Government Compelled Data Access

Cluster focuses on governments and law enforcement using court orders, FISA warrants, and gag orders to force tech companies like Lavabit to provide access to user data or encryption keys, debating compliance, legality, and privacy protections.

➡️ Stable 0.6x Legal

3,879

Comments

Years Active

Top Authors

#7170

Topic ID

Activity Over Time

2007

2008

2009

2010

2011

2012

109

2013

706

2014

253

2015

193

2016

260

2017

163

2018

193

2019

234

2020

235

2021

332

2022

243

2023

285

2024

246

2025

271

2026

Top Contributors

tptacek (40) nickpsecurity (25) Zigurd (19) rdl (16) betterunix (16)

Keywords

e.g IT US FOOBAR tunnl.gg CCP MIT RU CN HN law law enforcement warrants enforcement fbi warrant companies court order compel government

Sample Comments

res0nat0r • Dec 23, 2013 • View on HN

The gov't asked for specific access to specific account(s), those were not complied with, so they requested that the ssl certs be handed over so that they could get access to the specific individuals they needed. None of this is illegal.

hendersoon • Jul 6, 2016 • View on HN

Yes, they can try to compel you to do literally anything. Remember they tried to get Lavabit's SSL certs. Either you comply or fight it in secret court.

Arnt • Oct 16, 2013 • View on HN

Bah. 1. Law enforcement cannot compel a number to reveal its prime factors, or people beyond its jurisdiction to reveal secrets. 2. The court order that started all this did care about being detected: It demanded access such that Lavabit could not learn whose mail was being read.

candiodari • Mar 5, 2023 • View on HN

Companies don't get a choice. The "out" some companies are using is to encrypt everything with keys only on the customer's device. They then provide all data they have, as ordered, on request. This, of course, does not include the encryption key. However, as far as I know essentially only Signal does it these days.Whatsapp is famous for doing this before, and then Facebook killing this for "regulatory concerns". I don't know for sure, but the previous owner

dewey • Nov 15, 2020 • View on HN

If there's a court order, (FISA: https://en.wikipedia.org/wiki/Foreign_Intelligence_Surveilla..., or otherwise) companies have to comply. So I don't really see how one can blame a any company for that.

amelius • Mar 15, 2025 • View on HN

I wouldn't be surprised if it were made illegal. In fact, they probably have a deal with the government where they have a back door, and can still claim all these nice privacy things. I don't see any other way where this would be allowed.

nickpsecurity • May 28, 2025 • View on HN

I'll warn that the FBI was publicly trying to get warrants for information while they and NSA were siphoning it off in secret from the same companies. One was likely a cover for the other.Unless there's legal protections, assume in your threat model any company has let their host government, maybe others, backdoor their offerings. It might have been willingly or forced. Police states like U.S. and Russia should be assumed to subvert any pprovider.If they don't like that, the

maerF0x0 • Aug 5, 2021 • View on HN

perhaps they're being required by law and gagged for indicating as suchhttps://theintercept.com/2018/06/25/att-internet-nsa-spy-hub...

Nextgrid • Oct 20, 2023 • View on HN

If it's a "lawful intercept" then they most likely have no choice.

ocdtrekkie • Jul 27, 2022 • View on HN

They will try but can be legally prohibited from notifying you. A server you control and have the keys to can be compelled by the police, but not without your knowledge.Every supposed attempt to protect you is really just an attempt to justify an inherently unethical business model because it is profitable.