Forgot your password?
typodupeerror
Privacy

Web Hosting For Privacy Activists? 285

Posted by kdawson
from the haven-in-a-data-storm dept.
BritishColumbian writes "I'm thinking about setting up a Web site driven by user submissions. I was wondering which locations have the most liberal (i.e., libertarian) privacy laws. There are some great hosts in the US, however there have been so many FBI requests for user data that I don't want a server hosted under US jurisdiction. Does anyone have any thoughts/suggestions as to a suitable jurisdiction? It doesn't look like Sealand's HavenCo is guaranteed to be privacy-friendly any more."
This discussion has been archived. No new comments can be posted.

Web Hosting For Privacy Activists?

Comments Filter:
  • ob (Score:4, Funny)

    by Anonymous Coward on Saturday January 26, 2008 @04:43PM (#22195554)
    What's wrong with geocities? :p
  • by friedman101 (618627) on Saturday January 26, 2008 @04:44PM (#22195560)
    I host my website from a mini server taped to the back of the toilet in a local coffee shop with free wifi. I change the battery twice a month.
  • by bwd234 (806660) on Saturday January 26, 2008 @04:44PM (#22195562)
    I don't want a server hosted under US jurisdiction. ...as of lately, nearly the entire planet is under US jurisdiction.
    • by Adambomb (118938) on Saturday January 26, 2008 @04:52PM (#22195618) Journal
      It's as if a million chinese officials burst out in laughter....

      and then kept on laughing.
    • by LWATCDR (28044) on Saturday January 26, 2008 @05:17PM (#22195764) Homepage Journal
      Frankly I doubt that you will find anyplace more liberal than the US.
      A lot of countries in the EU will bust you for anything that they consider "hate speech" not that I wouldn't mind never having to see it myself it is still political speech. Considering Europe's history I can understand why they are more than a little sensitive over hate speech. Canada also has hate speech laws last time I checked. I am not sure about all the countries in Latin America but most get a little bent over criticism of their governments and or the Catholic Church.
      The middle east? Well just don't make fun of Islam and you will be just fine. Africa? Well that probably depends on the nation. Not a great history of Human rights in most of those Nations.
      Asia? Well China is a big no. Japan, and Taiwan I have no idea. Austriala and New Zealand maybe a as liberal as the US but I think they are closer to most EU nations according the Wikipedia they are.
      Switzerland maybe?

      The US does tend to be more strict on sexual content but is probably still one of the most free when it comes to Political speech. Of course an anti-war protester being asked to go to a free speech zone or get a permit really doesn't care about an neo-nazi in France being put into jail for wearing a patch.
      • Re:Unfortunately... (Score:5, Informative)

        by Anonymous Coward on Saturday January 26, 2008 @05:27PM (#22195846)
        The US is good on free speech but it is not good on privacy which is the point of this article. As far as privacy is concerned, Privacy International ranks [wikipedia.org] both Germany and Canada very highly. I'd recommend Canada to get around Germany's prohibited speech laws.
        • Re:Unfortunately... (Score:4, Interesting)

          by darthflo (1095225) on Saturday January 26, 2008 @06:52PM (#22196384)
          Germany's privacy is being very actively dismantled. Protests about the changes are taking place, but it probably isn't where you'd want your site to be hosted right now. Housing space and bandwidth, OTOH, are damn cheap over there, way cheaper than most anywhere else, including the U.S.
        • Re: (Score:3, Insightful)

          by nacturation (646836)

          The US is good on free speech but it is not good on privacy which is the point of this article. As far as privacy is concerned, Privacy International ranks [wikipedia.org] both Germany and Canada very highly. I'd recommend Canada to get around Germany's prohibited speech laws.

          And considering that this article was submitted by "BritishColumbian" I'm amazed he/she didn't consider their own country, which has some very good privacy protection.

          • Re: (Score:3, Insightful)

            by petard (117521)

            And considering that this article was submitted by "BritishColumbian" I'm amazed he/she didn't consider their own country, which has some very good privacy protection.


