On Thu, 2011-11-10 at 09:56 +0000, tor@xxxxxxxxxxxxxxxxxx wrote: > It's quite different for non-anonymous providers. They are restricted by > laws, and are held responsible for their actions, legally and > commercially. If we don't even know where TorMail is hosted, we don't > know what laws they're subject to, nor whether they're following them. > And if they're caught doing something illegal, we can't track them down > in order to hold them responsible. > > If Google was reading your email, you could not track them down or hold them responsible. Google, like other corporations, is not restricted by law. What you're referring to is "privacy by policy." In this mode of thinking, you assert that a service is private because the person providing that service says that it's private. At this point, you need go figure out how much you trust them to evaluate how private that system is. Tor and other privacy-enhancing technologies provide "privacy by design." In this mode of thinking, you assert that a service is private because you, the person using it, uses some other technology that enforces privacy. At this point, you don't care about who's running the service, because even though Google has a lot of lawyers, those lawyers can't get a court order to break RSA. The government can't subpoena math. It should be clear which mode of thinking is better. This idea is stolen without any remorse from <https://blog.torproject.org/blog/anonymity-design-versus-policy>.
Description: This is a digitally signed message part
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk