It seems like a lot of people are objecting to the raid/seizure itself in addition to the possibility of conviction, so I have a question. Is it reasonable for the police to investigate an exit node operator for traffic coming from his node, even if they know he's an exit node operator?
The way I see it, it's their job* to determine whether the traffic in question was relayed, or whether it was the exit node operator himself generating that traffic. In an ideal world, they could just call him up and ask nicely - but if he was actually guilty, he'd say "No, no way it was me!" and immediately start destroying any evidence. On the other hand, raiding someone's home or server rack and confiscating all of their computers isn't a great solution if most exit node operators are not guilty themselves.
I'm not aware of a good solution that avoids inconveniencing exit node operators without giving them some kind of blanket immunity to investigation that goes beyond just relayed traffic.
* - I'm aware that this might be impossible, but you can't know whether it will be ahead of time. It's possible that they could raid him and find no proof, even if he's guilty. It's also possible that they could raid him and find exactly what they were looking for. Like many investigation tactics, there's no guaranteed payoff.
In the strict public policy sense you could argue the raid/seizure either way; The pro-raid argument would go "This activity harms society by allowing criminal activity which is part of the economics of exploiting children, thus it is right for the state to step in and make these raids to identify and contain those threats." Then you could make the anti-raid argument, "The economic disruption of taking a legitimate business off-line and possibly causing irreparable harm to innocent citizens does not warrant such a drastic measure without solid evidence of complicity in the commission of a crime."
In the United States there is an analogous situation which is that of the 'high speed pursuit.' In the pursuit situation the officers have strong reason to believe the driver of a vehicle was involved in a crime and seek to arrest them. The driver of the vehicle doesn't want to be arrested and so they drive away quickly. If the officers give chase, they greatly increase the chance that harm will come to innocent bystanders. If they don't give chase they risk losing their suspect. Generally those debates come down to things like "what crime might they have committed?" and if it was failure to stop for a right turn, that is seen as not being as 'reasonable to chase' as hit and run vehicular manslaughter.
I tend to fall into the "Do the police work to figure out who the crooks are and if you need the co-operation of an end-node provider then get a warrant to compel that co-operation." But I also have spoken to officers who feel that such restrictions are 'red tape' and keep them from doing the job they were paid to do.
In this particular case we don't have the police version of the story. Perhaps they think this guy is complicit? Did they raid/seize any other end nodes? Did they have a warrant and what did it say? Had this person been involved in other questionable activities? "Presumption of innocence" is not a principle that extends outside of US borders so its always difficult to contextualize police action in other countries to Americans who take their constitution for granted.
> "Presumption of innocence" is not a principle that extends outside of US borders so its always difficult to contextualize police action in other countries to Americans who take their constitution for granted.
Sorry, what? Within America, that principle ultimately derives from English common law (from which the legal systems of most former colonies are derived). Moreover, it is a specific part of the European Convention on Human Rights, to which all EU members are party.
Of course it doesn't necessarily apply everywhere in the world (though it'd be foolish to expect any legal doctrine to apply universally, although in this case the doctrine is part of the Universal Declaration of Human Rights, which makes it about as close to universal law as is possible) - but it clearly extends beyond the borders of the US (and in fact, the notion of it 'extending beyond the borders' is pretty offensive, as it suggests the US as the origin of the principle).
Its actually better this is happening out side the US. Simply possessing CP in any format, with or without knowledge or consent is illegal. A handful of smart people have written about the situation (and its been featured on HN in the past). In the US, he would likely be far worse off.
> "Simply possessing CP in any format, with or without knowledge or consent is illegal."
From a recent New York State supreme court decision [0], citing federal law on page 12: "to possess the images in the cache, the defendant must, at a minimum, know that the unlawful images are stored on a disk or other tangible material in his possession". And on page 14, "a
defendant cannot knowingly acquire or possess that which he or she does not know exists".
Variations of the word "know" appear over and over again in the decision, particularly in the line "knowing the character and content thereof." All three judges concurred on this point -- possession requires knowledge.
> "Presumption of innocence" is not a principle that extends outside of US borders so its always difficult to contextualize police action in other countries to Americans who take their constitution for granted.
What? There's nothing particularly American about the principle, it's an accepted core tenet of all democratic countries and many of the others.
There is a wide spectrum for how strictly "presumption of innocence" is followed in various societies in practice though.
The creator of the Winny filesharing program in Japan was dismissed from his Tokyo University Research Assistant position as he went to trial:
"On May 10, 2004, Kaneko was arrested for suspected conspiracy to commit copyright violation by the High-tech Crime Taskforce of the Kyoto Prefectural Police. Kaneko was released on bail on June 1, 2004. The court hearings started in September 2004 at Kyoto district court. On December 13, 2006, Kaneko was convicted of assisting copyright violations and sentenced to pay a fine of ¥1.5 million (about US$13,200).[3] He appealed the ruling. On October 8, 2009, the guilty verdict was overturned by the Osaka High Court.[4] On December 20, 2011, Kaneko was cleared of all charges after a panel of judges agreed that the prosecution could not prove that he had any intention to promote the software for illegal use.[5] [6]" (http://en.wikipedia.org/wiki/Winny#Criminal_procedure)
He was definitely treated by society as if he were guilty of the crime as soon as he was arrested.
