cross-posted from: https://lemmy.ml/post/1874605
A 17-year-old from Nebraska and her mother are facing criminal charges including performing an illegal abortion and concealing a dead body after police obtained the pair’s private chat history from Facebook, court documents published by Motherboard show.
removed by mod
Welp! So much for using facebook
How’s that end-to-end encryption working out?
Doesn’t matter if the company doing the e2e can get your messages.
That sounds more like e2e2e!
but fb messenger is not e2e encrypted at all. If the company is doing e2e then they can’t read your messages
This is true, FB messenger is as open as it will get with seeing your messages, WhatsApp is dubious too so either Signal or Session are best e2e messenger apps imo.
I have never heard of them, are they social media apps?
The two apps I’ve mentioned are exclusively messenger apps. Think of Facebooks messenger but more secure with no big company servers looking at your chat and messages.
It is if you enable secret messages for a conversation, I believe, but not the default chat mode. In either case people should use other apps.
but only on mobile apps afaik. So if you use it, be careful
I noticed the article me tioned that the women told the police that they communicated over Facebook Messenger. I wonder what prompted them to spill the beans, or if they were unaware of the implications of telling them how they communicated about the situation. If this is true, it doesn’t sound like the police is sending warrants for everyone online to request their data, but it still makes me very cautious about unencrypted messaging
Terrible from Facebook. Wow.
This is to be expected from Facebook to be honest. People should drop it despite connections.
Just as an FYI, since it seems like a lot of folks are just reading the headline and not reading the article:
-
This article was written almost one year ago, so this is not a new development.
-
This alleged offense occurred before any changes to local abortion laws (Nebraska in this case) were made, meaning this is an incident that would have still been illegal under Roe.
-
Meta was served a legal subpoena requiring them to turn over all the data they had. Whether that data should have been E2E encrypted is another debate entirely, but they didn’t voluntarily disclose anything.
-
The charges were pressed as felonies, meaning that they were considered illegal at the federal level, and so state jurisdiction did not matter for the purposes of this subpoena. -
Even under California’s current sanctuary status (where Meta is headquartered) which protects out-of-state individuals seeking abortions, this was a late-term abortion at 28 weeks, which is still illegal under Californian law.
-
To contextualize that for our friends in Europe, this would have been illegal in every EU country, too (short of it being needed as a life-saving intervention, as in most of the US), so this is not a US-exclusive problem.
While this is a mostly great post, I’d point out one error:
The charges were pressed as felonies, meaning that they were considered illegal at the federal level
Felonies exist at both the Federal and State level. Just because something is a felony, does not mean it moves to Federal jurisdiction. And this case appears to have been filed in the Madison County District Court which is part of the Nebraska Judicial Branch. The cases themselves can be found on the District Court’s Calendar though you have to put the details in yourself. The cases IDs are CR220000175 and CR220000132 against the woman and her mother respectively. Getting the court documents themselves appears to require paying a fee to do the search and I don’t care enough about a random comment on the internet to pay for it.
There seems to be one document uploaded here which shows the charges against the woman. And this shows the sections of Nebraska State law under which the woman is being charged. Of the three charges, only the first is a felony. Specifically it’s a Class IV felony under Section 28-1301 of Nebraska State Law. And that law concerns moving buried human remains. The other two charges are misdemeanors for concealing the death of another person and lying to a peace officer.
tl;dr - Felonies exist at both the State and Federal level and jurisdiction is dependent on which laws (State or Federal) are at issue.
Thanks, that was a gap in my knowledge. I’ve edited my post to redact that element.
I had meant to do that much earlier today when I first saw your comment, but the fallout from our instance’s recent oopsie appeared to have been preventing me from editing/writing comments. Hope late is better than never.
-
The two women told detective Ben McBride of the Norfolk, Nebraska Police Division that they’d discussed the matter on Facebook Messenger, which prompted the state to issue Meta with a search warrant for their chat history and data including log-in timestamps and photos.
Here is an alternative Piped link(s): https://piped.video/watch?v=d-7o9xYp7eE
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source, check me out at GitHub.
