[tor-relays] case law on for exit nodes

Hi Rejo,

Post by Rejo Zenger
Who knows about cases where the owner of Tor exit node was prosecuted or
taken to court for information that was up- or downloaded using his/her Tor
node? Basically, I'm looking for case law on running Tor exit-nodes.

*Has anyone ever been sued or prosecuted for running Tor?*

*No*, we aren?t aware of anyone being sued or prosecuted in the United
States for running a Tor relay. Further, we believe that running a Tor
relay ? including an exit relay that allows people to anonymously send and
receive traffic ? is lawful under U.S. law.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20120522/fd3cdaee/attachment.html>

Mike Perry

2012-05-22 22:47:42 UTC

Post by Daniel Case

AFAIK, this is still true in the US. However, I'm pretty sure I've seen
at least 3 court cases in the EU on this list (though too busy to dig
them up right now). There have also been several equipment seizures in
the EU that never escalated to a court case...

--
Mike Perry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20120522/6f311ef1/attachment-0001.pgp>

Bill Waggoner

2012-05-22 23:14:14 UTC

Post by Mike Perry
AFAIK, this is still true in the US. However, I'm pretty sure I've seen
at least 3 court cases in the EU on this list (though too busy to dig
them up right now). There have also been several equipment seizures in
the EU that never escalated to a court case...

And there lies the rub. The corporate interests can make things so
difficult for people they oppose, including Tor operators, even
without an actual court case, that the damage is frequently hidden.
The chilling effect of the direct threat of legal action makes the
actual legal action unnecessary in all but a few cases.

Mike Masnick at techdirt.com covers this phenomenon fairly frequently.
I equate it to the much older tactic of "somethin' bad could happen
... if youse know what I mean?" style but using the legal system as
the "bad" that could happen ...

Very few have the wherewithal to carry a case all the way to court.

grarpamp

2012-05-23 05:31:42 UTC

It does happen that exits are inquiried/seized from time to time.
But from my read on the list, all cases have been dropped before
anyone was found guilty. I'm pretty sure the list has instances of
actual court proceedings (that dropped). Maybe search for expert
witness or something. But the list isn't really searchable, nor do full
plaintext archives exist for that purpose afaik :(

And there lies the rub. ?The corporate interests can make things so
difficult for people they oppose, including Tor operators, even
without an actual court case, that the damage is frequently hidden.

Yes, we all know helpdesks/corps hate any sort of tickets. See
torservers.net for their take on ISP's. But note that putting
node on already existing ISP with node doesn't really help.

The chilling effect of the direct threat of legal action makes the
actual legal action unnecessary in all but a few cases.
Mike Masnick at techdirt.com covers this phenomenon fairly frequently.
?I equate it to the much older tactic of "somethin' bad could happen
... if youse know what I mean?" style but using the legal system as
the "bad" that could happen ...

I've never heard of such threatening someone not to run an exit relay.
Only to shut down if they are receiving tickets, not as threat, but as
(legal) nuisance/entanglement from their point of view.

Very few have the wherewithal to carry a case all the way to court.

And thankfully the cases seem to be dropped before then once
the prosecutor is aware of Tor as a common carrier.

Rejo Zenger

2012-05-23 05:44:48 UTC

Thanks! Someone sent me a few links to one or more cases in Germany, related to wikileaks.de. If you come across more, please let me know.
--
Rejo Zenger . <rejo at zenger.nl> . 0x21DBEFD4 . <https://rejo.zenger.nl>
GPG encrypted e-mail preferred . +31.6.39642738 . @rejozenger

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20120523/06583714/attachment-0001.pgp>

andrew

2012-05-23 11:29:32 UTC

On Wed, May 23, 2012 at 07:44:48AM +0200, rejo at zenger.nl wrote 2.4K bytes in 67 lines about:
: Thanks! Someone sent me a few links to one or more cases in Germany, related to wikileaks.de. If you come across more, please let me know.

To be clear, wikileaks.de and tor are completely separate
cases. 'morphium' ran tor exit relays, wikileaks.de domain owner, and
a few other things, like cgiproxy, from many servers in Germany.

His Tor experience is here:
https://lists.torproject.org/pipermail/tor-talk/2011-February/006828.html.

His wikileaks.de experience is completely separate and
unrelated to his tor activities. His wikileaks.de raid is here,
http://wikileaks.de/wiki/Police_raid_home_of_Wikileaks.de_domain_owner_over_censorship_lists

As graramp mentioned, the CCC has been a central point of contact for most
of Europe when running into these situations. A huge amount of gratitude
to Juliusz and the CCC for helping tor relay operators in Europe.

morphium may have been the only one to actually go to court. Most times
the computers are seized and a forensics person analyzes them to find
nothing more than tor. The owner then has to fight to get their own
equipment back and charges are dropped. In some cases, we at Tor have
contacted the relevant police to explain Tor and help the forensic team
understand what is Tor and what is not Tor. There have been cases where
a criminal runs a tor relay thinking it provides them cover while they
do all of their illegal activities on the same computer. This latter
method doesn't work, by the way. It's trivial for a forensic team to
separate the legitimate tor relay from the criminal activity.

