Communications Decency Act, 47 U.S.C. ยง230 is the US law that has been interpreted to provide immunity to ISP for the actions of their users. Zeran v. America Online, Inc., 4th Circuit, 1997 Jane Doe v. America Online, Inc., 5th Circuit, 1997 Blumenthal v. Drudge, DC District, 1998 Green v. AOL, 3rd Circuit, 2003 Gentry v. eBay, Inc, California Appeals, 2002 Delfino v. Agilent Technologies, California Appeals, 2006 The ISP ones are most relevant here, but look at these cases. The situation would be complicated if the ISP ran the TOR exit node themselves, and that would be a messy legal battle I'm sure. Either way, that doesn't change the fact that running a TOR exit on a home PC on a residential internet connection is silly. You might legally not be held responsible at the end of the day, but it just may cost you a lot in legal fees to get there. Personally, I have better things to spend money on. On 11/29/2012 3:06 PM, George Herbert wrote:
On Thu, Nov 29, 2012 at 11:58 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Not really comparable.
Speaking from a US point of view, ISPs has strong legal protections isolating them from culpability for the actions of their customers. I know internationally things are different, but here in the US the ISP doesn't get dinged, except in certain cases where they are legally required to remove access to material and don't.
End users have no such protections that I'm aware of that cover them similarly.
On 11/29/2012 2:50 PM, George Herbert wrote:
On Thu, Nov 29, 2012 at 11:18 AM, Tom Beecher <tbeecher@localnet.com> wrote:
Assuming it's true, it was bound to happen. Running anything , TOR or otherwise, that allows strangers to do whatever they want is just folly. Such as, say, an Internet Service Provider business? There are plenty of ISPs with no or little customer contracts; anyone running open access wireless. Plenty of "open access" sites with free accounts.
And any but the largest ISPs are "end users" of upstream bandwidth.
The analogy of a small free access ISP and a Tor exit node is legally defensible. I know of five, six, seven that I can think of off the top of my head that are run by people I know, one of whom has started and/or been architect or operations lead for 5 or more commercial ISPs.
Even more, ISP like protections are extended in the US to many "end user" sites such as blogging sites, Wikis, etc; where the site is "publishing" content but not creating it or exerting control over it, etc.
This is US specific, and the case of a user in Austria is entirely unrelated to US law, but I don't know that this type of response would hold up in US court for these reasons. I am going to ping my internet law contacts in the US and see what they think, as IANAL.
-- Thomas Beecher II Senior Network Administrator LocalNet Corp. CoreComm Internet Services 716-799-8881 tbeecher@localnet.com