[tor-talk] Tor Exit Operator convicted in Austrian lower court

MacLemon tor at maclemon.at
Wed Jul 2 19:21:27 UTC 2014


Hey!

On 02 Jul 2014, at 17:56, s7r <s7r at sky-ip.org> wrote:

> Signed PGP part
> On 7/2/2014 2:54 PM, MacLemon wrote:
> The subject of this attracted my attention. Are we talking here about
> a clear law, written black on white which states that it is illegal to
> run Tor relays (or any kind of telecommunications proxy servers) and
> that you are responsible for your user's actions, even if you provide
> those services free of charge, therefor not required to collect any
> data about your users? Is it actually a specific law which was
> enforced here clearly stating that you cannot run Tor or open proxy
> servers?
No, absolutely NOT. Actually, the opposite is the reality. Austria has something commonly called the “Provider's Privilege” (non-legalese term) which states that a service provider is not liable for the data transported over said services. No matter if the service is a free or paid one.


There is no law that I have ever heard of that prohibits running a proxy server or a Tor node in general or in particular. Providing an online service in Austria is mostly regulated by the Telecommunications law, E-Commerce law and data-protection law.



German language Austrian Legalese background:
Austrian E-Commerce Law §15: Ausschluss der Verantwortlichkeit bei Zwischenspeicherungen http://j.mp/1iYdg4L

§ 15. Ein Diensteanbieter, der von einem Nutzer eingegebene Informationen in einem Kommunikationsnetz übermittelt, ist für eine automatische, zeitlich begrenzte Zwischenspeicherung, die nur der effizienteren Gestaltung der auf Abruf anderer Nutzer erfolgenden Informationsübermittlung dient, nicht verantwortlich, sofern er
	
	1. die Information nicht verändert,
	2. die Bedingungen für den Zugang zur Information beachtet,
	3. die Regeln für die Aktualisierung der Information, die in allgemein anerkannten und verwendeten Industriestandards festgelegt sind, beachtet,
	4. die zulässige Anwendung von Technologien zur Sammlung von Daten über die Nutzung der Information, die in allgemein anerkannten und verwendeten Industriestandards festgelegt sind, nicht beeinträchtigt und
	5. unverzüglich eine von ihm gespeicherte Information entfernt oder den Zugang zu ihr sperrt, sobald er tatsächliche Kenntnis davon erhalten hat, dass die Information am ursprünglichen Ausgangsort der Übertragung aus dem Netz entfernt oder der Zugang zu ihr gesperrt wurde oder dass ein Gericht oder eine Verwaltungsbehörde die Entfernung oder Sperre angeordnet hat.



IANAL Paraphrased:
==================
A service provider who transmits user-input over a communications-network is not liable for a automated, time restricted caching which only purpose is to more effectively provide information requested by a user given that:
	1. the information is not altered
	2. access requirements are honored
	3. commonly accepted rules and industry standards for updating are honored
	4. the lawful application of technology to collect data about the usage of information as defined in commonly accepted and applied industry standards is not harmed
	5. recorded information is immediately deleted or access to that recorded information is denied as soon as they are informed of the fact that the information has been deleted at it's point of origin, access has been denied or in case a court or regulatory-body(?) has ordered the blocking.



Austrian E-Commerce Law §3.1: http://j.mp/1iYdIQw
Begriffsdefinitionen: Diensteanbieter
1. Dienst der Informationsgesellschaft: ein in der Regel gegen Entgelt elektronisch im Fernabsatz auf individuellen Abruf des Empfängers bereitgestellter Dienst (§ 1 Abs. 1 Z 2 Notifikationsgesetz 1999), insbesondere der Online-Vertrieb von Waren und Dienstleistungen, Online-Informationsangebote, die Online-Werbung, elektronische Suchmaschinen und Datenabfragemöglichkeiten sowie Dienste, die Informationen über ein elektronisches Netz übermitteln, die den Zugang zu einem solchen vermitteln oder die Informationen eines Nutzers speichern;

IANAL paraphrased:
==================
Definition of Information-Service: A __commonly__ _paid-for_ provided service for individual use by the recipient, especially online-sales of goods and services, online information, onilne advertising, electronic search-engines and data-query as well as ___services that transport information over an electronic network or that provide access to such a network or that store a user's information__. (Emphasis mine)



> Or are we talking about just one decision from a judge who probably
> didn't do a proper reading and analysis before applying this decision?
> Or maybe the person charged with this was actually doing something
> illegal? Anyone has more details?
IANAL!

First instance courts in Austria have been traditionally problematic with highly technical cases since they usually lack technical expertise. Austria does not have case-law, so the danger of this becoming precedent should be rather low.

The latter is very likely the case and I hope to have better (first or second hand) information in the next few days. I won't speculate more until I have talked to a few people who have actual information.


> That is nonsense. Why not arrest the owners of a stainless steel blade
> factory, because some people stab other people with those blades.
Similarly ridiculous parallels have been drawn. Why not close the postal system and every parcel delivery service as well. :-)

Best regards
MacLemon


More information about the tor-talk mailing list