[tor-project] The Tor Project Social Contract

Paul Syverson paul.syverson at nrl.navy.mil
Sun Aug 7 15:18:43 UTC 2016

On Sun, Aug 07, 2016 at 06:02:26AM +0000, Matthew Finkel wrote:
> I worry this commitment is becoming lengthy, but it's important and
> I'm glad Mike started this discussion. I also just noticed a slight
> contradiction that's now arising regarding restricting access to our
> tools. I'll try rephrasing it. I also sometimes mis-read the first
> sentence and coupled "less simply" instead of "simply being". I'll
> include a suggested rewording for that, too.

I think the rewording is good. I'm not entirely happy with the
connotation of the "improving the security of all users" sentence,
however. Somehow to me it more conjurs up images of thinking as one is
coding that this tool is too dangerous and advanced for the unwashed
masses than does the rewording I attempt below. (I almost used
'supervened' rather than 'superceded', but that goes perhaps too far
the other way: We made this tool with no idea of the danger we were
getting into, and then had to take action because the resulting
insecurity was too great. 'Dominated' would be another possibility vs.
'superceded', but perhaps gives the wrong connotation to those not
inclined to think in terms of lattices, orderings, etc.)

One other suggestion affecting both "becoming lengthy" and the
disconnectedness you noted below. Why not split it into two
commitments? Thus

   The more diverse our users, the less is implied about any person
   by simply being a Tor user.  This diversity is a fundamental goal
   and we aim to create tools and services anyone can access and use.
   Someone's ability to pay for these tools or services should not be
   a determining factor in their ability to access and use them.
   Moreover, we do not restrict access to our tools unless access is
   superceded by our intent to make users secure.

   We expect the code and research we publish will be reviewed and
   improved by many different people, and that is only possible if
   everyone has the ability to use, copy, modify, and redistribute
   this information.  We also design, build, and deploy our tools
   without collecting identifiable information about our users.

Of course that's becoming lengthy in another sense of too many
commitments items, but on balance I think it works.

> Unfortunately, now the last sentence seems like an add-on and
> doesn't fit very well. I think it's an essential commitment we
> should make, but maybe it doesn't belong under #3? Is #6 a better
> place? On the other hand, now I worry this focus on free access
> encourages advertisement-based solutions which are generally not
> suitable for our goals, and explicitly saying we don't collect
> identifiable information maybe prevents this. Should we mention
> third-parties? This seems like a rabbit hole...

Hopefully the split above, addresses most of this.
WRT third parties, I don't think we want to take the red pill here.

> I think it's important we remember this is an aspirational document,
> too, and not strictly something that describes what we do or could
> do in the future.



More information about the tor-project mailing list