Addendem II Re: Addendum Re: The legal basis for Service monitoring Title 18 Section 2511.2.a.i Re: Why TOR Operators SHOULD always sniff their exit traffic...
tor
tor at algae-world.com
Fri Jun 10 03:17:56 UTC 2005
And in addition :)
from the U.S. Code On line via GPO Access
[wais.access.gpo.gov]
[Laws in effect as of January 7, 2003]
[Document not affected by Public Laws enacted between
January 7, 2003 and February 12, 2003]
[*CITE*: *18USC2701*]
TITLE 18--CRIMES AND CRIMINAL PROCEDURE
PART I--CRIMES
CHAPTER 121--STORED WIRE AND ELECTRONIC COMMUNICATIONS AND TRANSACTIONAL
RECORDS ACCESS
Sec. 2701. Unlawful access to stored communications
(a) Offense.--Except as provided in subsection (c) of this section
whoever--
(1) intentionally accesses without authorization a facility
through which an electronic communication service is provided; or
(2) intentionally exceeds an authorization to access that
facility;
and thereby obtains, alters, or prevents authorized access to a wire or
electronic communication while it is in electronic storage in such
system shall be punished as provided in subsection (b) of this section.
(b) Punishment.--The punishment for an offense under subsection (a)
of this section is--
(1) if the offense is committed for purposes of commercial
advantage, malicious destruction or damage, or private commercial
gain--
(A) a fine under this title or imprisonment for not more
than one year, or both, in the case of a first offense under
this subparagraph; and
(B) a fine under this title or imprisonment for not more
than two years, or both, for any subsequent offense under this
subparagraph; and
(2) a fine under this title or imprisonment for not more than
six months, or both, in any other case.
(c) Exceptions.--Subsection (a) of this section does not apply with
respect to conduct authorized--
(1) by the person or entity providing a wire or electronic
communications service;
(2) by a user of that service with respect to a communication of
or intended for that user; or
(3) in section 2703, 2704 or 2518 of this title.
Please note Exception C1 above...
comment requested by EFF Attorneys..
A tor operator
tor wrote:
> In addition I came across these, as I quite often have acted under
> color of law when investigating computer intrusions/assisting law
> enforcement investigations. these are also very interesting
>
> TITLE 18--CRIMES AND CRIMINAL PROCEDURE
>
> PART I--CRIMES
>
> CHAPTER 119--WIRE AND ELECTRONIC COMMUNICATIONS INTERCEPTION AND
> INTERCEPTION OF ORAL COMMUNICATIONS
>
> Sec. 2511. Interception and disclosure of wire, oral, or
> electronic communications prohibited
>
> (2)(i)
>
> and 3a
>
>
> (i) It shall not be unlawful under this chapter for a person acting
> under color of law to intercept the wire or electronic communications
> of a computer trespasser transmitted to, through, or from the
> protected computer, if--
> (I) the owner or operator of the protected computer authorizes
> the interception of the computer trespasser's communications on the
> protected computer;
> (II) the person acting under color of law is lawfully engaged
> in an investigation;
> (III) the person acting under color of law has reasonable
> grounds to believe that the contents of the computer trespasser's
> communications will be relevant to the investigation; and
> (IV) such interception does not acquire communications other
> than those transmitted to or from the computer trespasser.
>
> (3)(a) Except as provided in paragraph (b) of this subsection, a
> person or entity providing an electronic communication service to the
> public shall not intentionally divulge the contents of any
> communication (other than one to such person or entity, or an agent
> thereof) while in transmission on that service to any person or entity
> other than an addressee or intended recipient of such communication or
> an agent of such addressee or intended recipient.
> (b) A person or entity providing electronic communication service
> to the public may divulge the contents of any such communication--
> (i) as otherwise authorized in section 2511(2)(a) or 2517 of
> this title;
> (ii) with the lawful consent of the originator or any addressee
> or intended recipient of such communication;
> (iii) to a person employed or authorized, or whose facilities
> are used, to forward such communication to its destination; or
> (iv) which were inadvertently obtained by the service provider
> and which appear to pertain to the commission of a crime, if such
> divulgence is made to a law enforcement agency.
>
>
> note item iv
>
>
> again comment is invited from REAL EFF Lawyers as we are talking
> about the ECPA now and this is actually what the text of the law says.