There are at least two cases where the exit operator has been slapped
with a 'national security' gag order and cannot talk about the case. In
these situations, their lawyer contacts Tor and I've provided proof
and notarized documentation that the person was running a tor relay at
the time. I've also had to provide expert witness testimony about Tor
as well.

Overall, from a quick check of letters sent, there have only been
around 12 exit relay seizures out of 1000 or so exit relays.

--
Andrew
http://tpo.is/contact
pgp 0x6B4D6475

Rejo Zenger

2012-05-24 20:10:48 UTC

Hi Andrew,

Thanks a lot for the extensive answer!

Post by andrew
morphium may have been the only one to actually go to court. Most times
the computers are seized and a forensics person analyzes them to find

[...]

Yes. He has explained to me there were two cases where he was taken to court as a result from illegal activity relayed thru his exit node. I have asked him for some more (legal) details.

Post by andrew
There are at least two cases where the exit operator has been slapped
with a 'national security' gag order and cannot talk about the case. In

These two are both German cases? - if you are allowed to elaborate on that.

Post by andrew
Overall, from a quick check of letters sent, there have only been
around 12 exit relay seizures out of 1000 or so exit relays.

Yes. What are the countries for these cases? Are all of them European or does that number include US seizures as well? There is at least one Dutch seizure I am aware off. Do you know the reason for each of these seizures?
--
Rejo Zenger . <rejo at zenger.nl> . 0x21DBEFD4 . <https://rejo.zenger.nl>
GPG encrypted e-mail preferred . +31.6.39642738 . @rejozenger

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20120524/a637ab46/attachment.pgp>

Andrew Lewman

2012-05-24 20:44:22 UTC

On Thu, 24 May 2012 22:10:48 +0200

Post by andrew
There are at least two cases where the exit operator has been
slapped with a 'national security' gag order and cannot talk about
the case. In

These two are both German cases? - if you are allowed to elaborate on that.

I cannot comment on the cases. I'll let the operators de-anonymize
themselves.

Post by andrew
Overall, from a quick check of letters sent, there have only been
around 12 exit relay seizures out of 1000 or so exit relays.

This is a fine question. These numbers may overlap, where a person
emails us asking for confirmation their IP was in the consensus,
and then their legal advisor asks for a formal letter or subpoena.

As for reasons why, we generally don't get that information. For what
we've been told by relay operators with seized relays, their exit relay
IP address showed up in a child abuse material or
copyright investigation.

This is the result of 20 minutes of looking.

Formal letters mailed:

Germany: 1
USA: 1
Italy: 5

Email confirmations of a tor server existing:

Germany: 4
UK: 1
Austria: 1
Switzerland: 1

Subpoena:

US: 1

--
Andrew
http://tpo.is/contact
pgp 0x6B4D6475

Andy Isaacson

2012-05-25 04:16:25 UTC

Post by andrew
There are at least two cases where the exit operator has been
slapped with a 'national security' gag order and cannot talk about
the case.

These two are both German cases? - if you are allowed to elaborate on that.

I have no personal knowledge about the cases at hand, but "national
security gag order" sounds like a USA NSL:
http://en.wikipedia.org/wiki/National_Security_Letter

-andy

Mike Perry

2012-05-25 05:16:35 UTC

Post by Andy Isaacson

Post by andrew
There are at least two cases where the exit operator has been
slapped with a 'national security' gag order and cannot talk about
the case.

These two are both German cases? - if you are allowed to elaborate on that.

I have no personal knowledge about the cases at hand, but "national
http://en.wikipedia.org/wiki/National_Security_Letter

I would also like to take this opportunity to display my "I have not
received an NSL" card.

I think it's still legal to do *that*, right? ;)

But who knows about the upstream ISP(s) or the random stool duster on
shift at the datacenter that day...

To be fair, it sounded like there was a possibility the NSL might have
been more like "WTF just happened? Was that really a Tor node?"

But who knows. It could have been "Give me dem keys, or else!" kind of
thing. My vote would be "time for new keys" in that case.

Maybe we should get a legal opinion on if these things can actually be
arbitrarily coercive in nature. "Give me your key. Also, keep using it.
Also, tell your mother you hate her and wish she was dead."