By that standard, suspects are often presumed guilty by society even in the USA (for instance, suspected rapists and other sex offenders). The presumption of innocence is still considered one of the core principles of democracy and/or the rule of law.
Its a fair point, its much more codified elsewhere than it was at one time. And to be fair the US has been doing things like locking people in Guantanamo without due process which is disturbing in itself. The point I was trying to make clear was that I recognize trying to interpret a story involving the actions of a the police in a country which doesn't have the same legal climate as the one I live in, it fraught with dangers in making assumptions that don't or won't hold up.
Which would make my sentence: It's an accepted core tenet of all common law countries and many of the others. Well, I suppose that's still true! But I don't think the tie to common law is stronger than the one to the US; it's an almost universal principle.
My point is that it's a core tenet of the common law system, not a core tenet of democracy. Allowing your citizens to vote does not automatically mean that they have a presumption of innocence. It just means that they can vote.
"Presumption of innocence" is not a principle that extends outside of US borders so its always difficult to contextualize police action in other countries to Americans who take their constitution for granted.
No, many countries have "innocent until proven guilty" laws/standards.
"In the United States there is an analogous situation which is that of the 'high speed pursuit.' In the pursuit situation the officers have strong reason to believe the driver of a vehicle was involved in a crime and seek to arrest them. The driver of the vehicle doesn't want to be arrested and so they drive away quickly. If the officers give chase, they greatly increase the chance that harm will come to innocent bystanders. If they don't give chase they risk losing their suspect."
I think any similarity in these situations is only superficial. In a high speed pursuit, the suspect is alerted to the police's interest in their actions and chooses to run, which is an indicator the suspect has something to hide as well as a crime in itself. The act of running from the police is breaking the law.
The exit node scenario is nothing like that--the person being raided is not aware of the police interest and there is no evidence the operator committed a crime. Even if the the suspect was notified in advance and refused to willingly submit their equipment for investigation, it still wouldn't be the same situation unless they were legally compelled to provide the equipment.
In the United States there is an analogous situation which is that of the 'high speed pursuit.' [...] If the officers give chase, they greatly increase the chance that harm will come to innocent bystanders.
Not only that, but they increase the risk to the person they are pursuing. It is general policy for UK police not to pursue motorbikes whose riders aren't wearing helmets for this reason. Presumably causing the person to die in a crash is worse than most offences they would be pursued for. It would also cost the taxpayer a lot more.
>Is it reasonable for the police to investigate an exit node operator for traffic coming from his node, even if they know he's an exit node operator?
Realistically, no. It's a fishing expedition -- it's like raiding the phone company's offices when someone has used a prepaid burner phone because they have the ability to spoof the IP address or phone number of any of their unidentifiable customers. There is no more reason to suspect that the exit node operator is at fault than any other ISP. Especially given the amount of harassment these raids cause for the victims -- can you reasonably state that the police should be able to enter a telco hotel and shut down and confiscate all of the equipment because not all of the traffic passing through it can be traced to an identifiable source? If not then what makes this different?
>I'm not aware of a good solution that avoids inconveniencing exit node operators without giving them some kind of blanket immunity to investigation that goes beyond just relayed traffic.
The solution is to rely on less disruptive investigative means until sufficient evidence is available to determine whether the exit node operator is the likely source of the traffic. For example, get a warrant and wiretap their phone and email and see if they're trafficking in illicit materials through those channels. Have an undercover cop chat them up and set up a sting if they're doing something illegal. Standard police work.
The fundamental misunderstanding here is that police (and, down the chain, other authorities) actually care about the nature of an exit node. From their perspective all they see is that this guy's IP address was used to distribute child pornography. All his stuff is gone, and they will persecute him for that offense. In all likelihood the court trial will go like this:
Defendant: "But I was merely running a Tor exit node!"
Judge: "What's that?"
Court-appointed expert: "It's a computer program that allows
pedophiles to exchange pictures online."
Judge: "I see. That'll be 10 years jail time plus court costs.
Also, please stand by for your copyright infringement trial
that came out of searching your computer equipment. Thanks.
Next!"
You're describing a show trial. Not to say that they don't exist (or are even particularly rare), but if you're in a country that has them, you're pretty well already screwed regardless of Tor or anything else, because all it takes to throw you in prison for a decade or more is for a cop in your vicinity who needs to make his quota to decide he doesn't like anyone with a beard (or anyone without a beard, or people who are taller or shorter than he is, or brown people, etc.)
