Facebook, Google and around 20 other internet firms are reportedly set to file a complaint against a decree issued by France's State Council that requires the companies to retain web surfers' personal data for 12 months. According to the AFP, a case is being brought by the French Association of Internet Community Services (ASIC …
If google, Facebook, twitter et al, locked France out of their servers for a week, I'm pretty sure the governments demands would fold in a day, maybe two.
Not so sure...
And this is a right and proper thing to do? Sounds a bit like blackmail to me. 'Your people are so drugged up on our offering that if you don't do what we say we'll remove the drug until you comply'. I thought only Oil companies and Banks did that...
I'd like to know why the French judicial authorities(?) want the information kept. I don't know the detail. The requirement sounds more than a bit draconian especially if they haven't consulted the higher powers in Europe or, indeed, in America and China...
When that great bastion of privacy and security facebook, is concerned that what it is being asked to do with user data retention might be a bit much, it is time to worry....
Why would any web site be storing passwords ?
Why don't the State governments just HACK the data? Make them do their OWN dirtywork!
Forcing ISPs to keep this data means that this privacy data us subject to hacking and contamination and MIM (Man in the Middle) attacks. Governments forcing the annual or 12-month retention of this data are de facto forcing the data to remain "alive" and re-connectable. Probably the only people who will not easily be traced are those who use a new account and location for every transmission and only transmit to ONE contact and never the same type of content to multiple contacts from the same source or locale. But, how many people are THAT SO paranoid/self-protecting as to consider or make use of such self-protection? Info leakers? Spies?
But, still, why should not the government be required to try to crack the data themselves. The various State and military agencies in numerous countries claim to have TIA or total information awareness capabilities. Make them prove it. Unless they can prove it, they have TIA because of state law, not skills. Probably they are bluffing on much of the skill claimed.
Oh, wait, there's "due process" and "speedy and fair trial", at least in the USA. Sometimes, it seems speedy and fair is just to help State burn through case load when it wants and drag on others while buying or biding time to accumulate more information to avoid cases being thrown out on technicalities.
Tunisia in the Arab Spring
So a state/a government HAS hacked and trivially cracked the userID, real name, password, contacts, images, friends - in a time of tension. I'll let you work out the rest.
As a user in France (hey El Reg, you keeping all my info? ;-) ), I would hope like hell that any useful site performs a one-way hash on passwords. Furthermore, what the hell do they need passwords for? If everything else is already available... this just sounds like a data grab for the hell of it.
But then, this *is* the same mob that made HADOPI a law, so I guess we shouldn't be surprised.
Must've read it wrong
Hang on. Did I read this right? *Google and Facebook* have the breathtaking brass neck to complain about violating people's privacy? Now personally I wouldn't approve of any government move to require Internet companies to retain anyone's data - but even aside that, we're talking about an elected and (theoretically) accountable government here.
(Good ol' democracy, eh?)
Who're Google and Facebook accountable to, while they're choosing to harvest and retain *and sell* users' information?
(Yes, I know that if I don't want them to have it I just have to choose not to submit it to them, because they can't *possibly* acquire it without my implicit co-operation. Oh, hang on, though...)