Hello there and thanks everyone for your answers to my message about middle relay blocking. Reading them I feel trying to solve the blacklisting of my IP would be overkilling. Since I have a chance to get a cheap VPS, I will try to migrate the relay on it. And since the relay would be on a dedicated IP, I'm thinking about making it an exit. Of course I must consider the law, and I'd like to read some references and listen about experiences from other operators before seeking professional (expensive, I guess) legal advice. My concerns are the following, but I would appreciate any other thoughts as well. The relay would be in Italy so Italian and EU laws apply. 1. Would I bear any responsibility for the use of the relay? I'm aware of the "mere conduit" concept (that is applied in the EU too) but Italy may have some crappy additional law I'm not aware of. 2. Would I be subject to any data retention or data monitoring obligation? 3. Would I be subject to any user identification obligation? 4. Would I risk the police knocking on my door even if the relay runs on a datacenter and not on my home network? Thanks,
Eldalië
-- Eldalië My private key is attached. Please, use it and provide me yours!
Eldalië via tor-relays wrote:
Hello there and thanks everyone for your answers to my message about middle relay blocking. Reading them I feel trying to solve the blacklisting of my IP would be overkilling. Since I have a chance to get a cheap VPS, I will try to migrate the relay on it. And since the relay would be on a dedicated IP, I'm thinking about making it an exit. Of course I must consider the law, and I'd like to read some references and listen about experiences from other operators before seeking professional (expensive, I guess) legal advice. My concerns are the following, but I would appreciate any other thoughts as well. The relay would be in Italy so Italian and EU laws apply.
Thanks for the intent of running a relay especially an Exit one.
- Would I bear any responsibility for the use of the relay? I'm aware of the "mere conduit" concept (that is applied in the EU too) but Italy may have some crappy additional law I'm not aware of.
Not that I am aware of. Please note that I do not reside in Italy but I know personally someone there that holds a hosting / internet related company and has to comply with the laws there. So he is not forced to maintain any data nor have customers identified in any way (not even email address).
- Would I be subject to any data retention or data monitoring obligation?
No. You must act as a public service and not be able to technically filter or examine the traffic (e.g. don't install tracing tools or whatever, don't try to interfere with the traffic).
- Would I be subject to any user identification obligation?
Not at all. You just run an open source software.
- Would I risk the police knocking on my door even if the relay runs on a datacenter and not on my home network?
No, if the relay is not on your home network no. There is a bigger probability for the ISP where you host the relay to be annoyed by abuse emails and try to shut down your service, or also I saw you mentioned VPS - an Exit relay will consume steadily bandwidth and CPU, which are two things hosters don't like when you max use on a shared resource such as a VPS. Probably they will ask you to migrate to a dedicated server that does not have pooled/shared resources. You could probably mitigate by using RelayBandwidthRate and MaxAdvertisedBandwidth torrc parameters to some values...
I think these type of problems will be more of a hassle for you than the "law", because you are not breaking any law by running an Exit relay, to the contrary - you make it better for everyone, for activists and for journalists and to the mission of providing unlimited free uncensored information and news to everyone.
tor-relays@lists.torproject.org