[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

William was raided for running a Tor exit node. Please help if you can.



As a network professional do I not have a duty to protect my companies
network from unauthorized access within my ability to do so?  I think I
do.  If you lost all of your credit card and identity data because I
left an open wifi hotspot on my network would you have a liability case?
I sure think so.
If I go into your building and plug in an open wifi hotspot that allows
a hacker to gain access to your stuff, is that illegal?  I think it is.

In this case we are not talking about a civil claim of negligence at
all.  It is not even a civil case.  Let's look at it more as the
credibility of deniability.  Grandma can claim in court that she had no
idea that the neighborhood was using her wifi and be believable.  I
can't make that claim because it is easy to prove that I know better.
Whether the act itself is legal is another matter, but the ability to
deny knowledge of the act is the question.  So, the way this translates
is "Sir, did you know that a large percentage of Tor use is for illegal
activities?"  How does this guy answer no when he supposedly runs a
large ISP?

As far as the anonymous remailer, at that time sending anonymous email
or spam was not yet illegal.  Many ISPs began cracking down on open mail
relays well before the CAN SPAM stuff came about because it was good
business and most of the industry agreed that open mail relay was bad.  

What I find really interesting is that the ISP (in general, there are a
few rogues) will immediately shut down access to an open mail relay
being hosted by their customer because it enables SPAM, but would allow
a Tor relay that allows lots of illegal activity.

I can tell you exactly why this happens.  Most network professionals
hate spam, its inconvenience, its clogging of the systems we maintain,
and we declared war on the spammers.  Tor however enables a whole lot of
"gray area" activities like media piracy, warez, and lots of other stuff
that some of us are less concerned about (and some of us actually use).
If the ISPs and engineers get concerned about any of this stuff, we are
capable of killing it off easier than the law enforcement channels.  We
never eliminated SPAM but it was made a lot tougher.  Unfortunately, the
history of the public Internet shows that one of the technology drivers
of higher and better connections are for things like media sharing and
distribution which includes some not so savory or legal sharing and
distribution and some not so nice media.

Steven Naslund



-----Original Message-----
From: Michael Froomkin - U.Miami School of Law
[mailto:froomkin at law.miami.edu] 
Sent: Thursday, November 29, 2012 6:30 PM
To: Naslund, Steve
Cc: NANOG
Subject: RE: William was raided for running a Tor exit node. Please help
if you can.

On Thu, 29 Nov 2012, Naslund, Steve wrote:

[...]
>
> When it comes to running an open access point, I think the legal issue

> would be negligence.  Is it negligence for the 90 year old grandma to 
> have an open AP (probably not, just didn't know better)?  Is it 
> negligence for me to have an open AP (probably, I am a network 
> professional and know how to secure a network).
>

In order for there to be a civil claim of negligence there must be,
inter alia, a breach of duty.

What duty has been breached in your scenario?  None.

[...]
>
> This is certainly an interesting discussion and I think there are not 
> a lot of concrete answers since this is on the edge of technology law.

> I

Actually some of us have been teaching and writing about this stuff
since the mid 1990s.  These issues are far from new; we went through
them in the early anonymous remailer days.

<relurk>

--
A. Michael Froomkin, http://www.law.tm Blog: http://www.discourse.net
Laurie Silvers & Mitchell Rubenstein Distinguished Professor of Law
Editor, Jotwell: The Journal of Things We Like (Lots),  jotwell.com U.
Miami School of Law, P.O. Box 248087, Coral Gables, FL 33124 USA
+1 (305) 284-4285  |    +1 (305) 284-6506 (fax)  |  froomkin at law.tm
                        -->It's warm here.<--