Slashdot Mirror
Web Hosting For Privacy Activists?
BritishColumbian writes "I'm thinking about setting up a Web site driven by user submissions. I was wondering which locations have the most liberal (i.e., libertarian) privacy laws. There are some great hosts in the US, however there have been so many FBI requests for user data that I don't want a server hosted under US jurisdiction. Does anyone have any thoughts/suggestions as to a suitable jurisdiction? It doesn't look like Sealand's HavenCo is guaranteed to be privacy-friendly any more."
What's wrong with geocities? :p
I host my website from a mini server taped to the back of the toilet in a local coffee shop with free wifi. I change the battery twice a month.
I don't want a server hosted under US jurisdiction. ...as of lately, nearly the entire planet is under US jurisdiction.
Tor has a few blog hosts available. That way nobody would know who's hosting it. Of course, only tor clients could see the blog....
OTOH, you could just create an account on blogspot while you're on Tor, and only post to it via Tor. That should keep you kinda safe, as long as you don't reveal yourself on the blog.
Care about electronic freedom? Consider donating to the EFF!
https://www.nearlyfreespeech.net/ They will allow you to pay in cash, anonymously.
Write your own Choose Your Own Adventure. http://www.freegameengines.org/gamebook-engine/
xs4all.nl is brave enough to face $cientology in a 10-year lasting court case. And winning!
hosting in another country won't save you. if they find out who you are the government will just arrest you anyway, they don't even need a real reason these days.
If you mod me down, I will become more powerful than you can imagine....
Bluntly put, but not untrue.
Basically, you're going to have to pick the least-bad option. The idea of 'data havens' where conventional meatspace law doesn't apply is sadly seeming more and more like a lost concept. It seemed possible during the early 90s, when government and the big corporate interests really hadn't caught on to 'the Internet,' but now that they have, it's going to become more and more regulated, just like every other area of human endeavor. It was fun while it lasted, I guess, and it'll make a neat story to tell our kids about, but the party's basically over.
Where you want to go depends on the specifics of what you're doing. Political speech, particularly political speech directed at other countries, is relatively well-protected both in the U.S. and the E.U. Although I'm pretty unhappy with the current security paranoia here in the U.S., I think it's unlikely that you'll get in trouble unless you actually start advocating 'direct action' (terrorism) or have a cozy relationship with people that do. In terms of formal legislative safeguards on political speech, the U.S. has a more absolute freedom-of-speech doctrine than many European countries and Canada.* Where you will run into trouble in the U.S. (viz political speech) is when you are saying things that can be construed not as speech but as 'action' or as appeals to action. Saying things that are highly politically unpopular in the U.S. may get you put under surveillance or monitoring, but probably won't land you in a lot of legal trouble or get you locked up. Bottom line: if you're looking to deny the Holocaust or write nasty-but-true things about just about anyone, the U.S. is the place to do it.
Where the E.U. becomes the superior venue is if you're doing things that would be a crime under certain U.S. intellectual-property laws drawn up by the megacorporations that essentially own large chunks of Congress. Hollywood is a double-edged sword: it likes freedom for political speech, but really hates freedom if it might negatively impact this quarter's bottom line. Thus while you can advocate genocide in the U.S., linking to copyrighted material may land you in prison. For that sort of thing, you're better off in Europe, probably as far north as you can get. (E.g., Sweden.) You're also probably better off in Europe if you're looking to do something that's edgy and involves sex; I'm not sure that the laws per se are a whole lot better, but overall attitudes may result in those laws not being used as aggressively to bludgeon you.
There are more minor specialty venues that you might want to consider if what you're doing involves money changing hands. Antigua in particular seems to be a popular choice for shady financial-transaction sites (cf. 1MDC) as well as gambling. Exactly how tolerant they'll be of (U.S) copyright-violating material, as a result of the recent trade decisions, remains to be seen. I wouldn't hold your breath for a Bittorrent Free Zone, though.
I admit to not knowing a whole lot about privacy laws in Asian countries but I get the impression that they're more restrictive than the U.S. in many cases. One datapoint: 2chan, the popular Japanese imageboard, is run out of the U.S. to shield it from Japanese authorities and law.
Really, I don't think there's any place you can go where you'll get 'total freedom,' except maybe Freenet (and it's really slow and impractical to use). You need to think hard about what type of content is going to be the most problematic, and then choose a hosting location that's going to be least hostile to it.