Does the madness ever end?

grarpamp

2012-05-25 17:07:16 UTC

Post by Mike Perry

Post by Andy Isaacson
http://en.wikipedia.org/wiki/National_Security_Letter

I would also like to take this opportunity to display my "I have not
received an NSL" card.
I think it's still legal to do *that*, right? ;)

Setting aside the inalienability of the hole in our face, some wobbly
strips of flesh, some tubes, bags of air and muscles... I believe the
US Constitution allows us to say whatever the fuck we want, period.
And secondarily, that it trumps a lot of this 911 BS. It just hasn't
been tested on it's face yet. And one well known case where it was,
on later particulars, was won: calyxinstitute.org

If I get a NSL, so long as *I* don't think it's a "national security risk",
I'll speak freely as desired. And if I misjudge resulting in NYC getting
nuked, oh well, we'll rebuild and do a little hunting of our own.

They'd be better off telling the recipients what's up. Even Joe
Sixpack can keep secrets and want to take part, if he's informed.
As opposed to "trust us".

Post by Mike Perry
Maybe we should get a legal opinion on if these things can
actually be arbitrarily coercive in nature.

Yes. Though it seems more for ACLU than EFF.

Yes, I have seen one, it was boring.
No, I have not received one.
And I am not under order to say that.
Or that.
Or that.
etc... :)

Post by Mike Perry
Does the madness ever end?

Just as soon as people stop being sheep and stand up for their rights.

grarpamp

2012-05-25 17:40:13 UTC

Post by Andy Isaacson
http://en.wikipedia.org/wiki/National_Security_Letter

Further, judges are always available, including secret FISA ones.
Go get it signed by a judge before trying to order people
around with what amounts to a request on pretty letterhead.

I'd be afraid of complying with anything NOT signed by a judge,
as that could put ME at risk. Not that any ISP's reading this would
stop being sheep and want to spend money to actually defend
themselves, their customers, their laws, or country.

Then there's the DMCA.... similar, notices end up shutting people
up without court order. Puts the cost of that from the complainant
to the the recipient, with staffing help desk ticketing systems, etc.

Oops, way off topic.

Eugen Leitl

2012-05-26 12:11:56 UTC

Post by Andy Isaacson
http://en.wikipedia.org/wiki/National_Security_Letter

There's a thread about it on NANOG right now.

Post by grarpamp
Then there's the DMCA.... similar, notices end up shutting people
up without court order. Puts the cost of that from the complainant
to the the recipient, with staffing help desk ticketing systems, etc.

grarpamp

2012-05-26 19:16:24 UTC

Post by Eugen Leitl
There's a thread about it on NANOG right now.

Presumably this one...
"ISPs and full packet inspection"
http://mailman.nanog.org/pipermail/nanog/2012-May/048364.html

That seems to be more about network ops than
targeting specific users. There's a world of difference
between routine sniffing of your traffic for statistical,
engineering, budget, policy, education and debugging
purposes (ie: to prioritize/ban traffic, etc)...

and taking action based on a user specific external
report or request, or looking for users to act upon, or
just plain spying on people.

The former happens every day without much issue.
The latter is the problematic area.

There are some good links in that thread though.
NSL and subpoena handling comes up on NANOG
once in a while.

Sven Olaf Kamphuis

2012-05-28 12:01:07 UTC

it all just boils down to one thing.

us senate + whitehouse are infiltrated by zionists and they are shutting
down any means of communication that isn't owned or controlled by
zionists one by one... this whole thing is not about "copyright" or
"money" at all, its about total world domination and them thinking "god"
gave them the right to do so. i'd say, just shoot them.

Post by Eugen Leitl

Post by Andy Isaacson
http://en.wikipedia.org/wiki/National_Security_Letter

There's a thread about it on NANOG right now.

_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Sven Olaf Kamphuis

2012-05-28 12:08:00 UTC

btw nanog is full of dusty nerds that are either no longer entitled to act
on behalf of what used to be -their- companies or don't have the balls to
do so, you can forget anything there that goes beyond the level of
organizing a garage sale, let alone a revolution.

Post by Andy Isaacson
http://en.wikipedia.org/wiki/National_Security_Letter

Further, judges are always available, including secret FISA ones.
Go get it signed by a judge before trying to order people
around with what amounts to a request on pretty letterhead.
I'd be afraid of complying with anything NOT signed by a judge,
as that could put ME at risk. Not that any ISP's reading this would
stop being sheep and want to spend money to actually defend
themselves, their customers, their laws, or country.
Then there's the DMCA.... similar, notices end up shutting people
up without court order. Puts the cost of that from the complainant
to the the recipient, with staffing help desk ticketing systems, etc.
Oops, way off topic.
_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Sven Olaf Kamphuis

2012-05-28 12:05:37 UTC

think it's time for a congress of internet owners about how to remove the
zionist threat that is disney, sony, universal, and the banks that own
them as well as the corrupted us regime etc from our networks. why
let them make propaganda over -our- infrastructure while on the other hand
they are sueing the crap out of us and our buddies.