In countries where you get a legitimate opportunity to make your case, cases like these get thrown out, because the prosecutor is almost always required to prove that you knew the nature of the material, which in the case of an exit node (where "he ran an exit node" is the only evidence), they can't very well do. For exactly the same reason that ISP employees aren't prosecuted for the same thing.
Which brings it back to the issue at hand: You have people who apparently (barring additional evidence beyond running an exit node) are not guilty of the offense in question, but still the police bust into their facilities and steal their stuff. That should not be allowed to happen.
> required to prove that you knew the nature of the material
Actually, depending on the laws of the country, the prosecutor might only need to prove that they "knew or should have known" the nature of the material. Or it might instead be sufficient to prove that the operator "had a reckless disregard" for the nature of the material.
Or perhaps the operator "failed to comply with the regulations for running an Internet service provider, including maintaining logs of customer connections." Which itself might not carry a very harsh penalty, but might also make him liable for criminal acts that others carry out using his illegal ISP.
Disclaimer: I am not a lawyer. These ideas are merely guesses. The things in quotation marks are not quoting anything in particular. I have no idea about which, if any, jurisdictions would accept the legal points my hyopthetical prosecutor makes.
>Actually, depending on the laws of the country, the prosecutor might only need to prove that they "knew or should have known" the nature of the material. Or it might instead be sufficient to prove that the operator "had a reckless disregard" for the nature of the material.
Obviously we can theorize whatever laws we want and there may even be countries that have them that way, but I'm not sure how that distinguishes the Tor exit node from the ISP. Telecommunications services don't generally inspect the content of the packets they route. I wouldn't want to have to argue that that is "reckless disregard" or whatever, though you can certainly imagine overzealous bureaucrats doing so when it suits them.
>Or perhaps the operator "failed to comply with the regulations for running an Internet service provider, including maintaining logs of customer connections." Which itself might not carry a very harsh penalty, but might also make him liable for criminal acts that others carry out using his illegal ISP.
Or maybe there is a specific law in a particular country that outlaws anonymizing services. Or maybe a license is required to operate an information processing device. Your mileage may vary, etc. Consult an attorney.
But it's worth pointing out that keeping logs doesn't get the government anywhere: The only thing a Tor node has available to log is which nodes it's connected to, and those nodes have a high probability of not having any logs or, even if they do, of being in another country where you can't get access to them. That's kind of the whole idea. So if all you're achieving is to get exit nodes to keep useless logs to make them safe from prosecution under some kind of safe harbor, you just end up back at square one.
The question is, do you want to ban anonymizing services or not? And if not, stop harassing the operators.
>but I'm not sure how that distinguishes the Tor exit node from the ISP
I think it's closer to raiding someone who had their wifi unprotected and someone jumped on and did something illegal.
An ISP is a legal entity that has a certain relationship with its customers. This includes identity and at least some form of monitoring (logging and cooperation with authorities). Tor is opening your connection up to anyone in a totally anonymous and encrypted way. This is not to say that the guy is guilty or even that it's right to raid him, it's just saying that I don't think it's fair to argue he has similar legal protections. In the case of an ISP they don't have to raid them, they just show up with a subpoena and the ISP coughs up the info.
>The question is, do you want to ban anonymizing services or not?
>I think it's closer to raiding someone who had their wifi unprotected and someone jumped on and did something illegal.
That's what I'm saying. In what world is that a reasonable thing for the police to do? A raid is a thing they should do last, after they already know who they're dealing with and are just sewing up an already strong case against them, not the first thing to do with a suspicious IP address.
>In the case of an ISP they don't have to raid them, they just show up with a subpoena and the ISP coughs up the info.
They could do the same thing to the operator of the exit node and it would get them the same result as the raid (which is to say really nothing useful) without the harassment, at least in the case that the operator wasn't the perpetrator. Which is the same case for the ISP. Nothing stops criminal ISP employees from responding to a subpoena by destroying the evidence and then fingering some ISP customer known to have open WiFi.
>I think that is precisely what they want to do.
Then they ought to stop pussyfooting around and actually come right out and propose legislation to that effect. And if it subsequently gets (or already has been) defeated in the legislature or struck down by the courts then they ought to stop pretending it wasn't.
What you're proposing gives anyone with open wifi a license to do whatever they want and then claim it was someone else, that doesn't make sense either. The likely chain of events is as follows:
1. Criminal activity is observed from an IP address.
2. The ISP is contacted, proper permission is received and a wiretap is set up
3. Further traffic patterns are observed
4. A raid is conducted on the owner of the IP address.
At this point there is no need to raid the ISP because the traffic can be traced back farther than the ISP to a more specific place. In the case of the IP, the traffic essentially ends at the owner of the IP. It can't be tracked back any further so a raid is conducted to move the investigation to the next level. If the ISP didn't log or wouldn't turn over information, the ISP would be raided, I imagine.
