[tor-relays] exit node experience: abuse over HTTP, stealrat infection

Rejo Zenger rejo at zenger.nl
Mon Oct 20 07:11:13 UTC 2014

++ 19/10/14 16:13 +0200 - Manuel Gebauer:
>> ii) in some legal systems this may mean you can be held 
>> responsible for the traffic that is routed via your node.
>Example? In Germany you might (or might not) be responsible for
>traffic you relay. But not relaying part of the traffic doesn't
>change a thing, legally.

First: I was discussing a situation where the policy doesn't get 
published in the descriptor. For example, one is iptables to deny access 
to some IP-space. This is of course different from configuring this 
rejection policy in the Tor configuration file.

As for the responsinilty: I was referring to the e-Commerce directive in 
the EU. Article 12 says: 

    "Where an [...] service is provided that consists of the 
    transmission in a communication network of information [...], Member 
    States shall ensure that the service provider is not liable for the 
    information transmitted, on condition that the provider [...] does 
    not select or modify the information contained in the transmission."

I would says that if an operator rejects traffic using iptables, he does 
do selection of information contained in the transmission. Of course, 
this is different when configuring the rejection in the Tor 
configuration that gets published.

As far as I know, there is no case law, so results may differ. 

Rejo Zenger
E rejo at zenger.nl | P +31(0)639642738 | W https://rejo.zenger.nl  
T @rejozenger | J rejo at zenger.nl
OpenPGP   1FBF 7B37 6537 68B1 2532  A4CB 0994 0946 21DB EFD4
XMPP OTR  271A 9186 AFBC 8124 18CF  4BE2 E000 E708 F811 5ACF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 931 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20141020/cab14004/attachment.sig>

More information about the tor-relays mailing list