(FWD) Re: [freehaven-dev] 'The Economics of Anonymity' draft ready

[Roger Dingledine <arma@mit.edu>]

----- Forwarded message from owner-freehaven-dev@freehaven.net -----

Date: Thu, 11 Apr 2002 11:33:27 -0400
From: Adam Shostack <adam@zeroknowledge.com>
To: Marc Rennhard <rennhard@tik.ee.ethz.ch>
Cc: freehaven-dev@freehaven.net, syverson@itd.nrl.navy.mil
Subject: Re: [freehaven-dev] 'The Economics of Anonymity' draft ready

On Thu, Apr 11, 2002 at 10:37:02AM +0200, Marc Rennhard wrote:
> > Paul Syverson and I have finished a short position paper on the
> > economics of anonymity. We explore some of the open issues in strong
> > anonymity systems, such as the need for high anonymity sets, lack of
> > good incentives for users and servers, and problems with scaling these
> > systems to a widespread volunteer infrastructure.
> 
> Your paper makes several interesting and important points, and there is
> one I'd like to discuss in more detail - legal issues. We are planning
> to start a public user trial of a mix-net very soon, but before doing so, 
> we want to get an idea about potential problems we might run into.
> 
> I have contacted Anonymizer.com and they do not keep logs for more than
> 2 hours and - according to them - have never had problems with legal 
> issues. I found that surprising, especially since it's a U.S.-based 
> company. What about other systems that were and are operational? Has
> Zeroknowledge  ever run into problems with authorities about legal 
> issues (Adam?) with their former Freedom system or their current 
> WebSecure? Zeroknoledge stats that "At no point do we ever link 
> information in server logs to identifiable individuals or customers. 
> Raw server logs are kept only as long as necessary for security 
> purposes." What does "only as long as necessary for security purposes"
> mean?

We got contacted from time to time for information about users of
Freedom.net, but it never got to a subpoena.  We always made a point
of educating cops about the fact that the criminals already have
privacy, normal folks don't.  They usually went away happy.

> And if no logs are kept, what would ZKN do if the police (e.g. following
> a court order) or whoever contacted them and asked to monitor a particular 
> user? Would ZKN comply? Probably yes (?). That would mean that monitoring 
> the masses would no longer be possible, but monitoring particular persons 
> would still work.

With Freedom, that wouldn't have been possible, with Websecure it is.
Our actions would depend on the nature of the request.

> I wonder what would happen if any of these anonymizing systems played
> an important role in a major criminal act. It probably hasn't happened 
> so far, but it may well be the case in the future if such systems get
> widely deployed. Would the operators of the system be (partly) held 
> responsible for such an act? I completely favor any privacy-enhancing
> technology in the Internet, and the majority of Internet users probably
> does too. But I also think this public opinion could change drastically
> if a major abuse were detected. Compare it to polls after September 11th: 
> at least in the U.S., the majority of people suddenly accept that their 
> privacy is compromised for an incrased 'national security'...

I don't think that the operators of such a system, if they were
prepped, would get in operational or practical trouble.  They might
poison the well if they were not ready to speak about the positive
side of anonymity, protecting people from stalking, etc.

Adam

----- End forwarded message -----