Obviously running a TOR exit node, open wifi or ISP can't be a blank check to get away with crime. Once the investigation was stopped, the next logical level was to get more information from the last place it was seen (the IP owners equipment).
>Then they ought to stop pussyfooting around and actually come right out and propose legislation to that effect.
This assumes that "they" is a single unified entity with a single, unified goal. Very likely there are people who want to discourage this sort of activity without the trouble of actually legislating it. That's obviously wrong, but it happens all the time, often totally benignly, in this case much more maliciously.
>At this point there is no need to raid the ISP because the traffic can be traced back farther than the ISP to a more specific place.
It seems like you're still not distinguishing it from the exit node: In order to set up a wiretap, the ISP is going to know about it (it's their equipment). If the ISP employees are the criminals then getting a wiretap for the customer's IP address that they've been spoofing is going to tip them off. If you're not worried about that for the ISP then stop worrying about it for the exit node -- in which case you could do the same thing, require the exit node operator to install wiretapping software on the exit node and trace the traffic "back farther than the [exit node] to a more specific place" (i.e. the next Tor node in the chain). It still doesn't get you anything, but neither does a subpoena to the ISP that just leads you to an otherwise-clean exit node.
>Obviously running a TOR exit node, open wifi or ISP can't be a blank check to get away with crime.
People keep saying this -- it's wrong twice. First, just because you can't do a smash and grab police raid doesn't mean you can't do an investigation. Digital forensics are crap anyway -- way too easy to forge. (Criminal installs remote control software on some poor sap's PC to do dirty work, secure removes it when finished and everything ends up pointing to the sap.) Try doing some actual police work, interview suspects, look at the illicit materials to see if there are clues from the background, on and on. And after you've done your homework, if the evidence still points to the exit node operator (instead of just the exit node's IP address), then you do a raid.
But perhaps more importantly, how is it the operators of the anonymizing thing who we are worried about getting away with something? If you know enough about Tor to set up an exit node and you're a criminal, you can just use somebody else's exit node instead of setting up your own. Or hop on some public wifi, or break into some sucker's PC to use it as a proxy, etc. If the police have successful methods to catch those criminals, then use them against the criminal who hides under an exit node instead of raiding it.
And if not, well, that's life. A police state is very helpful to the police. The cost of not having a police state is that some criminals get away with it. It's the cost of doing business in a free society.
>That's obviously wrong, but it happens all the time, often totally benignly, in this case much more maliciously.
Which is why they ought to be stopped. Government malfeasance is all but universally a more serious problem than private malfeasance, because a good government can often save you from bad private actors, but almost nobody can save you from a bad government.
You're creating all sorts of situations and "what-ifs" and "buts" that don't fit the facts. We don't really have any idea what kind of investigation was conducted, or what other steps they have taken before this point. I don't imagine police in most democratic societies -- especially ones with robust free presses -- conduct raids lightly.
Furthermore, it's not really the police's job to interject possibilities into this situation. Phrases like "digital forensics are crap -- way to easy to forge" and "If the ISP employees are the criminals then getting a wiretap for the customer's IP address that they've been spoofing is going to tip them off" and "if you know enough about Tor to set up an exit node" don't really enter into their though process. The investigation reached a dead end, they got more evidence.
I would like to point out that I don't know the specifics of this case either. I will say, however, that in the US, raids and seizures like this are subject to judicial review. Probable cause is shown and permission is granted or denied. It's not as if the police can just walk in there and take what they want. I also don't feel that police work needs to be held up in the face of new technologies. As the public's access to technology increases, so must law enforcements access to tools to investigate crimes. This is not to say there should not be checks and balances, but that getting a warrant already is a check.
>An ISP is a legal entity that has a certain relationship with its customers. This includes identity and at least some form of monitoring (logging and cooperation with authorities).
This a truth that is really bad for society, and goes against every form of common carrier principles made over the last few hundred years (ever since the postal service started). Is't it a bit odd that as soon humanity was able to identify and monitor everyone, it suddenly became the moral obligation to do so?
Here's a notorius austrian court-appointed linguistics "expert" who became infamous during the trial of animal rights activists accused of forming a terrorist group:
He claimed to be able to prove with near certainty that one of the defendants wrote some letters and articles whose real authors were named in the trial, by using contrived (and obviously error-prone) text analysis methods some real linguistics experts called absurd.
The defendants were all acquitted by the judge, who was subsequently moved to a much less prestigious job, while the prosecutor was promoted.
So yes, there are show trials in Austria and the defendant in the Tor case hopefully wasn't a political activist.
That's not what I meant. Given the chronic technophobia of the legal system and the current laws, they practically don't have a choice. He's not a telecom company, so he'll be responsible for whatever his IP address hosts. The seedy nature of Tor doesn't help here either.
