Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Face Jail Risk For Tor Snooping Study

Posted by CmdrTaco on from the learning-is-dangerous-business dept.

An anonymous reader writes "A group of researchers from the University of Colorado and University of Washington could face both civil and criminal penalties for a research project (PDF) in which they snooped on users of the Tor anonymous proxy network. Should federal prosecutors take interest in the project, the researchers could also face up to 5 years in jail for violating the Wiretap Act. The researchers neither sought legal review of the project nor ran it past their Institutional Review Board. The Electronic Frontier Foundation, which has written a legal guide for Tor admins, strongly advises against any sort of network monitoring."

4 of 121 comments (clear)

  1. They can't be stupid. by Hyppy · · Score: 4, Interesting

    How could these researchers not know that they were engaging in illegal wiretapping?

    On the other hand, the story is hypothetical. No charges have been filed, and there's no real evidence that the government could give a flying flip.

  2. OT factoid... by Anonymous Coward · · Score: 5, Interesting

    Interestingly, I was once banned from /. for running a tor node. When I found out and emailed the admins they asked if I was running a tor server - I replied in the affirmative but had since taken the node down because my SOHO router wasn't up to the task.

    The /. admins were very nice and restored my access almost immediately but I found the whole process interesting.

  3. Are they really not covered, though? by void* · · Score: 4, Interesting

    IANAL, but following the link from the article to
    18 USC 2511, reading 2(d)

    "It shall not be unlawful under this chapter for a person not acting under color of law to intercept a wire, oral, or electronic communication where such person is a party to the communication or where one of the parties to the communication has given prior consent to such interception unless such communication is intercepted for the purpose of committing any criminal or tortious act in violation of the Constitution or laws of the United States or of any State."

    Couldn't it be argued that since they are running the TOR server, they are a 'party to the communication', and are thus covered by this exception?

    I mean, the client connects to them, they're a party to that communication, they connect to the server, they're a party to that communication ...

    --


    Code or be coded.
  4. Re:You can't jail them@ by smallfries · · Score: 4, Interesting

    How is their study either unethical, or illegal as you have claimed? Ignoring your hypothetical marijuana study as completely irrelevant you seem to have missed the key points in what they did.

    They did not run a "wiretap" as claimed. They monitored the traffic at a tor node that they controlled. People willingly sent them the information that was supposed to be private.

    Their study is a scientific investigation into whether the privacy claims of Tor can be sustained. They cannot - the system is open to abuse. This is an entirely ethical study into the claims made by Tor, and furthermore this is exactly how good empirical science should work.

    --
    Slashdot: where don knuth is an idiot because he cant grasp the awesome power of php