Courts, DOJ: Using Tor Doesn't Give You A Greater Expectation Of Privacy
from the IP-addresses-all-the-way-down dept
When is a reasonable expectation of privacy unreasonable? When the government says it is.
In this month alone, we’ve had two federal judges and the DOJ state that there’s no expectation of privacy in IP addresses. This would normally be something covered by the Third Party Doctrine — where an IP address is part of the records retained by ISPs, and therefore, can be accessed with subpoenas rather than warrants.
The twist, though, is that all of these statements were made in reference to people who made an active effort to obscure their IP addresses by using Tor.
On February 1st, the judge presiding over the Jay Michaud case — the one where the FBI (for the second time in recent history) ran a child porn website for two weeks in order to gather evidence on visitors to the site — stated that Tor users had no reasonable expectation of privacy, despite their privacy-protecting efforts. Michaud was challenging the FBI’s use of a standard warrant to deploy its NIT (Network Investigative Technique) — a piece of malware that gathered information about computers connecting to the child porn website.
US district judge Robert J. Bryan denied the motion, noting that while the warrant technically violated the rule, a higher court’s interpretation provides an exception for when the information sought could have been discovered by “other lawful means.”
To prove this, the judge bizarrely argued that Tor doesn’t give its users complete anonymity because a user has to give their IP address to their Internet Service Provider to connect to the Tor network. Therefore, he concluded, Michaud’s IP address was “public information, like an unlisted telephone number” that “eventually could have been discovered.”
In doing this, the judge agreed with the assertions the DOJ made in its earlier motion. The DOJ claimed Michaud’s IP address was something he shared with third parties — despite his use of Tor — and was info the government would have eventually discovered one way or another, even without the use of its controversial hacking tool.
“[E]ven if a defendant wants to seek to hide his Internet Protocol address through the use of Tor, that does not cloak the IP address with an expectation of privacy,” the government wrote, in a statement very similar to the opinion later written by Judge Bryan. “While Michaud may have a reasonable expectation of privacy in stored information contained on his computer, he lacks a reasonable expectation of privacy in IP address information that belongs to an internet service provider and that is voluntarily shared with others in the course of Internet communications.”
The interesting thing about this assertion is that Michaud voluntarily shared his IP address with others. It would seem fairly obvious there was nothing “voluntary” about this exposure. While it’s true that IP addresses are “shared” with Tor when connecting, that information is stripped from communications as they travel through the Tor network.
The government argued the NIT merely rerouted this information to the FBI before Tor stripped it. Michaud apparently should have known his use of a privacy-protecting network would perhaps expose his IP address to others, including the FBI.
But as Tor itself states, without intervention from other parties, this information would not be collected by Tor, nor passed along its network.
It is clear that the court does not understand how the Tor network works. The entire purpose of the network is to enable users to communicate privately and securely. While it is true that users “disclose information, including their IP addresses, to unknown individuals running Tor nodes,” that information gets stripped from messages as they pass through Tor’s private network pathways.
This statement is in response to another judge’s declaration that people who utilize additional privacy protections when browsing the web still have no expectation of privacy in their IP addresses. This nearly-identical assertion was made by the judge presiding over the Silk Road 2.0 prosecution of Brian Farrell. In this case, the Defense Department (home of the NSA!) paid Carnegie Mellon researchers to attack the Tor network in order to expose identifying info about its users. The FBI followed along behind the DoD, firing off subpoenas to obtain this newly-discovered information.
The judge in this case wrote:
From the record, it appears the only information passed on to law enforcement about the defendant was his IP address. There is nothing presented by the defense, other than rank speculation, that anything more was obtained by SEI and provided to law enforcement to identify the defendant.
The Court agrees with the government that applicable Ninth Circuit authority precludes the defendant’s success on his motion. SEI’s identification of the defendant’s IP address because of his use of the Tor network did not constitute a search subject to Fourth Amendment scrutiny. The Court reaches this conclusion primarily upon reliance on United States v. Forrester, 512 F.2d 500 (9th Cir. 2007). In Forrester, the court clearly enunciated that: “Internet users have no expectation of privacy in …the IP address of the websites they visit because they should know that this information is provided to and used by Internet service providers for the specific purpose of directing the routing of information.”
The court goes on to say it’s too bad Tor users expected more protection from the service, but their expectations are not “reasonable” under the Fourth Amendment.