>He's not a telecom company, so he'll be responsible for whatever his IP address hosts.
I would challenge you to point to a specific law that actually says that. I'm not saying you can't (there are a lot of countries in the world with a lot of ridiculous laws), but what you're saying would prohibit internet cafes, public libraries with computer terminals, coffee houses or hotels with wifi, etc., because none of them are telcom companies and they allow unauthenticated or poorly authenticated members of the public to use their IP address.
The truth is complicated. But if we're trying to get things to work how they should work, raiding Tor exit nodes just because they're Tor exit nodes is not in the cards. Even if the existing laws are defective in some jurisdictions, they can be fixed, and in the meantime police and prosecutors are very often allowed the discretion to not go out of their way to harass potentially innocent suspects. I may be asking too much asking for them to actually exercise it.
If the police are sophisticated enough to track illegal activity to this guy's IP address, then they ought to be sophisticated enough that they will also perform some digital forensics on his computers (not to mention, smart enough that they can probably understand vaguely what Tor does). If he's really involved in something, they will expect to find some evidence of that on his machine. If it's coming from other users, through Tor, then the evidence ought to demonstrate that.
If the guy has a halfway competent lawyer, that is not what the judge will think. This grossly oversimplifies the exigencies of law enforcement versus the courts. Law enforcement is forced to take down things like exit nodes because they have no other way of tracking down the originators. Whether that will stick in court is an entirely different matter.
It's the primary reason why running an exit node on your own is considered an unwise move. That guy is responsible for the IP addresses he uses. A telecom company, on the other hand, wouldn't be.
It’s a separate issue, but raids and seizures itself are very problematic. The police will usually take everything with them and keep it for months.
That made sense some decades ago when they took mostly binders with paper, now it in itself can act a lot like a punishment. Computers are not just vessels containing data, they are also tools. It’s unreasonable for the police to take away tools for months.
It's probably part of the police mentality of "He's a suspect, that means he's guilty, but if we can't prove it in court we know he'll get off."
So they punish him extrajudicially by taking as much stuff as they can, delaying as long as they can sending it back, and sending it back in as poor condition as possible.
If they Google him and realize he's begging for legal defense funds online, they'll know he's not strong enough to sue them.
That precedent will also need to be tested. Taking someone's equipment, especially when devices are becoming more and more concentrated, is beyond reasonable search of focused investigations. Think about it; when you take someone's laptop, tablet, and smartphone, you are also taking their camera, filing cabinet, scanner, copier, mailbox, picture frames, flashlight, catalog, telephone, gaming console, accounting records, financial documents, pens, wallet, cash money, watches, personal records and records, random people's belongings, keys, notebooks, drafting table, ... and on and on.
What the government in this case, just like all similar cases is doing is essentially as if the FBI came busing into your house and had goons investigating and randomly milling around your house continuously for months if not years. It, at least in the USA, does not hold up against Constitutional protections of reasonable search and seizure. I just don't think it has been tested thoroughly enough.
There is a reason you are not legally just allowed to seal off and load up someone's house, office, business, and cars and keep them hostage indefinitely because some random person may have committed a crime on your property. The precedent for physical evidence has been set and it equally applies to the digital, if tested properly, whether gov't or their corrupt henchmen can wrap their puny, deranged, atrophied, and primitive minds around it or not. Why don't we just go back to the "BAD.....SMASH!" system of legal jurisprudence if blanket taking of everything plus the kitchen sink is ok.
Wouldn't it help if exit node were run by associations renting some office space instead of individuals ?
I mean, the president (and other members) of the association can still be charged with criminal offence, but having a legal structure might help. At least they should raid the association's office instead of the member's homes.
There's a lot of conversation in this thread about how they take the whole computer.
I can say that in 2006, in San Francisco, the police took just the hard drives out of a tower PC in my apartment. They left the tower itself. (They were after my roommate, but since I had hardware in the "shared spaces", it was impounded along with all of his stuff. It sucked.) They also took all of the laptops whole (including my girlfriend's).
The police held on to the equipment for months. We tried everything short of hiring a lawyer to get it back, but they would not release it until they actually finished the case against the guy and he got out of jail. Then, magically, our hardware was available to come pick up.
Given that they had been working the case for months, I imagine that they were just sitting on the hardware long after forensics was done with it. Punitively, I suppose. Luckily, my employer at the time was very gracious and loaned my girlfriend and I hardware so we weren't completely out of pocket.
When the hardware was returned to us, we had to go pick it up. The guy handing it back over made some asinine comment about "you shouldn't be copying music", and we were free to go. Everything was in bad shape. There was tape all over things, one power adapter never came back, and my girlfriend's external hard drive enclosure was cracked and clearly had been dropped.
Pro tip: if you share space with someone, make sure your hardware lives in your private space. Don't leave your computers in the living room, or they will become confiscated if the people you live with get in trouble.
