[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Is Anonymous Communication only for "Criminals"? (was: Re: UCENET II and Peter duh Silva)




-----BEGIN PGP SIGNED MESSAGE-----

[email protected] (Politas) wrote:

> >Why should the operator of the delivery medium be held responsible for the
> >contents of a message?
>    
> Not the contents as such, but the ability to continue unacceptable
> behaviour. eg, if someone is mailbombing me from a hotmail account, I expect
> Hotmail to shut down that account, or at least prevent them from sending to
> me.  But I'd prefer if they handed over some kind of tracing information to
> the police.

And if someone makes what you consider an annoying telephone call from a
public telephone, should the phone company remove the telephone?  Sure, they
may be able to trace the telephone used, but not who used it.
          
> >                        Perhaps the laws are different "down under", but here
> >in the USA anyone can deposit coins in a public telephone and make a phone
> >call without identifying himself.  The person can't be identified, and
> >neither can you hold the telephone company responsible for any damages you
> >claim resulted from the call.
>           
> Yes, but the anonymous person in this case is paying all costs for the call.

Just as the anonymous person is paying for his own access to the internet.
The anonymous caller to your telephone is not paying your monthly telephone 
bill, though, so he's not "paying all costs for the call".  So the two 
situations are fairly analogous -- both the sender and the receiver of the
message pay a portion of the costs.
          
> Also, the call can be traced in real time, and a sufficiently organised
> system would allow the caller to be found.  You have a physical location and
> an exact time, enough to catch a person.

If the person is foolish enough to stay on the line long enough to be caught,
that is.  I really doubt that most localities have a police force with enough
time on their hands to go chasing after a person who annoys you with a 
phone call, though.  Anything "sufficiently organized" to accomplish what
you're suggesting would be indistinguishable from a police state.  While it
might annoy you if someone were to call you at 2 AM from a pay phone, yell
"You're an asshole", and hang up, how much money, time, and effort do you 
really expect the police to spend trying to find the culprit?

As a practical matter, they'd probably suggest that you change your phone
number or put a device on your telephone where callers you wished to talk to
at 2 AM were required to enter in a code you'd given them before your phone
would ring.

> >It's the same with the US Postal Service.  You can mail a letter from a public
> >mail box and as long as the proper postage is attached, it will be delivered
> >even if it doesn't have a return address, or if it contains a false return
> >address.  But if someone mails you a letter bomb, you can't sue the US
> >Postal Service.
> 
> No, but at the very least you do at least know which post office the letter
> first came through.  It's somewhere to start a search from.  

In the case of an anonymous e-mail, the "post office" is the remailer site.
Like a snail mail letter, you don't know what path the sender travelled to
get to the post office, though.

> You'd be amazed
> how often people who send "anonymous" letter bombs get caught.

Yes, for both the e-mail and snail mail variety.  It's much easier to send
an e-mail bomb from a throwaway ISP account than from a remailer, anyway.
Most remailers have fairly small size restrictions, for one thing, and if you
start sending too many individual e-mails through a remailer, the software
WILL take note of that fact and flag that fact for the operator.

In many ways, sending a "mail bomb" "anonymously" is an oxymoron.  The whole
point to avoiding being traced is to make your message virtually 
indistinguishable from the rest of the anonymous messages until it reaches
its destination.  Sending a huge message or a huge number of smaller messages
sticks out like a sort thumb and calls attention to the sender.  The last
thing the perpetrator of such a scheme would want to do is go through
automated software, such as a remailer uses, that looks for and flags
unusual behavious like that.  It would actually me much safer to use a
throwaway e-mail account, acquired under a phony name, to accomplish that.

> >So why institute draconian rules to restrict e-mail which are stricter than 
> >those for other communications media? 
> 
> Because I'd like it to be so.  I'm not really calling for anything greater
> than we currently have with the phone system.  

Then you already have that.  If you don't want calls from a certain caller,
you can arrange to have them blocked.  If you don't want "anonymous" calls,
you can have incoming calls without caller ID information blocked, just as
you can request that the remailers not send you any anonymous e-mail.

(None of this really has anything to do with anonymous PUBLIC posts.)

> I realise that it's pobably
> not a completely popular opinion, but it happens to be mine.  I cannot see
> any valid purpose for completely anonymous communication, other than to
> break laws.

"Presumed innocent until proven guilty" is still in force here.  I might well
say that I can see no purpose for owning a printing press other than to print
"subversive" material, yet I still retain that right here in the USA until
you can prove that I've used it for illegal purposes.  If you can prove that,
then you can get a court injunction against me.  But you can't take away that
right based on what you think I *MIGHT* do.

Of course, sometimes "breaking laws" IS the reason for anonymity.  If the
government were to outlaw the dissemination of certain politically incorrect
ideas, then the only way to safely do so might be anonymously.