In the instant case, it is the Court’s understanding that in order for a prospective user to use the Tor network they must disclose information, including their IP addresses, to unknown individuals running Tor nodes, so that their communications can be directed toward their destinations. Under such a system, an individual would necessarily be disclosing his identifying information to complete strangers. Again, according to the parties’ submissions, such a submission is made despite the understanding communicated by the Tor Project that the Tor network has vulnerabilities and that users might not remain anonymous. Under these circumstances Tor users clearly lack a reasonable expectation of privacy in their IP addresses while using the Tor network. In other words, they are taking a significant gamble on any real expectation of privacy under these circumstances.
A subjective expectation of privacy is in no way comparable to the historic view of the objective, reasonable expectation of privacy. Tor users may be taking extra steps to obscure their IP addresses, but two court rulings clearly state the judicial system won’t be granting them any “extra” protection from government subpoenas. In fact, these rulings simply make it easier for the government to defend the intrusive techniques it deploys to unmask Tor users by declaring that, underneath it all, it’s all about IP addresses, rather than users taking proactive steps to better protect their privacy. It’s not quite a blank check for hacking, but it’s close. As long as the target is information not historically awarded Fourth Amendment protections, courts will be hard-pressed to question the means used to achieve these ends.
Filed Under: 4th amendment, courts, doj, expectation of privacy, privacy, tor
Comments on “Courts, DOJ: Using Tor Doesn't Give You A Greater Expectation Of Privacy”
Part of the problem here is that two pieces of public information jammed together don’t suddenly become secret. The TOR exit node and your own IP are public information. USing them together to somehow obscure yourself doesn’t magically change their status.
Moreover, TOR is in many ways a form of “security by obscurity”, hiding yourself in the shadows of others. But realistically, it means you share at least part of your websurfing (and whatever) not only with your own ISP, but now with a third party you don’t even know and with whom you have absolutely not contract or privacy expectations.
Your expectation of privacy here should be as low as possible – you are asking people you don’t know to keep your secrets.
Re: Re:
IP Addresses cannot, I repeat, CANNOT ever be used to determine who someone is RELIABLY.
IP addresses can be spoofed.
Wireless access nodes can be hacked.
MAC addresses can be spoofed.
Remember, multiple judges have handed down decisions that CLEARLY state that an IP address cannot identify a person.
Period.
Re: Re: Re:
In case you’d care to “challenge” my post.
https://www.techdirt.com/articles/20130218/21462222020/yet-another-court-says-ip-addresses-are-not-enough-to-positively-identify-infringers.shtml
http://techland.time.com/2012/05/07/you-are-not-an-ip-address-rules-judge/
https://torrentfreak.com/ip-address-not-person-140324/
https://torrentfreak.com/judge-an-ip-address-doesnt-identify-a-person-120503/
http://www.skipease.com/blog/peoplefinder/ip-address-identify-people/
Just to name a few…
Re: Re: Re:
Nobody is trying to identify an individual ONLY by IP address – rather, they are going through a process to determine a location, the physical connection point. You have to admit that a given IP address (even in a DHCP environment) is assigned to a single device for a given period of time. Knowing where that device (modem, router, etc) is on the network generally isn’t hard for an ISP to figure out. Once you have that, it would be a very good basis for a search warrant for all computers in a given location, looking for the individual machine in question.
Remember: when you browse the internet, headers are sent on every request. Things like plugins that are active, the particular version of your browser, your OS… those are things that are regularly included. Google and others have proven that it’s just about enough to identify you down to the person – not in the legal sense, but in the “jamming ads in your face” sense. It would make it reasonably easy to differentiate between say a laptop, a desktop, and a tablet at a given location.
Re: Re: Re: Re:
You mean like the Tanya Andersen case?
Re: Re:
Know what else is public information?
You fucking address. By your own fucking logic your mail should be fair game.
A TOR exit node (hell any routing device or endpoint) is the same principal. Just because those are public does not mean that your encapsulated messages should be considered public information either.
Re: Re:
So, byt that logic, I am permitted full access to DoD and FBI nodes on the relay, because they have no expectation of privacy, either.
To say anything else is disingenuous.
Re: Re: Re:
They didn’t access his computer initially, they just identified him by his IP address. That is significantly different from what you are saying.
If you can capture the exit node data of the DoD or FBI, then yes you can legally have their IP address, but you can’t then get into their system without a warrant.
I don’t agree with the courts warrant, but disagree with your analogy even more.
Re: Re:
I agree with this. I’d liken it to standing on the sidewalk of a street you’ve never been to on the seedy side of town. You hope no-one you know sees you while driving by. Until then, your privacy is ensured by your anonymity. Good enough.
I’m not asking them anything but to ignore me like they do everyone else. Just move the packets.
Re: Re: Re:
” your privacy is ensured by your anonymity. Good enough.”
