So I've been kinda keeping up with the whole Yahoo giving up a journalist name to the Chinese government (at least what is on CNN) and that guy getting 10 years in prision.
if you are unfamiliar with it:
here is the short version:
"Shi Tao got in trouble three years ago, when the Chinese government told journalists not to report on the Tiananmen Square anniversary. He forwarded the notice to human rights groups. The regime then pressured Yahoo to give up the account holder who did that. Yahoo complied."
I caught a bit of the senate testimony online and it was the CEO getting his ass chewed by the senators basically saying he was a complete traitor to the US and what not.
Now, I am pro-American and anti communist but here are some things I thought about after reading the above articles and seeing it on TV:
-did the CEO personally give up the information freely or did one of Yahoo's employees in China do it after a direct warrant type request from the Chinese government. Do all of those types of requests go thru any type legal or ethics review? or any review by the CEO? -I doubt it.
-what was the extent of the data given. did they ask for an IP address? username? sign up info? etc. how much of that is given out normally and how sensitive is that information usually? did Yahoo know what the government wanted to do with it?
-if a foreign company operating inside the US was asked by the FBI to give up information about a US Citizen suspected of terrorism and was given a warrant to provide that information, they would be expected to give up that information...yes? i think they would be expected to do just that. isnt that the same thing?
-expectation of privacy is low i think on those free email services. anytime another entity stores and sends your email for you, there shouldnt be much of expectation of REAL privacy. if you dont own/control the server and cant encrypt your emails or data then privacy is at a minimum. In a place like China, being stealthy and careful must be at a premium especially if you are doing anti-govt type activities.
-if you want some real scary stuff check out Mark Rasch's current article on security focus on email privacy:
things might not be so different after all.