            Don't you see the benefit in hosting somewhere that's not under the jurisdiction of your government, even if you think their laws are relatively good? It seems an activist might.
        • Re: (Score:3, Informative)

          by iminplaya (723125)
          That's old data. Greece [privacyinternational.org](?!) is number one now. The trend indicates that "off the planet" is the best option.
      • Re: (Score:2, Insightful)

        by Anonymous Coward
        Frankly I doubt that you will find anyplace more liberal than the US

        Bwahah ahah ahahahaha hahahahah ahahaha
        Bwah ahahaha hahaha haha hahaha
        Bwa hahahaha hahah ahaha
        Bwah ahah ahahah
        Bwah ahaha
        Haha

        Now that was a good one. Seriously.
        • Re: (Score:2, Informative)

          by jellomizer (103300) *
          It depends on what you determine to be liberal. No, we are not perfect but we are still one of the best places for free speech. In some countries a comment such as yours may have been a very gutsy move. But in America is is just foolish sarcasm. The reasons why a lot of countries seem like things are going all good and fine while America is pure evil. Is the fact we americans feel free to criticize our government and out life style. While other countries doing such contains a major act or bravery. E
          • Re: (Score:2, Informative)

            by daff2k (689551)
            Yes. "A whole nation based on the principle of saying one thing, and doing another." And apart from not being able to form a coherent sentence you seem to have absolutely no idea what you are talking about when it comes to European countries.
      • Re: (Score:3, Informative)

        Austriala and New Zealand maybe a as liberal as the US but I think they are closer to most EU nations according the Wikipedia they are.

        Australia has quite repressive libel laws. If you get sued for libel, there is the presumption of guilt (i.e. the defendant has to prove they did not commit libel). On top of that, a court case a couple of years ago allowed an Australian to sue (under Australian jurisdiction) a publication for libel due to what they had published on their US website. The judge had ruled that

    • by Kadin2048 (468275) <slashdot.kadinNO@SPAMxoxy.net> on Saturday January 26, 2008 @05:22PM (#22195802) Homepage Journal
      Bluntly put, but not untrue.

      Basically, you're going to have to pick the least-bad option. The idea of 'data havens' where conventional meatspace law doesn't apply is sadly seeming more and more like a lost concept. It seemed possible during the early 90s, when government and the big corporate interests really hadn't caught on to 'the Internet,' but now that they have, it's going to become more and more regulated, just like every other area of human endeavor. It was fun while it lasted, I guess, and it'll make a neat story to tell our kids about, but the party's basically over.

      Where you want to go depends on the specifics of what you're doing. Political speech, particularly political speech directed at other countries, is relatively well-protected both in the U.S. and the E.U. Although I'm pretty unhappy with the current security paranoia here in the U.S., I think it's unlikely that you'll get in trouble unless you actually start advocating 'direct action' (terrorism) or have a cozy relationship with people that do. In terms of formal legislative safeguards on political speech, the U.S. has a more absolute freedom-of-speech doctrine than many European countries and Canada.* Where you will run into trouble in the U.S. (viz political speech) is when you are saying things that can be construed not as speech but as 'action' or as appeals to action. Saying things that are highly politically unpopular in the U.S. may get you put under surveillance or monitoring, but probably won't land you in a lot of legal trouble or get you locked up. Bottom line: if you're looking to deny the Holocaust or write nasty-but-true things about just about anyone, the U.S. is the place to do it.

      Where the E.U. becomes the superior venue is if you're doing things that would be a crime under certain U.S. intellectual-property laws drawn up by the megacorporations that essentially own large chunks of Congress. Hollywood is a double-edged sword: it likes freedom for political speech, but really hates freedom if it might negatively impact this quarter's bottom line. Thus while you can advocate genocide in the U.S., linking to copyrighted material may land you in prison. For that sort of thing, you're better off in Europe, probably as far north as you can get. (E.g., Sweden.) You're also probably better off in Europe if you're looking to do something that's edgy and involves sex; I'm not sure that the laws per se are a whole lot better, but overall attitudes may result in those laws not being used as aggressively to bludgeon you.

      There are more minor specialty venues that you might want to consider if what you're doing involves money changing hands. Antigua in particular seems to be a popular choice for shady financial-transaction sites (cf. 1MDC) as well as gambling. Exactly how tolerant they'll be of (U.S) copyright-violating material, as a result of the recent trade decisions, remains to be seen. I wouldn't hold your breath for a Bittorrent Free Zone, though.