(not to mention an assasination attempt on me personally :P

http://www.cb3rob.net/enemies.txt is a good start.

Post by Andy Isaacson
http://en.wikipedia.org/wiki/National_Security_Letter

Further, judges are always available, including secret FISA ones.
Go get it signed by a judge before trying to order people
around with what amounts to a request on pretty letterhead.
I'd be afraid of complying with anything NOT signed by a judge,
as that could put ME at risk. Not that any ISP's reading this would
stop being sheep and want to spend money to actually defend
themselves, their customers, their laws, or country.
Then there's the DMCA.... similar, notices end up shutting people
up without court order. Puts the cost of that from the complainant
to the the recipient, with staffing help desk ticketing systems, etc.
Oops, way off topic.
_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Fabio Pietrosanti (naif)

2012-05-23 06:05:48 UTC

A close friend of mine in Italy some years ago has been running a Tor
Exit form home and he got waken-up at 6.00am from State Police for
seizure of computer equipment.

In italy there is an excessively long court proceedings (5-6 years) due
to very inefficient justice system.

It means that even if you are innocent, for each penal issue it happen
to you, you have to stay in the justice loop for many years.

-naif

Rejo Zenger

2012-05-23 05:42:58 UTC

Post by Rejo Zenger
Who knows about cases where the owner of Tor exit node was prosecuted or taken to court for information that was up- or downloaded using his/her Tor node? Basically, I'm looking for case law on running Tor exit-nodes.
Has anyone ever been sued or prosecuted for running Tor?

Thanks for the pointer to the FAQ. Of course I did some research before asking and of course I had came across that FAQ already. However, I was pretty sure there have been cases more or less recently (in Germany for example) and I felt this FAQ must have been missing some cases. I could have added that when I sent my mail to this list. :)

But thanks a lot for the quick response.
--
Rejo Zenger . <rejo at zenger.nl> . 0x21DBEFD4 . <https://rejo.zenger.nl>
GPG encrypted e-mail preferred . +31.6.39642738 . @rejozenger

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20120523/b1081fc3/attachment.pgp>

Samuel Whited

2012-05-22 23:24:14 UTC

Post by Rejo Zenger
Hi,
Who knows about cases where the owner of Tor exit node was prosecuted or taken to court for information that was up- or downloaded using his/her Tor node? Basically, I'm looking for case law on running Tor exit-nodes. I am especially interested in case law from countries in Europe, but other examples are most welcome as well.

While I've never heard of anyone being indicted (in the US or EU) for
running an exit node, there have been many cases of equipment seizure
all over the world.

These might be of interest to you:

https://www.eff.org/deeplinks/2011/08/why-ip-addresses-alone-dont-identify-criminals
http://toddsnotes.blogspot.com/2009/11/because-i-ran-tor-police-took-all-my.html
https://lists.torproject.org/pipermail/tor-talk/2011-May/020490.html

?Sam
--
Sam Whited
pub 2048R/0DBB515F

SamWhited.com
sam at samwhited.com
404.492.6008a
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20120522/873de11c/attachment.pgp>

Rejo Zenger

2012-05-23 05:46:15 UTC

Post by Samuel Whited
While I've never heard of anyone being indicted (in the US or EU) for
running an exit node, there have been many cases of equipment seizure
all over the world.
https://www.eff.org/deeplinks/2011/08/why-ip-addresses-alone-dont-identify-criminals
http://toddsnotes.blogspot.com/2009/11/because-i-ran-tor-police-took-all-my.html
https://lists.torproject.org/pipermail/tor-talk/2011-May/020490.html

Thanks a lot. The second link is new to me, that looks to be useful. Thanks!
--
Rejo Zenger . <rejo at zenger.nl> . 0x21DBEFD4 . <https://rejo.zenger.nl>
GPG encrypted e-mail preferred . +31.6.39642738 . @rejozenger

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20120523/ea196397/attachment.pgp>

grarpamp

2012-05-23 05:34:16 UTC

Post by Rejo Zenger
I am especially interested in case law from countries in Europe

Contact ccc.de.

grarpamp

2012-05-23 05:55:16 UTC

Post by Rejo Zenger
I am especially interested in case law from countries in Europe

Contact ccc.de.

also: exitnodes at lists.ccc.de

Rejo Zenger

2012-05-23 06:01:05 UTC

Post by Rejo Zenger
I am especially interested in case law from countries in Europe

Contact ccc.de.

also: exitnodes at lists.ccc.de

Thanks!
--
Rejo Zenger . <rejo at zenger.nl> . 0x21DBEFD4 . <https://rejo.zenger.nl>
GPG encrypted e-mail preferred . +31.6.39642738 . @rejozenger

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20120523/e759f6b9/attachment.pgp>

Martin Fick

2012-05-23 18:30:36 UTC