[tor-relays] exit node experience: abuse over HTTP, stealrat infection
rejo at zenger.nl
Mon Oct 20 07:11:13 UTC 2014
++ 19/10/14 16:13 +0200 - Manuel Gebauer:
>> ii) in some legal systems this may mean you can be held
>> responsible for the traffic that is routed via your node.
>Example? In Germany you might (or might not) be responsible for
>traffic you relay. But not relaying part of the traffic doesn't
>change a thing, legally.
First: I was discussing a situation where the policy doesn't get
published in the descriptor. For example, one is iptables to deny access
to some IP-space. This is of course different from configuring this
rejection policy in the Tor configuration file.
As for the responsinilty: I was referring to the e-Commerce directive in
the EU. Article 12 says:
"Where an [...] service is provided that consists of the
transmission in a communication network of information [...], Member
States shall ensure that the service provider is not liable for the
information transmitted, on condition that the provider [...] does
not select or modify the information contained in the transmission."
I would says that if an operator rejects traffic using iptables, he does
do selection of information contained in the transmission. Of course,
this is different when configuring the rejection in the Tor
configuration that gets published.
As far as I know, there is no case law, so results may differ.
E rejo at zenger.nl | P +31(0)639642738 | W https://rejo.zenger.nl
T @rejozenger | J rejo at zenger.nl
OpenPGP 1FBF 7B37 6537 68B1 2532 A4CB 0994 0946 21DB EFD4
XMPP OTR 271A 9186 AFBC 8124 18CF 4BE2 E000 E708 F811 5ACF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 931 bytes
Desc: not available
More information about the tor-relays