      I admit to not knowing a whole lot about privacy laws in Asian countries but I get the impression that they're more restrictive than the U.S. in many cases. One datapoint: 2chan, the popular Japanese imageboard, is run out of the U.S. to shield it from Japanese authorities and law.

      Really, I don't think there's any place you can go where you'll get 'total freedom,' except maybe Freenet (and it's really slow and impractical to use). You need to think hard about what type of content is going to be the most problematic, and then choose a hosting location that's going to be least hostile to it.

      * To wit: Many European countries prohibit certain types of political speech under the guise of 'hate speech' laws and anti-Nazism/fascism policies. Although Canada isn't nearly as bad, their Bill of Rights-equivalent document, the Charter of Rights and Freedoms, "guarantees the rights and freedoms set out in it subject only to such reasonable limits prescribed by law as can be demonstrably justified in a free and democratic society," a cave
      • Wow. This is among the better posts I've ever seen on /.
        Thanks for your time writing that.
      • by Z00L00K (682162) on Saturday January 26, 2008 @06:22PM (#22196208) Homepage
        Basically, Sweden may be a good place, as long as you don't think about doing child pornography or actively breaking the law with actions that can awake RIAA, MPAA or the Swedish STIM, but from the question I assume that this is mostly a political issue. Of course you may not actively push for violent actions either (like blowing up the electrical grid, Hoover dam or Mt Rushmore. But being an annoyance like peeing on the flag or similar actions are just ignored.

        There are some laws that loosely requests that members of a bulletin board shall be known, but I have never heard about anyone being even brought to court in such cases and the verification is at most an email address, and considering the volatility of email addresses that's no big problem. The "Freedom of speech" is relatively strong, and as long as you don't actively push for breaking the law in ways that can be considered worthy to being brought to court it's no big issue.

        Having a system with a moderation (maybe like the Slashdot moderation) may still be a good idea to be able to cool down anything that goes over the edge.

        There have been some fuzz earlier about the Swedish site Flashback [flashback.net] for promoting cracks and computer criminality, but it actually hasn't ended up into anything of substance. Maybe you even can have your own forum at that site! In most cases the police will just look and thing "Well - another set of nuts - and go for some more coffee...". Considering that there are bigger fish to fry and the end result of the Pirate Bay story it will take a lot of pressure before anything happens if somebody in the US wants to do a crackdown. And it's likely to hit the newspapers too even before there is time to do something... And essentially the police is more into the watching part and avoids the acting part since it means paperwork. And they have better things to watch for than a bulletin board where the most of the discussion will fall under the freedom of speech anyway.

        Crimes that will put you on the radar of the police are more like driving under the influence (0.02% limit), speeding (fixed speed cameras at random locations on major roads) and drugs, both narcotics and illegal sales of prescription drugs but I don't think that the first two of these will apply for a web server hosting anyway.

        • Re: (Score:3, Interesting)

          by Anonymous Coward
          ... and unless you intend to "insult Islam".

          Hint: You can host a video of yourself peeing on the Swedish flag, but if you want to host a video showing yourself peeing on the symbol for Allah or the Quran, you are likely to struggle. It is interesting because it's true.
      • Re: (Score:2, Interesting)

        by Anonymous Coward
        Freenet might be slow and impractical now, but internet speeds will be vastly improving without you average website using much more resources.

        The main problems with freenet are:
        1. Websites are static, there is no change once they are uploaded although you can check for newer ones, forums and such cannot exist (although there is a kind of usenet system which is more of a dodgy hack that a proper system)
        2. Slow, messages can take days to reach the boards
        3. Missing data, since data is retained only by the amou
      • Russia (Score:3, Insightful)

        by poptones (653660)
        Unless you might have some users slinging about antiestablishment speech about Putin's regime, Russia is probably the safest. Yeah they have some weird laws regarding pornography so that might not fly too well either, but for the most part Russia seems to be the most lax on stuff like this - especially if you find a hosting company that is well connected. Just about anything is possible if you know the right people to bribe...
        • Re: (Score:3, Informative)

          by Dutch Gun (899105)
          You'll have to forgive me if I don't consider a place "safe" when you have to put qualifiers about what users might start saying, or when talking about having to know the correct people to bribe...
      • The right country to host in depends a lot on who you're most likely to annoy. If you're really likely to seriously annoy people, host your website in two countries (plus keep a backup), so that if one website gets shut down you've got your mirror site. It's not a bad idea to keep your DNS server in a different country than your hosting, or at least follow the standard DNS advice about keeping your nameservers on different subnets, which in your case means separate countries.