Exactly the point: TOR (and other such concepts) give you a certain amount of privacy, kind of like Groucho glasses would (now there’s an old style reference). The sense of privacy is perhaps more in your head than in reality.
It’s really a no brainer – you are purposely asking someone to hide you. At that moment, you are already exposed to them. Your secret is in their hands, no longer in yours, so your privacy is already broken in many ways.
Re: Re:
True, but the courts have ruled in the past that simply closing the door on a public phone booth creates an expectation of privacy for the phone call, thereby requiring a warrant to eavesdrop — where the same booth with the door open would not.
Use of a TOR system may be only a token effort at privacy, but it’s a far more intensive one than merely closing the door of a phone booth.
Re: Re:
You should read about how TOR works before writing.
Orwellian
“and was info the government would have eventually discovered one way or another, even without the use of its controversial hacking tool.”
So he admits there is no need for unethical hacking, but hey… terrorists.
Context
The word “reasonable” just means that if you get caught using a tool meant for dissidents, you may wind up with a dissident’s fate. These judges will find it ”reasonable” to charge your family for the executioner’s bullet.
Fwiw, I agree that there’s no expectation of privacy on the 127.0.1.0/24 network. Potentially vulnerable client software should probably be spun up in a virtual environment, with no other access or knowledge other than the interface of its proxy.
Alternatively, the 192.168.1.0/24 network can be used for physical isolation.
Re: Context
If you’re already on localhost, you don’t need the network. Physical access == no security.
Re: Re: Context
$ cat /etc/hosts
127.0.0.1 localhost
Re: Re: Re: Context
https://en.wikipedia.org/wiki/Localhost
IPv4 network standards reserve the entire 127.0.0.0/8 address block for loopback purposes. That means any packet sent to one of those 16,777,214 addresses (127.0.0.1 through 127.255.255.254) is looped back.
Those who do not use Tor, have no rights
Bizarre as it might seem, the judge’s argument is correct.
Let’s take it into another arena: houses. Two people, Joe and Sam, each have a house. Joe leaves his house unlocked, in fact, he doesn’t even have locks on the door. On the other hand, Sam has purchased and uses expensive high security locks.
So, given that scenario, should the government simply be able to walk into Joe’s house and search whatever they want? No?
Are you suggesting that Joe has the same Fourth Amendment right as Sam to be secure in his house from search and seizure? Then it follows that Sam has no greater rights than Joe, despite Sam’s expensive locks. Before searching either house, the government should have to meet the same legal standard, obtaining the same warrant.
Any other conclusion is unacceptable, for it leads to the idiotic conclusion that those who do not use Tor, have no rights. The rights belong to the person, not to the person’s methods of protection.
Re: Those who do not use Tor, have no rights
This is an interesting, but flawed, analogy. Other courts have held that a government agent can lawfully trespass on private property without a warrant if the property owner made it “too easy” for the agent to trespass. If I recall correctly, the court found that, because the government tampered with a vehicle sitting on a driveway that could be reached without defeating physical security, it was permissible. Techdirt readers pointed out that this precedent meant that only those who live in gated properties enjoy any legally recognized expectation of protection. This directly contradicts your suggestion that a well-secured house is no more private than one with no security at all.
Re: Re: Those who do not use Tor, have no rights
There’s another concept that may come into play: the ‘openly visible’ item doctrine whereby if an officer can see an item without any effort even from a distance it’s fair game. An example would be an incriminating letter left face up on a desk and one can stand away 3-4 feet and be able to read said letter. Could IP and MAC addresses be considered ‘openly visible’ since that information has to be coded into every TCP/IP packet? Similar to the analogy of the mail whereby your street address is posted on the front for anybody to see though one cannot see what’s inside until they open it?
Re: Re: Re: Those who do not use Tor, have no rights
Networking 101(): Layering principle.
MAC addresses are used at a layer underneath the IP datagram layer.
In short, when you say that a ‘MAC address [is] encoded into every TCP/IP packet’, you are not just using language in a too-loose fashion, you are indicating a lack of basic knowledge about something that you really ought to understand.
() Networking 101: Links found with a quick google. My introductory course had a much better textbook, but I don’t think that hardcover textbook is available online.
Re: Re: Re: Those who do not use Tor, have no rights
There may be a point about the ‘openly visible’ doctrine with respect to Tor. I didn’t think about that.
But in houses, the openly visible doctrine applies only to those things that can be seen through windows or doors, which the officer may not open; and indoors only if the officer has a legal right to be indoors. Established law is that the officer cannot open a door to enter unless certain reasonable causes are in effect. If the doors are closed (but unlocked) the officer would have no grounds to enter and view anything.
