Any web page can include content from any country. Country TLDs don’t correspond in any way to where the content is hosted, and for most people even using DNS-resolved URLs is advanced. However, mostly thanks to IPv4 exhaustion, not even IP blocks correspond to geographical location anymore[1].
And all of this doesn’t matter anyway, because of how packet routing works. No one accessing the Internet can be reasonably expected to have any control over how their packets are routed on the network. You only control the next hop[2].
So I would agree to the extent that there can be no expectation of privacy for any unencrypted traffic. However, that’s just one type of hacking – snooping.
As for actual hacking – that is someone breaking into your system – this system has to be running on something, some sort of device. This device has to be physically located somewhere.
If an Elbonian comes to US and breaks into your house is it okay because in their country there are no lock on the doors, just a lot of mud, so breaking is not a crime? This is the logic here, as I see it.
What it ultimately comes down to is the US government wants to have it both ways. They want to be able to extradite people that hack into devices located in the US, but they want you to have no expectation of privacy when they are the ones doing the hacking.
>If an Elbonian comes to US and breaks to your house is it okay because in their country there are no lock on the doors, just a lot of mud, so breaking is not a crime? This is the logic here, as I see it.
If they came to the US they would be subject to US jurisdiction. Hackers from other countries aren't, at least not always.
Edit: I mean prosecution. Jurisdiction applies whenever there are effects in the US, see link below.
This is my point though. The US government claims they have jurisdiction when it suits them. Guccifer is still in the news and fresh on everyone’s mind.
Personally it never made sense to me how one can be subject to some random foreign country’s law by just using the Internet. But if that’s the doctrine it should at least be applied consistently.
I spoke incorrectly above. They always have jurisdiction if there was damage in the US. The point is that they can't get access to the person if they don't have an extradition treaty with the country they're in, but that's not jurisdiction, my mistake.
And all of this doesn’t matter anyway, because of how packet routing works. No one accessing the Internet can be reasonably expected to have any control over how their packets are routed on the network. You only control the next hop[2].
See for example: http://allthingsd.com/20131120/how-somebody-forced-the-world...
So I would agree to the extent that there can be no expectation of privacy for any unencrypted traffic. However, that’s just one type of hacking – snooping.
As for actual hacking – that is someone breaking into your system – this system has to be running on something, some sort of device. This device has to be physically located somewhere.
If an Elbonian comes to US and breaks into your house is it okay because in their country there are no lock on the doors, just a lot of mud, so breaking is not a crime? This is the logic here, as I see it.
What it ultimately comes down to is the US government wants to have it both ways. They want to be able to extradite people that hack into devices located in the US, but they want you to have no expectation of privacy when they are the ones doing the hacking.
[1] https://en.wikipedia.org/wiki/Provider-independent_address_s...
[2] https://en.wikipedia.org/wiki/Hop_(networking)