Also don’t talk about crimes you commit via any messaging app ever.
I don’t particularly like Facebook but…
If a country makes it legal to criminally prosecute girls who seek an abortion, and the same country makes it legal to allow police enforcement to demand tech companies to handover their data, maybe the problem is the country and its laws, more than Facebook.
You’re not wrong, but Facebook made no effort to fight the issue and simply handed over data they never should have.
They never should have? Messenger saves the history on the servers, that’s how that works. How do you think the fireworks would look if users logged in on a new phone or machine and had no chat history?
There are ways it could be stored encrypted, but if that’s a wanted feature they provide WhatsApp
Edit: but this is also why e2ee is so important, and why security experts tell people to use e2ee if possible. At this point, at the top of my head, it’s WhatsApp, signal, I think matrix, and sorta telegram that provides.
Why should they make an effort to break the laws of countries they do business in? If they don’t like the laws, they shouldn’t do business there.
I really don’t blame Facebook for not jumping into the abortion debate and martyring themselves. If people don’t like the abortion law, or the law that compels facebook to give this information to law enforcement, they need to make that known by voting for representatives that feel the same. Facebook taking a fat lawsuit to the face isn’t what’s going to change things there - it’s women realizing it could happen to them, it’s men realizing it could happen to their wife/girlfriend/daughter.
they need to make that known by voting for representativea that feel the same
Be nice if it was that simple, but the democratic system itself is broken. We have presidents that come in power while losing the popular vote. We have states that gerrymander their districts to reduce the value of certain demographic’s vote. We have supreme court justices with life terms that are interpretting laws with political bias. Unfortunately, it is getting less and less likely that America is going to improve by working within it’s systems because the system is clearly stacked against us.
If it’s broken, fix it. Facebook won’t fix it for you. (and fuck facebook) So many f’s
It’s complicated. Yes, the country is going to shit, but it is also due to meta’s “Big brother-like” data collection in the name of profit margins.
As mentioned in the article, Facebook could remove itself from this problem by not collecting data that could possibly incriminate people. The reason why they were able to hand over the data is because they were collecting their private messages.
And why wouldn’t they? Make yourself invaluable to law enforcement and the 3 letter agencies and they will always have your back.
Well, they sort of have given the option, with WhatsApp. Which has had full e2ee since 2016, using the signal protocol.
Adding default e2ee on messenger is probably a bit trickier, due to the structure (web client, history saved on the server, and so on)
casual european here. YEP!
Both can be wrong. The law can be bad and the people under orders (as if one of the worlds biggest corporation can be ordered to do anything by a small town judge) can also be bad.
Absolutely. Systems not people.
Isn’t this just “Facebook complied with court order”? I dislike their data hoarding like everyone else, but I also think Facebook doesn’t get to decide to ignore court orders.
Facebook does get to decide how they store and encrypt their data. Apple and Signal have received court orders in the past, they did comply with, but there was just nothing than meta data zu turn over.
This is the corrrect answer
It’s not so easy. The fact they are harvesting so many data makes you vulnerable to law enforcement. If you use a service that doesn’t harvest data and where you can manage these data’s, you will have less tracks.
It’s like putting all your money at the same place. If the bank go bankrupt, you risk a lot.
Oh, I fully agree the mother and daughter should have used a platform that doesn’t harvest data. Facebook is famous for harvesting every scrap of data it can, and abusing it for as much money as they can. Zuck has no conscience whatsoever, and has proven to value money over lives.
And as such, he can’t use end to end encryption, as it would prevent him from abusing the content. Everyone should be aware their messages on Facebook are one warrant away from publicity.
Yeah, there are plenty of things to be outraged with post Dobbs but this isn’t one; Lemmy really just seems to be in a “let me show off that I’m more liberal than you” growing phase.
It was at 22 weeks beyond most states pre-Dobbs limit (and all but 2 places in Europe), her mother illegally procured and provided abortion pills without medical consultation or supervision and then they tried to burn and dispose of the stillborn fetus. Abortion is safe when done properly, this wasn’t done properly and the idiot mother legitimately put her daughter in danger. They also openly told police they planned it on messenger, in direct violation of “shut the fuck up friday” and did not use messengers “private” mode which would have rendered Meta unable to comply with the properly issued court order. The bottom line is this is the extremely rare case that gives any shred of credibility to the pro-life crowd and should be denounced by all.