Re: Re: Those who do not use Tor, have no rights
The example I used was “in the house” for a reason. Many rights that people have with respect to their houses do not apply to outdoors or automobiles (which are portable).
So houses were chosen specifically because the courts do recognize a right for that domain, just as a right is recognized for certain wiretaps.
Re: Those who do not use Tor, have no rights
That’s a good point. In some contexts, a lock, regardless of how effective or ineffective, doesn’t matter.
But in other contexts, a reasonable expectation of privacy was found for people merely speaking in hushed tones and covering their mouths, when they were speaking on the courthouse steps (where that would not have been found if they had been speaking loudly.) In many cases, putting up a fence around your front yard actually DOES stop law enforcement from passing that point without a warrant, whereas if you have no fence they can walk up to your door and at least knock on it. So, sometimes that lock matters.
I’m not so sure that you give up any expectation of privacy just because of a theoretical weakness. Yes, the person knows Tor has weaknesses, but in the end so does a 12-inch thick titanium door with biometric access and security guards. And if I uncover the identity of an undercover officer by spying on his Internet activity, do you think they’d buy my argument that the officer was publicly declaring he was an officer by sending an email to his superior, even if he used something like Tor?
Re: Those who do not use Tor, have no rights
Let us note that the FBI was only able to break into TOR by collecting all of the data that passed through nodes. Just like listening to all telephone conversations without a warrant. Yes they do it, but that does not make it Constitutional.
Time to wake the "judges" up a bit...
Find out their “IP” addresses, visit a few of these FBI sites using the judge’s ip addresses.
Let’s see how long this “decision” stands…
Bwah hah hah hah hah
He isn't wrong.
If anything, TOR users are easier to MiTM. We can dispel with the notion that all exit nodes are run by whitehat, EFF supporting, freedom crusaders.
Aw crap.
I let visitors use my bathroom when they are in my home. I disclosed the insides of my bathroom to visitors.. I better go check for cameras since now I have no expectation of privacy there.
Re: Aw crap.
If you have a virtual bathroom, I’d advise just terminating that instance, and spinning up a new clean instance the next time you need one.
Taking a gamble
Under these circumstances Tor users clearly lack a reasonable expectation of privacy in their IP addresses while using the Tor network. In other words, they are taking a significant gamble on any real expectation of privacy under these circumstances.
Nothing is perfect. Any system might have vulnerabilities or become compromised. By this reasoning, there is no expectation of privacy anywhere. People should should realize that that their homes *might* be bugged and thus expect no privacy there either. Or that their medical records *might* someday be leaked. Etc, etc, etc.. Bye bye, pesky 4th amendment.
My potential objections
I have two things I would need to clarify.
– As I see things here, the problem should not be about the expectation of privacy about the IP address, as much as about the means used to collect it. If the government can use any means and justify it afterwards saying it’s about “public information”, then there simply is no such thing as “privacy” or fourth amendment on the internet.
– This also conflicts with care about cops who prohibit people from filming them.
A public agent performing public duties in a public place has expectations of privacy.
A private individual on private business in a public space while trying to limit the private information he shares… has none?
That’s all kinds of crazy. Someone should really explain everyone what a “reasonable expectation of privacy” is. We can’t let government decide that it only applies when it says it does.
Living in surveillance states deletes expectation of privacy.
Expect privacy only when you can guarantee it.
Recognize and get comfy with the idea that the *new law enforcement and courts* (read “most of the executive and judicial branches”) are increasingly taking the point of view that, if there’s any way the government CAN overcome your privacy efforts, then you have no *reasonable expectation of privacy*. Read that again – you can *reasonably expect* only so much privacy as you can enforce against all power of the government to overwhelm.
Get to work.
With that logic DRM protected content has no reasonable expectation of not being copied despite efforts to resist being copied.
A lot of people here seem to be confusing content with destination. That is:
Closing the phone booth door gives an expectation of privacy for the content of your conversation, but not the number dialed which can be retrieved from the operator at will.
Speaking in hushed tones in a small group gives an expectation of privacy to the words spoken, but not the identities of the people in the group.
The contents of the mailed envelope is private, but the destination and return addresses are not.
Re: Re:
In Soviet Russia, envelope mails you.
Re: Re:
But, Tor works by putting your envelope inside another envelope. Then you mail the letter to someone and that person opens it and mails your letter for you to your destination. So, when you send your original letter, is the envelope inside not content?
Re: Re: Re:
But, Tor works by putting your envelope inside another envelope.
There you go, spoiling things with the truth.
A tyranny by any other other term. Your’re rights are non existant when they get in the way of the ruling party.
It’s those in charge who make the rules .
It’s time to change whose in charge .
Unfortunately they will not go quietly into the night .