++ 09/03/15 06:16 +0000 - oneofthem@riseup.net:
Can someone point me to an overview of the different legal situations for running tor relays in European countries? I'm especially interested how the situation differs per country.
I can't really help you: I don't have the overview of Europe, nor I am a laywer.
Having said that, in the Netherlands there would be two considerations to make when running an exit-relay.
1) Your provider may consider your use breaching their AUP. You may be held responsible by your provider for the traffic to the internet that is leaving your connection, even if in fact it is the traffic of others. So, if someone else using the Tor-network, is incidentally using your exit-node and is doing something your provider doesn't like (e.g. sending spam, doing hacking attempts), your provider may complain to you. As you are not in the position to stop this, your provider may disconnect you.
However, there's this clause in the eCommerce directive stating that you can't held resonsible for what is leaving your connection if you are only relaying the information (provided you meet three criteria [1]). Whether this also applies to the operator of a Tor-node is unclear: it has never been tested in court.
2) The police may knock on your door and ask you to complain. If someone hacks into a computer while exiting the Tor-network using your relay, your IP-address would seem to be the source of the hack. It's not that unreasonable that the police would ask you to elaborate. This explains why you should never mix your own traffic with that of your exit-node.
In the Netherlands, the police does know about Tor more and more. Consequently, the changes that the police will knocking at your door just before dawn is getting smaller and smaller. Most of the times, the police will be able to tell a exit-node is involved and instead will call you for a visit to the police station (to explain the situation). However, the police of course still needs to consider your involvement for a moment and so may make a different judgement in specific cases.
To the best of my knowledge, the last time a house has been raided just because the IP-address of the Tor exit-node of the owner was the source of malicious traffic was a long time ago. More than six years ago. I have seen reports of people invited to the police station, but those invitations were much more friendly and mostly meant to get a statement on the exit-node the owner was running.
If you do have a different experience, in the Netherlands, please let me know.
I have written about this in Dutch:
https://www.bof.nl/2014/12/17/juridische-risicos-van-het-draaien-van-een-tor...
[1] You do no initiate the transmission, you do no select the receiver of the transmission and you do not select or modify the information contained in the transmission.