all. No law coverage means no liability for failing to obey a law that doesn't apply to me.) The Interstate Commerce Commission ruled a railroad operating in only one state does not have the ability to get an ICC license and evade the state laws since the railroad does not operate in Interstate Commerce. A recent Supreme Court decision said that a law banning guns near schools is beyond the power of the Federal Government, since Interstate Commerce is not everything in the country no matter how small. Or maybe I can claim the requirements are so burdensome that they violate the right to contract, since it costs me $5,000 a month to keep records that I'm not being reimbursed for, that I can only sell the service for $500 a month. The courts upheld this in a case where one of the parties was City of Anaheim. A law requiring a newspaper - The Press - to have a business license, which made it impossible to sell a newspaper for 5c a copy in order to cover the cost of operating a publication that wasn't making a profit, was held to be unconstitutional as a restraint on the 1st Amendment. Or, I can shrink jurisdiction to interstate grounds by setting up a site in each state. Each user calls up a server in a state other than their own, and that means a local court can't subpoena the server they are using because it's just a pass-through system, it doesn't have anything except the ability to transfer a call, and that's all the records it keeps. And maybe it uses a call-forwarded number that terminates at a different place, so the phone company records don't always show where the call is going. And maybe runs though a network provider that provides leased lines or a virtual network. Sometimes the extra routing might not even cost anything, since we might already be using the bandwidth for other things. Maybe using time on other people's computers such that they need a new warrant or subpoena on each site. And since they are the company's records, we can encrypt them, and just happen to forget the decryption key, or have a buggy copy of the system. Or we refuse to release on the grounds that the encryption key would violate our right under the 5th Amendment to not incriminate myself, since I may have included criminal incidents in those reports. But to even tell why I would be incriminated would incriminate me, I don't even have to say why! So they'd have to give me immunity, and I can simply stall that by requiring an appeals court to clarify exactly what the immunity covers. I've got good grounds. Mr. Walsh was the prosecutor on Iran-Contra, and it was his opinion that immunity only covered a yes-no answer, not to an explanation. So I simply take the 5th unless granted immunity, if the grant doesn't cover it, I take the 5th since you don't have immunity in the way the question is asked. I can ask for each question to be repeated, and then repeat back the question to make sure I carefully answer the question in order to be certain I don't perjure myself. This wastes court reporter time. If the question is long and complicated, I can simply ask the prosecutor to simplify the question since I do not understand it. I can ask him to explain each and every word so that I understand it. I am under no obligation to perjure myself by misanswering the question and causing myself to answer incorrectly. And I can do this for the explanation. Until I do understand. It is not my responsibility to understand the question, it is the questioner's responsibility to enable me to do so. For example, let me try one. Question: Were you rude to Dr. Quarles? Answer: (Silence) Q: Your honor, will the court instruct the witness to answer? The Court: The court directs the witness to answer the question. A: (Reading from paper) Your honor, if it may please the court, I respectfully request, without waiving any of my rights under the Constitution of the United States or any other state, whether I may be permitted to ask the court for direction? C: Yes. A: Your Honor, am I required to answer the question? C: Yes. A: Without showing any disrespect upon your honor, I wish to understand what will happen if I do not do so, and I repectfully request to be informed as to what the penalty is if I fail to do so? C: You will be found in Contempt. You may be fined or jailed, or both. A: May I be prosecuted for the answer if I provide an answer which would incriminate me or provide information which could be used to prosecute me? C: Yes. A: I respectfully decline to answer under the provisions of the constitution of this state providing the right not to incriminate oneself. (Each state provides this in addition to the 5th Amendment.) (So they issue an order of "use immunity" in order to prevent me from being prosecuted for what I say, but I can still be prosecuted if they find it out from some other source.) C: You are now instructed to answer the question. A: Your honor, I must respectfully decline to answer under the provisions of this state providing the right not to incriminate oneself. C: You were already granted immunity, you are instructed to testify. A: Your honor, I am under the impression that there is a concept of "dual soverignity" which means that this state may prosecute me for a criminal act, and that the Federal Government may do so also. Therefore, am I to assume that despite the two governments being soverign, that the Federal Government can grant me immunity under the state constitution when there is no evidence showing me that the state has consented to do so? C: (Let's say he says 'yes'. If he says 'no', then I take the provision until a state official grants me immunity. If he says yes, I ask what the provision of law covers this, so that I may understand that I have been properly granted immunity, and that I may be fully aware that the provision covers me in this case.) A: Does this include any state where any incident occurred, or does include only the state where this trial is taking place, your honor? C: (Let's say 'yes' again. If 'no', then I take the provision in each state I visit where I may have a fear of prosecution.) A: Very well, I respectfully invoke the 5th Amendment. C: You already have immunity. Answer the question or be held in Contempt. A: Your honor, I explained that I asked for immunity under the provisions of the state constitution. I did not ask for immunity under the Federal Constitution, and the document does not indicate this (or if it does, I do it any way, saying that I want to be absolutely certain that I am immunized, that I understand what it covers, and that I know that I will not be subject to prosecution.) And to make it clear I am not volunteering the information, I am being compelled under duress. C: It is evidently clear that you are being compelled to answer. Please do so. A: Will the court please instruct me whether this is transactional or use immunity? C: Use Immunity. A: Will your honor please explain the difference that I may know exactly how this works, as I do not understand and do not wish to place myself in jeopardy by accident by providing information in a manner that causes me to provide it in a non-immunized form which could be used against me. So they cover all this. I ask for the question to be read back. Maybe I ask for immunity again because in order to ask for an explanation I might incriminate myself, since this is use immunity, not transactional immunity (a nice little scam where they can use the information if they get it from somewhere else). Maybe the judge gets disgusted and finds me in contempt. So now, I can go to the appeals court and get a ruling. Or maybe I don't understand the question at all, and ask that it be explained, such as asking for the definition of 'rude'. And so on. So, ten hours later, the first question is simplified back down to: During the period from 12:01am to 12:00pm on the 20th of November, 1994, did you act, say or do anything in a manner which is unacceptable to other people as being not polite conduct, in which said conduct was directed at the individual seated in this chair, who is known by the name of Allain W. Quarles, such conduct consisting of slamming him against a wall and threatening to twist his arm if he did not apologize for bumping into you and saying, 'Get the Fuck out of the way, Asshole'? A: No. Q: I have witnesses that say you did. A: I must invoke... C: You're already immunized. Say it. A: They are wrong. Q: How? A: I must invoke... C: You're immunized. Say it. (On a tape recorder, to save his breath.) A: That was not what happened. Q: How was it different? A: I must invoke.... C: You're immunized, Say it. A: At no time did anyone say those words. Q: what was said. (and so on, invoking the fifth) A: The words were 'get the fuck out of my way, asshole'. Once I get a really simple, easy to understand question, that I can answer yes or no to, that I have been properly immunized, that I am capable of answering the question and I can understand it, then I will answer the question with a yes, or a no. Which can take hours by being certain I can answer the question correctly, without misunderstanding it, without committing perjury. Nobody can be forced to do things against their will if you don't have a gun or other killing or torturing method on them continuously. You can kill them, but you can't make them want to do something. You can destroy their will, but you might not prevent them from committing suicide also. -- Ask me about Listmgr - the first PC-Based mailing list manager for E-Mail. Find out about "The Gatekeeper: The Gate Contracts" - Write to address below. Paul Robinson - paul@tdr.com / tdarcos@MCIMail.com / tdarcos@access.digex.net "The Greatest Philosopher in the World, maybe the Greatest who ever lived."