Don't live with someone who is likely to get raided, either. I've seen the quality of training of local police; if they come in with guns drawn, it doesn't matter as much that you're not even listed on the warrant; you might get shot.
Encryption keys in a TPM? RAID configurations which depend on physical cabling setups? Storage that can't be physically removed? There are a thousand ways that taking the "hard drive" from a computer will end up losing information that would be recoverable with the whole device. It's not really reasonable to expect police departments to do IT foresics on site during a search.
That doesn't mean that the seizure is "justified", but there are no simple answers either.
Amusingly, the time police raided my stuff (well, they went after my roommate, and my stuff was in the living room and got taken along for the ride) -- they took the hard drives out of my media server. It was a software RAID-5 setup.
I imagine that they have the technology to rebuild the drives, but I have always smiled at the thought of some tech sitting there trying to rebuild this and wasting weeks of his time trying to figure out exactly how everything went. (It was actually a really terrible partitioning setup that was non-intuitive, with a "dead" partition that wasn't part of the RAID and used for reduced redundancy storage.)
I have no experience whatsoever in forensics, but here's why I would want all the hardware if someone asked me to analyze a system as a generally tech-savvy guy:
1) Some raids take PCs while they're still on, in order to preserve things like encryption keys in memory or cached passwords. It's possible to transfer a running PC over to a battery-powered outlet for transport, then to lab power for analysis. This would be very useful if the machine was using full-disk encryption.
2) Having a full disk image gives you the data, but the easiest way to see how the data behaves is to actually boot up the machine (after imaging the drives, obviously) and see it as the suspect would. There might be subtle differences in behavior if you use lab hardware rather than the actual hardware, and there's even a chance of something crazy like the suspect using a modified Linux kernel that wipes his drives if it detects different hardware.
3) It's a pain in the ass to remove hard drives in some guy's living room when you can just haul the whole thing back to the lab and do it there. I suspect that laziness generally wins over the inconvenience to a potential suspect.
What needs to be established, is government's requirement to have forensic experts do onsite justifications for what should be taken and then duplicate only relevant data (i.e., not pictures of your girlfriend's booty if not relevant to the case) and make an even stronger case for seizure of hardware based on deep relevance to the matter at hand, which should already have been thoroughly established beforehand (beyond "take anything that has operates on any kind of form of electricity).
But how do you determine what data would be considered relevant? It is possible for incriminating data to hide in plain sight, such as in an image file that looks like a picture of your girlfriend's booty.
If I'm remembering correctly, when they 'investigate' they ensure that the setup is identical to it's original form - including the same mouse and keyboard.
Depending on the specific laws in Austria, being an exit node operator may make him as guilty as whomever was actually perpetrating the crime. Even if this specific case works out, governments in general won't take Tor or similar services lying down. For every privacy innovation, there is a lawmaker with the will and the means to destroy it.
As Tor becomes a part of more and more investigations, courts and lawmakers will begin to address the issues such networks present. Based on the unsavory reputation of the Tor network as a whole, prosecutors will begin arguing that the exit node operators know of the strong likelihood that they are enabling criminal activity, and will start asking juries to convict them as co-conspirators. If that doesn't work, they will begin lobbying their lawmakers to codify criminal responsibility for them.
It wouldn't be that big of a deal if the cops just searched his computers/hard drives, concluded he wasn't involved in the child porn, and gave him his hardware back with a "sorry for the inconvenience".
But it doesn't happen that way. If Austria is anything like the US, he will never get his property back. So it isn't a temporary inconvenience, he's been punished permanently before even getting a trial. And when this case does go to court, even if he wins he'll be very lucky to get his property back.
I absolutely agree that seizure rules need to be SEVERELY reformed, and that the way that seizures are currently carried out is unacceptable. However, I don't think that it fundamentally changes the situation in this case. Until seizure rules end up getting reformed, law enforcement plays with the hand they've got, not the hand we wish they had. If the choices are between "permanent" seizure or just walking away from a suspect, they'll go for the seizure every time.
Seizing equipment for at least some period of time is absolutely necessary for any kind of forensic examination. It's part of the cost of having laws, and the imperfect nature of human justice means that that cost will occasionally be paid by the innocent as well as the guilty. I agree that that cost should be lower so that innocent people are not unduly punished, but there will always be a cost.
It is reasonable if the government wants to kill the tor network and start censoring internet, by scaring people off running tor nodes. If they succeed in this case more countries may follow, so it is important to win this.
So given that attitude, how do you deal with the problem of exit node operators possibly performing illegal activities themselves? Should running an exit node give you blanket protection from any kind of investigation due to traffic coming out of your network?
I am a TOR exit operator and I strictly follow the guidelines established by the EFF. I never connect to my exit nodes for any purpose other than routine maintenance and when I do, it's well documented: times, purpose, etc. By minimizing my access, I remove myself from suspicion for any activity done through my node.