>
> a tor operator
>
>
>
>
>
>
> tor wrote:
>
>> Hi All,
>>
>>
>> BTW Chris... you may wish to examine with your EFF Attorney the
>> following section of USC Code Title 18
>>
>>
>> http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=browse_usc&docid=Cite:+18USC2511
>>
>>
>> to wit:
>>
>> TITLE 18--CRIMES AND CRIMINAL PROCEDURE
>>
>> PART I--CRIMES
>>
>> CHAPTER 119--WIRE AND ELECTRONIC COMMUNICATIONS INTERCEPTION AND
>> INTERCEPTION OF ORAL COMMUNICATIONS
>>
>> Sec. 2511. Interception and disclosure of wire, oral, or
>> electronic communications prohibited
>>
>> (2)(a)(i) It shall not be unlawful under this chapter for an
>> operator of a switchboard, or an officer, employee, or agent of a
>> provider of wire or electronic communication service, whose
>> facilities are used in the transmission of a wire or electronic
>> communication, to intercept, disclose, or use that communication in
>> the normal course of his employment while engaged in any activity
>> which is a necessary incident to the rendition of his service or to
>> the protection of the rights or property of the provider of that
>> service, except that a provider of wire communication service to the
>> public shall not utilize service observing or random monitoring
>> except for mechanical or service quality control checks.
>>
>> Note the phrase "to the protection of the rights or property of the
>> provider of that service".
>> Note the prohibition of service observing/Random Monitoring applies
>> to wire communication services only
>> (IE telephone companies). If current case law contradicts this please
>> feel free to inform us all via the with specific cases etc...
>>
>> please chris have the EFF lawyers comment on this aspect of ECPA. I
>> am sure all us on the list would indeed be fascinated.
>>
>>
>>
>> a tor operator
>>
>>
>>
>>
>> Chris Palmer wrote:
>>
>>> Parker Thompson wrote:
>>>
>>> >I'm not so interested in specific legal advice, more a high level
>>> >discussion of when it is good to be a bad guy, and when you're being
>>> >bad for the sake of being good what are the ethical considerations
>>> >and, with respect to Tor (it'll differ case to case) legal
>>> >implications of doing so.
>>>
>>> >I would think this would be a perfect discussion to have in the
>>> >context of Tor, and perhaps the kind of thing the EFF could turn into
>>> >a compelling policy paper to guide the development of this and other
>>> >projects. Further, I see this as far preferable to letting operators
>>> >develop their own best practices on an ad-hoc basis.
>>>
>>>
>>> I understand the need, and I'll fly it past our lawyers to see what
>>> they
>>> think about drafting such a policy paper. They are unlikely to make
>>> strong, specific, forward-looking legal statements, of course.
>>>
>>> I can tell you what I do, which I regard as reasonably safe and polite.
>>>
>>> I run three Tor servers: one at EFF (confidence), one on a machine some
>>> friends and I share (explosivenoodle), and one on my home DSL line
>>> (livingcolour). confidence and explosivenoodle I run in middleman mode,
>>> to minimize annoyance and potential liability for my employer and
>>> friends (respectively). (EFF is considering running an exit server, but
>>> we aren't yet.) livingcolour uses the default exit policy. All three
>>> servers are rate-limited to about 20Kb/s because bandwidth is either
>>> donated and I want to be nice (explosivenoodle), or limited (confidence
>>> and livingcolour). I don't sniff traffic on any of these three hosts,
>>> and I log at warn level, using debug level only for limited times
>>> when I
>>> actually am trying to debug something (rarely). All three machines are
>>> kept up-to-date and run only services I actually use.
>>>
>>> I don't commit abuse through Tor when I use it. That's easy -- "Oops, I
>>> didn't troll on IRC again!"
>>>
>>> I sometimes drive around in the Tor source tree for fun and learning,
>>> but I haven't found any security bugs. If I did, I would simply tell
>>> Roger and Nick. I have reported a few security-irrelevant bugs (and, I
>>> sheepishly admit, non-bugs) to R and N and they have fixed them fast.
>>> There was once a problem with bad interaction between two configuration
>>> directives, for example, which caused Tor not to start. Nick fixed
>>> it in
>>> minutes.
>>>
>>> Hence, for basic operation and examination, the existing norms of the
>>> competent sys admin and white hat security researcher communities
>>> apply.
>>>
>>> As for passing "bad" traffic, so far I haven't heard from my ISP about
>>> any problems with my exit node. Maybe I'm just lucky. There are various
>>> types of complaints, and different responses are called for in
>>> different
>>> circumstances. Get legal counsel, possibly the EFF. See also the Legal
>>> FAQ and our DMCA response template
>>> (http://tor.eff.org/eff/tor-dmca-response.html). Everyone has different
>>> responses to complaints, resulting from the specifics of their
>>> situation, their beliefs and temperaments, the nature of the complaint,
>>> their relationship with the complainant and with their connectivity
>>> provider, various jursidictional issues, and so on. It's hard to make
>>> any general a priori statements about what to do, other than "Call
>>> EFF!". That's obviously what I would do. :)
>>>
>>> I don't know if that helps you or answers your question. I'll state
>>> again that the non-dangerous techniques I mentioned in my previous
>>> email
>>> have proven helpful in finding bugs in other software products. Roger
>>> and Nick welcome substantive bug reports, and they take security very
>>> seriously.
>>
>>
More information about the tor-talk
mailing list