cross-posted from: https://lemmy.ml/post/1874605

A 17-year-old from Nebraska and her mother are facing criminal charges including performing an illegal abortion and concealing a dead body after police obtained the pair’s private chat history from Facebook, court documents published by Motherboard show.

  • WindyRebel@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 year ago

    Are you saying that the individuals who run these servers and instances aren’t subject to the same laws? I read the article, and Facebook complied with a court order.

    You don’t think anyone running Lemmy would do the same without access to lawyers and capital like Facebook has?

    • GenderNeutralBro@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Lemmy promotes using Matrix, which is a separate service, so instance admins don’t need to be in the business of hosting private conversations.

      Matrix is end-to-end encrypted so even the admins of your Matrix server could not provide your chats to law enforcement.

        • b3nsn0w@pricefield.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          It’s not really possible as long as Lemmy is a website. E2EE works on Matrix because it’s an app, and therefore it can manage your encryption keys in ways a browser cannot do for you. (You can save things in the client, but not in a reliable enough way for something like the master key for every communication you ever had that if you lose you get locked out of all your chat history.) In the case of Lemmy, the signing keys for your federated actions are handled by the server, which is perfectly fine for 99% of what you use Lemmy for (public posts and comments), but it also means that even if they implemented E2EE for chats, the keys to decrypt the convo would be right on the same server.

          That’s why Lemmy actively pushes you to set up a Matrix account, because Matrix makes better tradeoffs for the purposes of messaging, while Lemmy’s tradeoffs are more relevant to a link aggregator style social media.

          • sugar_in_your_tea@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 year ago

            Matrix is also a website and you don’t need an app to use it. The first time I used Matrix, I didn’t use an app, I merely signed in on a browser window (in my case, Mozilla’s instance). I first signed up on my work laptop, then later signed in on my desktop and had to confirm the new account on my laptop before my desktop would work with the same account.

            The more devices it’s on the better, but it’s totally usable with just one web client. I now also have the phone app, but I didn’t at first.

            If Matrix can do that, lemmy can as well. It would probably degrade the user experience because you’d need a decryption step for every post and comment you load (just like loading a new Matrix room), but it is technically possible.

            I’m not necessarily asking for every comment to be encrypted, I just think it would be a good idea for DMs to be encrypted using keys the admin doesn’t have access to. It would be cool for communities to allow encryption as an option as well (i.e. all posts and comments would be E2E encrypted to all members, and not viewable unless you join), but it shouldn’t be the default everywhere.

    • LeZero@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      Do you have to run your lemmy instance in the US?

      Maybe do it in a less backward place

      • Brownboy13@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        And how can we be sure that all the instances federated with any instance we participate on aren’t run by law enforcement themselves? I’d be surprised if there aren’t running instances by every major investigative agency themselves.

        • 🐱TheCat@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          This is why everyone should take steps to protect their privacy. You don’t have to go 0-100 overnight. Just audit yourself and do a few things now. Keep those habits up. Then audit and add a few more things, repeat.

          I need to do this myself, I’ve been slipping

      • kevincox@lemmy.ml
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        Almost all countries have similar systems for obtaining evidence. These people were criminals, they broke the law and the legal system worked as designed to bring them to “justice”. Meta was just a pawn here with very little influence.

        If this story was about a murder rather than an abortion people would think that Meta did the right thing to bring the murderer to justice. As I see it the problem is that people disagree with the law and are using Meta as a scapegoat. But you don’t fix stupid laws by having corporations go vigilante. I’d rather not have billionaires coming up with their own set of laws, that is a recipe for disaster. I think we need to fix the laws, which will fix the root cause of this issue.

        Also use E2EE for all private information, cryptography can’t be compelled to reveal your private data by a court order.

        • LeZero@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          1 year ago

          Do you think people who collaborated with dictatorial regimes should be excused? Because they followed the law?

          Why didnt Meta implant E2EE on their private chat service then?

          • kevincox@lemmy.ml
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            This is what I can agree with. We could blame Meta for encouraging people to give them data. Messenger does actually have E2EE encryption (apparently) but it is quite hidden and limited in functionality. If they made it the default this wouldn’t have been a position they ended up in, and they could have responded to the warrant with “We have no information matching this request.”