1. Running open access wireless does not make you legally an ISP and if your open wireless is used to commit a crime you could be criminally negligent if you did not take "reasonable care" in the eyes of the court. 2. If I provide access to four or five friends, I am not an ISP and in fact I am responsible if they use my connection to do something illegal since I am the customer of record. If you loan your car to an unlicensed driver and he kills someone, you are on the hook. 3. I guarantee you that if your blogging site, wiki or whatever is publishing content like child porn, you are going to jail. There is no "ISP like protections" for that. If you do not take action as soon as you know a crime is being committed, you are going to get nailed. The question in this case would be all about whether the Tor exit node is viewed as a device specifically enabling a criminal or something that was incidentally used to commit a crime. For example, if I give you a hammer and you break into someone's house with it, I am probably not criminally negligent. If I provided you with lock picking equipment and you are not a locksmith, I might be criminally negligent. This is not so clear cut a case that there would not be a fight about it. Steven Naslund -----Original Message----- From: George Herbert [mailto:george.herbert@gmail.com] Sent: Thursday, November 29, 2012 2:06 PM To: Tom Beecher Cc: NANOG Subject: Re: William was raided for running a Tor exit node. Please help if you can. On Thu, Nov 29, 2012 at 11:58 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Not really comparable.
Speaking from a US point of view, ISPs has strong legal protections isolating them from culpability for the actions of their customers. I know internationally things are different, but here in the US the ISP doesn't get dinged, except in certain cases where they are legally required to remove access to material and don't.
End users have no such protections that I'm aware of that cover them similarly.
On 11/29/2012 2:50 PM, George Herbert wrote:
On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Assuming it's true, it was bound to happen. Running anything , TOR or otherwise, that allows strangers to do whatever they want is just
folly.
Such as, say, an Internet Service Provider business?
There are plenty of ISPs with no or little customer contracts; anyone running open access wireless. Plenty of "open access" sites with free accounts. And any but the largest ISPs are "end users" of upstream bandwidth. The analogy of a small free access ISP and a Tor exit node is legally defensible. I know of five, six, seven that I can think of off the top of my head that are run by people I know, one of whom has started and/or been architect or operations lead for 5 or more commercial ISPs. Even more, ISP like protections are extended in the US to many "end user" sites such as blogging sites, Wikis, etc; where the site is "publishing" content but not creating it or exerting control over it, etc. This is US specific, and the case of a user in Austria is entirely unrelated to US law, but I don't know that this type of response would hold up in US court for these reasons. I am going to ping my internet law contacts in the US and see what they think, as IANAL. -- -george william herbert george.herbert@gmail.com