* To wit: Many European countries prohibit certain types of political speech under the guise of 'hate speech' laws and anti-Nazism/fascism policies. Although Canada isn't nearly as bad, their Bill of Rights-equivalent document, the Charter of Rights and Freedoms, "guarantees the rights and freedoms set out in it subject only to such reasonable limits prescribed by law as can be demonstrably justified in a free and democratic society," a cave
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
And you might consider consulting one (if you have the money). You might also consider exactly what sorts of liability you'll be exposed to and search for jurisdictions with the most lax regulations in that area. You say that your site is going to be driven by user submissions . . . are you worried about copyright? You say you're worried about the FBI requesting user data, is there any particular reason you think the FBI will ask for your user data (that is, will you be requesting submissions on political/revolutionary/Islam topic areas? I suppose one could even piece together a user submission website dedicated to the discussion of criminal activity and how one might go about practicing crime . . . clearly an exposed place to be).
Also remember it isn't only the FBI that can compel disclosure of user identities. The Think Secret/Apple, Inc. lawsuit proved that. A foreign jurisdiction might make it really hard for the government to get at user data, but make it really easy for private parties to do so in a lawsuit. Also consider, however, that if your servers are in a foreign jurisdiction then U.S. constitutional guarantees may not apply (you might say that they don't apply here anymore, but I would submit that they protect you at least a little bit). That could mean that if the government wants your user data, and the servers are outside the U.S., they could tap/hack/physically break in and get the data they want w/o even the pretense of judicial sanction, and w/o even the possibility of court action for you.
My point here is that jurisdictions treat privacy differently across subject areas and differently depending on who's asking or taking the data. Find the subject area that your website most squarely fits under, and then find a jurisdiction with the most protective privacy laws, on the whole and against everyone you're scared of, for that subject.
This is essentially how most commercial webhosts in the U.S. operate as it is. They'll protect you if you're just irritating some guy whose only weapon is to write angry letters, but the second you tick off someone with a lot of lawyers and cash to burn, you're up the creek without a paddle.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
Singapore?! The you-must-register-to-buy-chewing-gum country? I don't think so.
The masses are the crack whores of religion.
There are two big things with this.
:)
:) (short story, our customer handed over an exploited server. It was only because it was exploited, it had nothing to do with the content. They had already put a new machine up with restored content, as good exploit protocol suggests.)
:)
First, any provider can and will give in to pressures. Just because they're not "in" the United States doesn't mean that they won't be leaned on by the United States.
Every provider connects to someone else. Otherwise, you being on your residential Cable/DSL/whatever wouldn't be able to reach Rajhed's IndiaPorn.
Being that it is true, the gov't could simply lean on American held companies, or companies with American interests, to find out who you are, find out what's on your servers, or simply get you unplugged. Just because you host at Sealand, in central Siberia, or whereever, you still run the risk of provider A strongly encouraging provider B to do something about it.
Been there. Done that. Got the Federal agent sitting in my office about it. Of course, I played stupid until I found out what the hell he was talking about, and then made some phone calls to find out the rest of the story.
Second, what the hell do you think you're going to say, that will get the feds knocking on your door, on the hosting facility's door, etc, etc?
I run http://freeinternetpress.com/ . If you read what we say, and have said for years, by all the legend of the National Security letters, we quite likely should have our phones tapped, servers confiscated, and been visiting Southeastern Cuba for more than a few days.
In reality though, we've had every (like, EVERY) intelligence agency in the world read our news. That was scary at first, but I made some friends (through other means) who had worked in intelligence, and they broke the bad news to me. The feds aren't watching us because they're interested in getting us. They're watching us because we are a good news source. Even though we've NEVER had a single contact regarding Free Internet Press, we're read every day. Above that, you'd be surprised to find out how many intelligence agencies there are out there. It took us quite a while to decode a lot of the hostnames, even when we ran them up and down a few of our grapevines. My favorite that I still like to brag about is eop.gov . They were monthly visitors.
I haven't bothered to re-check our logs to see what odd hostnames come in any more. It's entertaining, but serves no other purpose.
I'm VERY close with my hosting company. (like, VERY). I'd know the moment they were sniffing around, mostly because I'd be the one to open the cabinet door for them.
If it came down to it though, we'd just dump the hostname off to another server (I have a few spare hosting accounts in my pocket, all under different people's names, at different facilities), and put it right back online with a big notice "WE GOT SHUT DOWN BY THE FEDS, Here's the documents!"
If I didn't do it, there are a dozen or so other people with enough access to do it for me. Like, if I ended up in Southeastern Cuba, with an orange jumpsuit, a blanket, and a copy of the Koran (they issue 'em to everyone, from what I understand).
So, what's going to keep you from landing in hot water?
1) Don't say you're going to kill someone.
2) Don't threaten to blow something up.
3) Don't make claims above and beyond anything you're really willing to do.
For example (EXAMPLE!) if you were to say, "I'm going to blow up the Whitehouse tomorrow", if you're not serious, you're stupid for saying it. If you are serious, you deserve to get beaten down and thrown in jail for a long time. While I'll disagree with
Serious? Seriousness is well above my pay grade.