You can think the mother and daughter should face consequences AND at the same time think it’s beyond disgusting that facebook even has this info to begin with AND that they handed it over so easily.
The problem isn’t that “facebook followed the law” – it’s that they knowingly created a situation where they could follow the law to begin with. If they would stop collecting so much data and just encrypt their chats, there would already be less of an issue.
I think people have the tendency to think like “well I have nothing to hide, so who cares?” or “well in this case I agree with what happened, so it’s fine.” But laws get changed all the time, government changes all the time. And when a dictator at some point changes some laws, suddenly facebook is ‘following the law’ by giving law enforcement information on who is atheist, or gay, or what books you like, what your political opinions are, etc. They’d still be “following the law” – but just because something is law doesn’t make it right and imo it’s terrifying that companies who have so much money and power (and with it you would hope: responsibility) don’t seem to have any scrupules regarding working with government/LE.
Sir, this is a Lemmy’s.
“Why should I care about my privacy? I don’t do anything illegal.”
Hmm? Do we now acknowledge that laws and public perceptions of your actions can change with time, and that you may one day become a “criminal” for continuing behaviors that were once legal?
To preempt the “but it should just be legal” whataboutists: Of course it should just be legal, but “criminal charges” suggests that it isn’t, and privacy helps you not get caught. Furthermore, this issue contains but is not limited to abortion. It’s time that “normal” people wake the fuck up and get on board with privacy rights.
Similar to this one from a few days ago, granted Reddit is trying to do the right thing here but I think it’s clear the Overton window on free speech has shifted
Reddit good guy?
This is exactly the point I’ve made to friends and family. They complain I’m not on social media like they are and it makes it more difficult to connect with me on things, but I refuse. I will not use services that blatantly disrespect my privacy.
Same, They treat me like some tinfoil hat conspiracist because I refuse to sign up for social media.
and all the links to news stories showing how these companies abuse that information, like in the above news story, are met with handwaves and eye rolls… Cause they wont care or listen until the leopard eats their face.
Employers and romantic partners can be especially put off if they can’t find any trace of you online. And if they really care, they’ll dig harder to find that time where you declared bankruptcy, or you got arrested for public intoxication, or where someone deep in your past said something negative about you, and that’s all that will stick in your mind when they think of you.
For me personally, having a simple, but relatively barren social media presence is worth it to avoid the persistent diggers, who will find something about you if they don’t see anything public.
And besides, everything about most of us is already stored in Apple or Google’s datacenters. There’s no hiding from the deeply intrusive data collection those companies do. So having some simple information out in the open is likely better for privacy in some ways.
If you disagree with my take, that’s fine, I just wanted to give another perspective.
Employers and romantic partners can be especially put off if they can’t find any trace of you online
Good. I dont want to be involved in anyone that obsessive over social media.
It’s not that they’re obsessive over social media, they’re just used to being able to simply look up general information about people online through social media sites. And if you don’t present anything for them to find, it often encourages further digging.
But you do you, I’m not trying to change your mind.
I know, I have no social media and just left reddit too. I hate it when I hear that not being on social media is a “red flag” in the dating scene. But I guess I wouldn’t want to be with someone who cared so little about privacy anyway.
Posting “I have no social media” on lemmy. I guess lemmy is antisosial media
Sorry to say, it’s not disrespect. It’s a contract. You want to connect, you sell off your ~~soul ~~ data.
THIS SERVICE IS NOT FREE OF COST. is not plainly written in the contract, but here they are; “disrespected”.
Laws are such that everyone breaks at least one every single day, which allows for elselective enforcement.
Do we now acknowledge that laws and public perceptions of your actions can change with time, and that you may one day become a “criminal” for continuing behaviors that were once legal?
I’ve been making this argument for years. I know I’ll be on a list if my country slips into fascism, as it appears to be hell-bent on achieving during my lifetime.
