I forgot to thank those on the list who replied to this thread. They have been very helpful.
For the benefit of anyone else in a similar position: My ISP (after consulting with LINX) has conceded that the legality of monitoring the exit is unclear. They have now asked if I would be willing to block port 80 on my exit, or have them monitor my traffic instead in their capacity as a commercial operator. I've reluctantly opted for the former. Meanwhile, members may be interested to hear what the owner of the ISP had to say about Tor. I thought I'd put it here as a footnote to this thread by way of an example of the range of opinion in the technical community. I have no strong opinion on the matter. "I'm still not convinced that ToR isn't just an incredibly clever US government scheme where the US government stealthily operate a majority of the ToR (exit and intermediate) nodes, leading themselves to be able to anonymously inspect / MITM traffic from any exit node they operate, as well as correlate flows between non exit nodes to be able to find the original source of a flow." Jonathan On 9 September 2015 at 07:10, Gareth Llewellyn < [email protected]> wrote: > On Tue, Sep 8, 2015 at 9:04 PM, Jonathan Baker-Bates < > [email protected]> wrote: > >> So does anyone know of any reliable source of information on running Tor >> exits in the UK? >> > > No but I run several UK based Tor exits and have had little issue other > than the usual abuse reports, that said the relays in question are operated > by a separate legal entity that is it's own ISP (RIR allocation / ASN etc). > > > What would happen if my ISP pressed me to monitor my traffic, and I >> refused on legal grounds? I'm not suggesting I actually do that, or that >> there are even any legal grounds to refuse. >> > > **** IANAL **** but to elaborate on something that Thomas said there is > also a consideration of the Regulation of Investigatory Powers Act, the > Data Retention and Investigatory Powers Act and Counter Terrorism and > Security Act. > > Starting with RIPA s1. > >> It shall be an offence for a person intentionally and without lawful >> authority to intercept, at any place in the United Kingdom, any >> communication in the course of its transmission by means of— >> >> (a)a public postal service; or >> >> (b)a public telecommunication system. >> > > RIPA s2. defines interception; > >> (2)For the purposes of this Act, but subject to the following provisions >> of this section, a person intercepts a communication in the course of its >> transmission by means of a telecommunication system if, and only if, he— >> >> (a)so modifies or interferes with the system, or its operation, >> >> (b)so monitors transmissions made by means of the system, or >> >> (c)so monitors transmissions made by wireless telegraphy to or from >> apparatus comprised in the system, >> >> as to make some or all of the contents of the communication available, >> while being transmitted, to a person other than the sender or intended >> recipient of the communication. >> > > Finally an act is unlawful if it falls foul of s1 (5); > >> (5) Conduct has lawful authority for the purposes of this section if, and >> only if— >> >> (a) it is authorised by or under section 3 or 4; >> >> (b) it takes place in accordance with a warrant under section 5 (“an >> interception warrant”); or >> >> (c) it is in exercise, in relation to any stored communication, of any >> statutory power that is exercised (apart from this section) for the purpose >> of obtaining information or of taking possession of any document or other >> property; >> > > So it would seem that RIPA (which is due to be replaced in the next couple > of months by the Investigatory Powers Bill) says that you are not allowed > to intercept data. > > Moving on to the Data Retention and Investigatory Powers Act (and by > extension the Counter Terrorism and Security Act) there is s1. of DRIPA > which says; > > The Secretary of State may by notice (a “retention notice”) require a >> public telecommunications operator to retain relevant communications data >> if the Secretary of State considers that the requirement is necessary and >> proportionate for one or more of the purposes falling within paragraphs (a) >> to (h) of section 22(2) of the Regulation of Investigatory Powers Act 2000 >> (purposes for which communications data may be obtained > > > s2. defines a telecommunications operator; > > “public telecommunications operator” means a person who— >> (a) controls or provides a public telecommunication system, or >> (b) provides a public telecommunications service; >> >> “public telecommunications service” and “public telecommunication system” >> have the meanings given by section 2(1) of the Regulation of Investigatory >> Powers Act 2000; >> > > Section 2(1) of RIPA has many definitions but this one closest applies to > Tor; > > “telecommunication system” means any system (including the apparatus >> comprised in it) which exists (whether wholly or partly in the United >> Kingdom or elsewhere) for the purpose of facilitating the transmission of >> communications by any means involving the use of electrical or >> electro-magnetic energy. >> > > > > So, the Secretary of State or the Police can serve you a retention notice > or an interception warrant *allowing* you to intercept data, past that > point you can probably point to RIPA and say it'd be illegal. > > > > > _______________________________________________ > tor-relays mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > >
_______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