I believe the quote is "Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety.", and it's not clear what essential liberty is being compromised here.
> Protections for anonymous speech are vital to democratic discourse. Allowing dissenters to shield their identities frees them to express critical minority views . . . Anonymity is a shield from the tyranny of the majority. . . . It thus exemplifies the purpose behind the Bill of Rights and of the First Amendment in particular: to protect unpopular individuals from retaliation . . . at the hand of an intolerant society.
In what democratic discourse are child porn traders engaged in? Protest over age-of-consent laws?
I don't think that is as clear cut as you make it out to be.
But yes, child porn, hate speech and a few other things might not be "essential for democratic discourse". I'm still not convinced censorship is the best tool to help fight the underlying problems. And I do believe the underlying problems (hate, violence, in some cases mental disease) should be dealt with -- I'm unconvinced the media files actually do much harm on their own -- due to the nature of their contents in general.
Now we need laws to limit speech that attacks and harms people (such as being able to prevent people from (legally) distributing pictures and film on the Internet against our will) -- and it is natural that government does that on behalf of those that are not adult and/or have guardians that can do it for them.
But there is a difference between that, and a blanket ban on media based on the imagery contained within.
Child porn would at least be relevant as evidence in a trial, and possibly (with victims not recognizable) in media cover of such a trial.
Child porn is not a legitimate exercise of the first amendment anymore than shooting sprees are a legitimate exercise of the second amendment. The government has a legitimate interest in stopping such speech, just as it has a legitimate interest in prevent sprees.
So far, the people on your side of the argument have only been able to draw lines in the sand and insist that ISPs and exit nodes are the same. They, and presumably you, claim without justification that "bad" speech cannot be pursued without chilling "good" speech. Your comment adds no real world understanding of this fact: people don't want child porn to be traded over the Internet. Your case that political speech cannot be free unless child porn is free, is uncompelling and lacks nuance.
> Child porn is not a legitimate exercise of the first amendment
>They, and presumably you, claim without justification that "bad" speech cannot be pursued without chilling "good" speech.
> Your case that political speech cannot be free unless child porn is free,
Sigh. Yet another senseless, dangerous, and borderline libellous misrepresentation.
Allow me to strongly state this in no ambiguous terms: I do not oppose laws banning the production, distribution, or possession of child pornography. People who participate in any of those acts should be arrested and given a fair trial by a jury of their peers. I support these laws. I am not, IN ANY WAY, saying, suggesting, or attempting to appear as though I am suggesting, that I think child pornography is protected speech.
Is this clear now?
What I am arguing [snip]
Edit: You know what? Forget it. I am not participating in this discussion at the risk of being so thoroughly misunderstood. Not with this topic. It is not worth it.
Well, you started off with such a contemptuous and condescending tone, but you missed a crucial distinction: nobody is saying that you don't support outlawing child porn, the question is whether or not you prioritize the preservation of hypothetical free speech (the case where speech is so constrained that Tor is the only/best avenue for free speech) over the enforcement of the laws which you feel compelled to declare support for.
So, less yelling, less sanctimonious wailing over how you're so misunderstood -- say how you think your priority of theoretical free speech isn't a de facto endorsement for transmission of child porn.
It does not have the effect of defending, nor the effect of endorsing.
It does have the effect of meaning that some bad guys will get away, but that is how we as a society have agreed that our justice system should work. This is not a de facto defence of crime, nor endorsement.
Imagine how much easier catching bad guys would be if we did not require warrants before searches. Would you accuse someone who insisted that warrants were necessary of in effect endorsing or defending crime?
This is the real world, not a cop movie. We don't get to catch all the bad guys, and we don't get to break the rules to try to catch all the bad guys.
Recognition of this reality is neither a de facto defence nor a de facto endorsement of crime. People calling for proper conduct and moderated response to crime are not, unlike the internal affairs guys or judges who throw out cases for technicalities in movies, secondary antagonists.
I don't mind if you disagree with me when I say that in this case there is a line that should not be crossed without great care. That is a statement of opinion. Justice is an imprecise art, disagreement is to be expected. What I do have an issue with is you accusing me of endorsing or defending the crime, in a "de facto" manner or otherwise. I simply am not, and with this particular crime allegations like these can be incredibly damaging. It is not a joke to me, I have to take it seriously.
B) You haven't shown that there is something gained by letting child porn traders go, which is worth the cost. With due process, courts and warrants, we know what the upside is -- it's not clear what real benefit Tor provides us in exchange for letting this kind of activity go on. (Well, to me it's clear what the supposed gain is, and that it's not a fair trade)
it's not clear what real benefit Tor provides us in exchange for letting this kind of activity go on
How about letting people in countries like Iran and China have a fighting chance of getting the word out about what's really going on there? Does that count?
How about letting people who are being stalked by creepy ex-spouses or ex-significant others have a chance of doing things online without being tracked? Does that count?