Filing this under my increasingly long list on reasons why to never record personal information in any messaging or social media app except signal
Remember: This is the company that wants to federate with our communuty-run instances.
For all of those saying Facebook was just complying with the law- there is absolutely no reason for Facebook to have access to its users’ private information. The company I work for can’t do anything with a customer’s account unless they give us the password. We can’t see anything they have saved there. All of the private stuff they have is private and even if a court ordered us to show it to them, we literally couldn’t comply.
We’re a small company and we can do it. A company the size of Meta can certainly do it.
You can do it because you’re a small company. Get enough attention, and the FBI will force you to decrypt on demand. They’ve done it before and the supreme court backed them up. Do it over seas and expect your US traffic to get blocked, if they don’t raid your offices.
That is untrue. The FBI tried to get Apple to decrypt a shooter’s iPhone in Florida a few years back and they wouldn’t budge.
This isn’t quite right…
Apple didn’t have the means to decrypt the information, but it was within their ability to do (by writing code to do so.)
But asking a company for the unencrypted data, and forcing a company to produce a new application, are completely different things.
Apple didn’t have the means to decrypt the information, but it was within their ability to do (by writing code to do so.)
Happen to have a source for that? That’s nigh impossible for most encryption
E2EE is what prevents this, which is why the TLAs hate it and legislators are trying to prohibit it.
WhatsApp, Signal and Telegram don’t have that issue.
Signal yes, WhatsApp yes but not the meta data, telegram only if explicitly set to encrypted otherwise no.
Because they have a back door due to cloud storage.
Can’t you just look at the data in. The database though? No need to login as the user. Surely not every field is hashed
Hashing is not reversible so obviously it is not hashed. You hash data you want to compare later to see if it is still the same. For example you may hash user passwords you store in your database. So you don’t know the actual password, but can confirm later that the same password is still being used. You know or can infer someone is storing your passwords in plaintext when they have a maximum length as that indicates they are not correctly hashing.
It is however possible and even easy in many databases to do row or document level encryption. Many privacy first applications do client side keys and encryption so the database does in fact have no plain text in it.
That’s a good point and I don’t know the answer to that (my guess is encryption is involved), but as other people have pointed out, Facebook has an alternate encrypted messaging service, WhatsApp, so Facebook is clearly capable of not being able to access its users’ messages.
Wasn’t there strong evidence Facebook has a built-in backdoor to their encryption?
Yeah, based on Signal’s protocol. Signal is the only messaging app I use.
You are the product. Are you paying money for the service? No? Zero expectation of privacy.
We enable them to make profit via ads and data harvesting. Private texts/DMs do not need to be involved in that.
removed by mod
To be fair, I’d imagine there’s a wealth of data to plug into their AI models from private chats.
I’d imagine it’s hard for them to resist the temptation
What the fuck, Facebook?
Yeah no shit, they’ve been don’t this in authoritarian countries from the beginning. Surprise, they’ll do it here too. shocked Pikachu face
Just because it’s expected at this point doesn’t make it acceptable.
It’s not acceptable for companies to follow the laws of the countries they operate in?
Pretty sure Facebook didnt abort a child in the state. The fuck you talking about
They are required by law to turn over the chats. This isn’t hard to understand.
They are required to not give access to clear text to anyone including employees nor agencies. Being wrong doesnt excuse for insisting on being wrong
However, campaigners note that Meta always has to comply with legal requests for data, and that the company can only change this if it stops collecting that data in the first place. In the case of Celeste and Jessica Burgess, this would have meant making end-to-end encryption (E2EE) the default in Facebook Messenger. This would have meant that police would have had to gain access to the pair’s phones directly to read their chats. (E2EE is available in Messenger but has to be toggled on manually. It’s on by default in WhatsApp.)
I swear it’s like you can’t read. This is pretty simple stuff. They aborted a 28 week old fetus (which would be an illegal act in pretty much every state and every place in the world), burned and hid the body, and discussed it over an unencrypted platform. The owner of said platform is legally obligated to turn that info over.