1995-01-17 - Abuse and Remailer Ethics

Header Data

From: Homer Wilson Smith <homer@math.cornell.edu>
To: Remailer Operators List <Remailer-Operators@c2.org>
Message Hash: b0f7ad842e66e71ddf87716ba99dec49c8ffb92140adda1e8647eb9999cb5f44
Message ID: <Pine.SUN.3.91.950116205019.7181A-100000@math>
Reply To: N/A
UTC Datetime: 1995-01-17 02:22:11 UTC
Raw Date: Mon, 16 Jan 95 18:22:11 PST

Raw message

From: Homer Wilson Smith <homer@math.cornell.edu>
Date: Mon, 16 Jan 95 18:22:11 PST
To: Remailer Operators List <Remailer-Operators@c2.org>
Subject: Abuse and Remailer Ethics
Message-ID: <Pine.SUN.3.91.950116205019.7181A-100000@math>
MIME-Version: 1.0
Content-Type: text/plain



     I am surprised there isn't a widely agreed upon codification of
remailer operator ethics for handling abuse cases.

     Perhaps there is, and I would appreciate someone pointing me to it.

     I am not presently on cypherpunks, so please include me in the
replies.
 
     Here is the situation.

     homer@rahul.net runs with header logging on, it contains, From: 
To:, Date: and Subject.  rahul.net also keeps syslog files for a week,
and makes them public to those on rahul.net.
 
     B writes me saying he is the 'admin of a listserv' and complains that
someone is abusing his list with postings through my remailer. He wants
the name and e-mail of the abuser to 'talk to him personally'. 
 
     Clearly I should not give out the name of a remailer user (if I know
it) unless ordered to by a court order. 
 
     Thus his request is, on the surface of it, absurd.
 
     In this case the alleged abuser, A, did not chain his posting so
my logs clearly show who it is.  Clearly I am always going to know the
To: of an abuse because the complaint comes to me from or about that
address.  If the abuser only uses one remailer, then I am clearly
going to know the From: line also, as it is right there in the header
logs or rahul.net syslog files (same thing.)
 
     If the abuser chains and a complaint comes to me, all I will know
about the From: line is that it came from another remailer.  However
now that I know his name and e-mail, if I get another complaint about
him, and he has wised up and started chaining, I could pass his name
onto the prior remailer before mine, and that remailer could do the
same, until it came back to the first remailer on the chain who could
take action.  This however would piss off a lot of remailer operators.
 
     But now what action is appropriate?
 
     Well giving A's name to B is out of the question without a court
order, right?
 
     Blocking the To: line, namely the abused party, is extreme as
that blocks others from posting to that list or group, unless the list
or the group wishes to have no anon messages.  In which case I
probably might consider blocking the end recipient.
 
     Blocking the From: line, will stop all further postings from that
person, which is fitting if indeed he is 'abusing' people, but he will
merely start posting through other remailers, who will then have to go
through the same procedure.  Perhaps there is some justification then for
remailer operators sharing blocked From: lines with each other, that
might be a good idea.
 
     But who is to decide what is or is not abuse?  Surely I can't let
others tell me that they have been abused without even reading the
message, I have seen it happen all to often that parties claim they
are being abused when they are merely being exposed and rightly so.

     On the other hand, since I am responsible for my own little
corner of the net, if something happens that I consider abuse, I
certainly have a right to put an end to it if I can.

     Some questions:
 
     Does any single recipient have the right to demand that they be
blocked from all anon messages.  I would say yes.

     How about demanding blocking anon messages only from some
senders?  That is harder to implement.  If you block the sender, you
block ALL his postings, not just to that party.  So you would need to
block specific From: and To: combinations.  This would not work with
chaining at all, even if we did share blocking information.  So that
is out.

     Does a list owner have the right to demand blocking to his list,
with or without a vote of the list readers?  I would say yes.
     
     What about a newsgroup?  I would say it takes a vote.  Are anon voites
allowed?  Touchy question that was important at one time on 
alt.r.scientology.
 
     Anyhow I would guess that the correct action here is to write the
offender and let him know a complaint has been registered against him.
I would also educate him as to why he was so easily traced and tell
him that if he wants to avoid such in the future to start chaining.

     However if he is a determined abuser not prone to social
embarassment, then the sharing of blocking among remailer operators
might become a very good idea.

     I don't know how you seasoned reops feel about abuse, jpunix went
out of business for want of an effective way to deal with it.  I think
part of the answer is in close cooperation.  This might help keep the
abuse down, and raise the reputation of reops so that people begin to
think of us as responsible service providers rather than anarcho
terrorists.

     However I am very new to this field, so I may have my head stuck
up my ass, and I would like to hear back from you on your ideas.

     Homer Wilson Smith
     homer@rahul.net






Thread