How about letting people who are afraid of reprisals speak inconvenient truths without being silenced? Does that count?
Basically you are saying these kinds of benefits aren't worth the chance of letting someone distribute child porn using Tor. That seems ridiculous to me.
I never said you endorse it. I said the position which you take has the effect of endorsing it. At the least, the position you appear to support requires a person to ignore this particular crime, or accept it as a necessary consequence. So far you have not explained why this particular feature is something society should accept.
In my opinion saying that there is something so valuable to be preserved that we should countenance the perpetration of a crime to achieve it, is endorsing that crime as a necessary component of the goal. People who endorse due process admit that allowing criminals to escape justice is a necessary feature, and in some sense are endorsing a system where some criminals avoid capture. So are free speech purists endorsing the necessity of a means for conveyance of child porn, so as to facilitate other speech.
That's not the same as saying that free speech purists endorse the porn itself, only the necessity of the freedom to transmit it.
What does the reality of what freedoms we actually enjoy have to do with what freedoms we should expect others to demand?
I may not have freedom of speech in the US, but I sure as hell can demand it. I expect to be given that freedom, even though I do not expect that will ever happen.
People have a choice. A person can demand freedoms while obeying existing laws, or they can ignore existing laws and demand freedoms while they're in jail.
Absolutist freedom of speech is not, even in the US, something that everyone wants. Most people are reasonably comfortable with governments restricting access to some items. The list of items and the amount of resistance varies, but restricting speech by preventing people distributing images of child sexual abuse is pretty much established.
I believe you are mischaracterizing the concerns people actually have. I am not particularly concerned about the absolute rights of pedophiles, but I am concerned by what I perceive to be the abridgement of the rights of innocents for the purpose of pursuing the distasteful elements of society. Law enforcement becomes much much easier when you are willing to inflict collateral damage. Uncompromising voices of opposition to that are a welcome foil to those who would see no end to the powers of authorities.
> Is it reasonable for the police to investigate an exit node operator for traffic coming from his node, even if they know he's an exit node operator?
In theory, you are right and the police would probably need to examine his servers to determine whether Tor was involved in this. In practice, they will probably just harrass people in the hope that they will confess and keep his servers for a long time (or forever) because they lack the expertise for such an investigation.
I think the root problem is that modern governments aren't trustworthy with our freedom of speech, which leads people to try to hide their perfectly legitimate free speech activity, but criminals want to hide too so it's an inherently dodgy proposition. The only really good solution is to fix the governments so we can have an era where people can feel free to exercise their freedom of speech without repercussion from barbarians.
No, the root problem is not modern governments, it’s modern social norms. Which, frankly, aren't a problem, they just are. That is why anonymity and security are important, despite the government's position (which will often reflect social norms). Try to engage in unpopular speech and then later apply for a job. Or simply try to be a public figure whilst trying to have some privacy.
There will always be a place for these tools because there will always be people not just governments, who disagree with you and are willing to show you how much.
So, you actually think that social norms are not a problem? Seriously? What about the norms that led Galileo to house arrest, or many to being burned at the stake, etc. etc.?
I think it's a pointless exercise. They just "are", simple as that. Problem or not, there's no point in trying to judge a society by some arbitrary set of rules that really don't understand how it got there or why those norms exist.
My point is that if you feel they are a problem then you need tools to protect yourself while you work to change those "root causes".
It's not "arbitrary" to decide e.g. that German society should not put Jews into a gas chamber. Your ideas here of not judging norms are just deranged and you should fix that, just like societies that have accepted deranged norms should fix them. You may think my standards here are arbitrary but you need to fix that.
The Nazis made sure to eliminate anyone who would obviously be opposed to their goals well before they implemented them on a national scale. That had two important effects: it silenced the voices that would decry them, and had a chilling effect on the rest of the populace.
Hence, why anonymous speech is important. You cannot influence the norms of a society that will kill you or otherwise ostracize you for voicing opposition to them.
Also, if you feel the best way to make your point is to Godwin the topic, it's time to take a step back.
The way I see it, it's their job* to determine whether the traffic in question was relayed, or whether it was the exit node operator himself generating that traffic. In an ideal world, they could just call him up and ask nicely - but if he was actually guilty, he'd say "No, no way it was me!" and immediately start destroying any evidence. On the other hand, raiding someone's home or server rack and confiscating all of their computers isn't a great solution if most exit node operators are not guilty themselves.
I'm not aware of a good solution that avoids inconveniencing exit node operators without giving them some kind of blanket immunity to investigation that goes beyond just relayed traffic.
* - I'm aware that this might be impossible, but you can't know whether it will be ahead of time. It's possible that they could raid him and find no proof, even if he's guilty. It's also possible that they could raid him and find exactly what they were looking for. Like many investigation tactics, there's no guaranteed payoff.