If you feel that strongly about anonymous e-mail, then simply ask the
remailer operators to have your address blocked from receiving any.  Your
(potential) problem is then solved.

> >I'll reiterate my opinion that such restrictive rules would cripple the
> >usefulness of many currently-available services.  I seriously doubt that
> >Hotmail would take on the expense of identifying each of its account holders
> >as well as assuming liability for any that it misidentified, in order to  
> >provide a FREE service.
>    
> Oh come now, you make it sound like Hotmail are doing it all out of the
> goodness of their hearts.  They *are* making money, you know.

I'm sure they are, but the extra costs of positively IDing users would have
to be paid somehow.
   
> >                        In fact, it would impact most ISPs.  As long as you
> >pay your monthly access fees on time, most ISPs take you at your word that
> >the name and address you supplied on your application are correct.
>           
> And as long as you don't breach your contract with them in any other way, 
> they should be able to.  On the other hand, if the police turn up to an ISP
> trying to find someone, they can get the phone calls traced to catch the
> person when they log in.

Of course they can.  Ultimately, each person is responsible for maintaining
his own privacy.  There's always a risk.  Those who anonymously (and illegally)
used fax machines to send uncensored news out of China during the Tianamen
Square uprising were obviously taking such a risk.  Does it bother you that
the technology did not exist to identify and prosecute those who did so?

> >I would suggest that the recipient of a piece of e-mail should bear the
> >responsibility for authenticating its sender before sending someone money, 
> >or taking other action that could potentially incur a financial loss.
> 
> Well, of course.  On the other hand, recieving unwanted email itself
> involves financial loss.

Perhaps, but there are more suitable remedies for that than banning anonymous
e-mail.

> >Transferring that duty to the ISP makes no sense.  For one thing, who would
> >you hold responsible?  Your own ISP?  The one listed in the return address?
> >Even if it's forged?  What if the ISP is located in another jurisdiction?
> 
> The person I want to be able to hold responsible is the person who sent the
> message.  If someone in the middle is shielding their identity, then they
> have to take the responsibility to stop repeated offences.  If they cannot
> or refuse to pass the blame on to the originator and can't prevent repeated
> offences, then, and only then, they *may* be able to be held responsible for
> any offences.  I would doubt that it would ever go that far.  After all, can
> you imagine a Telco *refusing* to cooperate with the police to trace a call?

No, but that's a different scenario than the telephone company requiring a
form of positive identification before using a pay phone.  You aren't
assuming that these "repeated offenses" involving pay phones all were made
using the SAME TELEPHONE each time, are you?  Not all harrassing callers
would be that stupid, although some might be.

In the case of anonymous e-mail, you can trace it back to the remailer 
utilized just like you can trace a phone call back to the telephone used.  
But what does thay buy you?  You still don't know WHO made the call or sent 
the e-mail.  Actually in the case of anonymous e-mail you have one additional
safeguard.  You can ask to be blocked from receiving anonymous e-mail.  Try
telling the telephone company that you want to be blocked from receiving
calls from any pay phone!

> I'm not saying it has to be easy to trace a message to its originator, but
> it should be possible to identify a source.  For repeating communications,
> it should be possible to identify a person.

That's really unnecessary.  There's not really much you can do via e-mail
that's both illegal and anonymous, when you think about it.  I could
kidnap a relative of yours, and use anonymous e-mail to make ransom demands,
but I'd still have to give you a means of getting the money to me.  THAT is
where I'd be traceable.  The same goes for sending you a fraudulent offer.
I can't make any money off of you unless you give you a method for paying
me.

And if something is merely annoying, then prevention makes more sense than 
building in the ability to hunt down the sender.

Like anonymous e-mail itself, any surefire means of identifying the sender of
a message is also prone to abuse.  That's why the "Big Brother Inside"
concept is a cure that's worse than the disease.

- ---
Finger <[email protected]> for PGP public key (Key ID=19BE8B0D)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBNJrE4gbp0h8ZvosNAQHHfAf+NbwQcznBpJpORXE223owqI44WEVNL6gR
XH8ir9vor0oYcENGKbyfETIMfKsdbvf9THK9accbUjh5CXu9Qv6vcZ1S1TzogAS9
QbnrRtaYQmEFp7657X2r2Uof8jdgHAe1XL8BjVZfn6yPZYTo3lAxNOWc5qqtHnVM
T1Wrz7ej0n99s6hs8PE+57Y82RrF173Y7Qm2uLJRBHt7ZAFnFaet3N+ZrbgJQCW+
NOBElkLe9qTY8bhHg3zeUx7Ql3mE4quogwLy8W/btuxMles7EnTfoYWozKsifamC
EJks7fpr0z70sPVVfvo/ktmA+UkK9UwWrNqCA/kCHieRpEdC5gRhQQ==
=RSct
-----END PGP SIGNATURE-----