This would seem to be an opportunity for CS people to do what the do best--obfuscate through bad UI design. If they're legally obligated to provide an interface, then why make it a good interface? I'm thinking that the FBI's interface to the snooping back door should be through a pseudo-lisp interpreter with vividly named functions:
Obviously the fact that it's in source code is irrelevant, otherwise every gag order could be got round with a quick <p>here is the information</p> page hosted on a webserver..
It's like saying you can shoot somebody because a gun can't be prosecuted for murder.
Yeah, but when someone gets shot with a gun you can't prosecute the manufacturer, so long as they put warning labels on their guns and sell them according to the laws regulating the sale of guns. The person responsible is the person who pulled the trigger, which in this case would be the Feds.
The key is to make sure that they get access to the backdoor directly.
At the end of the day you can always code loopholes around the law, which will work until they legislate the loopholes away with more legislation. Almost every industry has been doing this since the beginning of government.
One of the best ways to code this into the system is to provide security measures that allow you to prevent what machines can access your account and notify you if machines not your own try to access your account.
"You recently tried to access your account from the IP address X.X.X.X located in Quantico, Virginia. If this was not you, please report this to customer service."
Customer service can then legitimately comply with the gag order by admitting nothing and say they'll look into it.
> Yeah, but when someone gets shot with a gun you can't prosecute the manufacturer
Right, so you can't prosecute Google if I use gmail to send something that violates a gag order. If Google violate a gag order through their source code they are entirely liable for it.
If Google gets served a gag order and violates that specific gag order served because of a piece of code they wrote, then I could see that happening. If they get served a gag order and then modify that code so that all future gag orders are not possible then I don't see a crime being committed for which they are liable.
Gag orders are circumstantial. Code that applies to general situations is not. Backdoors (access) and confidentiality (disclosure) are concepts that are mutually exclusive of one another.
Yeah, or maybe the backdoor "accidentally" has a lot of null-reference bugs and other crappiness. It isn't adding business value in the first place, why try to make it any good.
(violateRights (shackle (humiliate userID)))
Or similar.