-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Hello,
I am not from UK so I am also not familiar with the legislation there, but running an exit should be perfectly fine.
Your ISP cannot "press" you to do anything! Only a govt. authority or law enforcement authority or judge can legally press you to do something ,and you really have to do it. The ISP doesn't have any power over you, regardless, worst case scenario they can suspend your service if they forbid Tor in their terms of usage and you have agreed to them when you subscribed. But that's all.
The evidence of malicious traffic coming from your exit is a false positive, and you should explain that to them. Your server does not send any traffic of its own, unless not compromised, it just relays anonymous traffic for Tor users (kind of an open proxy) which you do not initiate, monitor or control therefor you cannot be held liable for it.
On 9/8/2015 11:04 PM, Jonathan Baker-Bates wrote:
I run an exit node with an ISP who initially indicated they would not have a problem with Tor as long as I was transparent about what I was doing, and ran a sufficiently reduced exit policy.
They have now sent me evidence of malicious traffic coming from the exit. I don't think they've had any 3rd party complaints about this traffic, but they have expressed various misgivings about Tor in general. They now also want me to consider running Snort IDS on the outgoing traffic.
I don't intend to monitor my traffic. But it occurs to me I don't know whether my ISP needs to be worried about it or not. The last one wasn't, so why them?
I've asked the EFF about the legal situation in the UK, who passed me to the Open Rights Group. They've not replied to my enquiry as of three weeks ago.
So does anyone know of any reliable source of information on running Tor exits in the UK? What would happen if my ISP pressed me to monitor my traffic, and I refused on legal grounds? I'm not suggesting I actually do that, or that there are even any legal grounds to refuse. In fact right now I'm resigned to closing down the node if my ISP turns up the heat. They probably have me by the balls.
But I'm at least curious, and can't immediately find any information about things like public carrier status, or traffic monitoring conducted by people like me when it's done in the context of onion routing.
Thanks in advance for any help.