Let's not forget three things from prior leaks:
1. Core Secrets said the FBI "compelled" companies to secretly backdoor their products. Another leak mentioned fines by FISA court that would kill a company. I dont know if you can be charged or not.
2. They paid the big companies tens of millions to $100+ million to backdoor their stuff. Historically, we know they can also pressure them about government contracts or export licenses. Between 1 and 2, it looks like a Pablo Escobar-like policy of "silver or lead."
3. In the Lavabit trial, the defendant said giving them the keys would destroy the business since the market would know all their conversations were in FBI's hands. The FBI said they could hide it, basically lying given Lavabit's advertising, which would prevent damage to the business. IIRC, the judge went for that argument. That implies the FBI and some courts tell crypto-using companies to give them access but lie to their users.
Just these three facts make me wonder how often crypto in big platforms is intentionally weak by governemnt demand or sloppy because they dont care. So, I consider all crypto use in a police state subverted at least for Five Eyes use. I'll change my mind once the Patriot Act, FISC, secret interpretations of law, etc are all revoked and violators get prosecuted.
There is no such thing as "fines by FISA court". FISA doesn't hear adversarial cases and doesn't have statutory authority or even subject matter jurisdiction to enforce compliance on private actors. FISA is an authorizer for other government bodies, who then use ordinary Article III courts to enforce compliance. Other than the fact that they're staffed by Article III judges and not directly overseen by Article III courts, the FISA court functions like a magistrate court, not a normal court. So: I immediately distrust the source.
People are going to come back and say "well yeah that's just what they tell you about FISA court, but I bet FISA courts fine people all the time", but no, it's deeper than that: private actors aren't parties to FISA cases. It's best to think of them as exclusively resolving conflicts between government bodies.
You are just wrong:
> In some circumstances, nongovernmental parties may litigate the lawfulness of FISA orders or directives to provide information or assistance to the government. For example:
> A private company or individual that has been served with a directive to assist in acquiring information under Section 702 may petition the FISC to modify or set aside the directive. Conversely, the government may petition the FISC to compel the recipient to comply with the directive.
> In responding to the government’s petition, the private party has the opportunity to show cause for the noncompliance or argue that the order should not be enforced as issued.
> In 2007, Yahoo! Inc. refused to comply with directives issued by the government under provisions of FISA that have been replaced by Section 702. The government filed a motion with the FISC to compel compliance.
https://www.fisc.uscourts.gov/about-foreign-intelligence-sur...
The warrants the court issues do apply to private parties. Failure to comply with a warrant is contempt of court and the court can compel compliance by fines and other sanctions. You can read what that looks like in this FISA court ruling against Yahoo.
PDF warning: https://donohueintellaw.ll.georgetown.edu/sites/default/file...
It was a big company that said they'd be fined per day for non-compliance with mass surveillance. Core Secrets etc says that was done by FBI for FISA warrants. So, whoever enforces that.
I dont know the mechanics of it, like jurisdiction. It might be as you say. I just know they and their targets were both clear at different times they could force a company to do it.
The part nobody mentions about Crypto AG:
https://inteltoday.org/2020/02/15/crypto-ag-was-boris-hageli...
We've always done this.