        If you're doing something poli

    • by moxley (895517)
      Parent shouldn't have been modded troll....
  • Tor (Score:5, Informative)

    by Lally Singh (3427) on Saturday January 26, 2008 @04:44PM (#22195566) Journal
    Tor [torproject.org] has a few blog hosts available. That way nobody would know who's hosting it. Of course, only tor clients could see the blog....

    OTOH, you could just create an account on blogspot while you're on Tor, and only post to it via Tor. That should keep you kinda safe, as long as you don't reveal yourself on the blog.
  • Nearly free speech (Score:5, Informative)

    by WK2 (1072560) on Saturday January 26, 2008 @04:48PM (#22195590) Homepage
    https://www.nearlyfreespeech.net/ [nearlyfreespeech.net] They will allow you to pay in cash, anonymously.
    • by lexarius (560925) on Saturday January 26, 2008 @04:57PM (#22195628)
      Seconded. I'm also fond of their "pay for what you use" cost model. I stuck a $20 in a website six or seven months ago, and that has paid for everything including domain name, MySQL process, bandwidth, etc and still going. Of course, the site in question is a private site meant for only a few people so it doesn't get much traffic, but the rates are fairly competitive for higher amounts of traffic as well. Additionally, you can buy "bandwidth buckets", which can (hopefully) get you through a Slashdotting without draining your coffers too much.

      Otherwise, there's always Freenet. Decentralized anonymous content hosting. Not quite The Web, but if you need it, it's there.
      • Re: (Score:2, Informative)

        by True Vox (841523)
        I fully agree. Freenet and NearlyFreeSpeech are both great things. Different uses, but both great none the less. The blog in my sig is hosted at NFS. GREAT people to work with.
    • Re: (Score:3, Informative)

      by ZSO (912576)
      They will allow you to pay in cash, anonymously.

      Their website disagrees with you. [nearlyfreespeech.net]

      We do not accept cash payments; you may use cash to obtain money orders from the United States Postal Service, Western Union, and many other vendors in the United States. Internationally, we recommend the use of American Express worldwide money orders denominated in US Dollars.

      If you wish to pay us anonymously, contact us in advance to request special arrangements. As we have a very protective privacy policy, such requests will be granted only if there are extenuating circumstances.

  • xs4all.nl (Score:5, Informative)

    by Incadenza (560402) on Saturday January 26, 2008 @04:51PM (#22195608)
    xs4all.nl is brave enough to face $cientology in a 10-year lasting court case [xs4all.nl]. And winning!
    • I can't read that, it's all in Hollish! [penny-arcade.com]
    • Re: (Score:3, Interesting)

      by Incadenza (560402)
      Of course I should have linked to their Motives and Ambitions [xs4all.nl] page as well:

      XS4ALL has its roots in a close-knit international internet community which played a large part in the creation of the internet. We therefore cherish and seek to protect the original values of the internet as a worldwide computer network that allows the free and uncensored exchange of data, information and ideas for everyone. XS4ALL therefore believes it has a special responsibility for the development of the internet.

      The internet

    • by houghi (78078)
      They also will give over any data requested if there is a court order.

      They might be willing to go into legal battle, they are not willing to goto jail ober it.
  • by LM741N (258038) on Saturday January 26, 2008 @04:58PM (#22195634)
    My bet on the premier hosting location will be Antarctica. Think of the HVAC bills a server farm would save. Plus its neutral territory.
  • Nowhere (Score:3, Insightful)

    by bobbonomo (997543) on Saturday January 26, 2008 @05:01PM (#22195658) Homepage
    Well basically nowhere!

    Let's say you find a hosting company in a country that is very libertarian and will not comply with any request for info.

    The routers to that place can be sniffed here in North America (or anywhere along the route) and voila the trick is done. Not as easy as getting logs but...

    If your subjects are that hot, then an easy break-in into the premises of that hosting company. (or a bribe). Remember Watergate?
    • Re: (Score:3, Insightful)

      by timeOday (582209)
      I don't understand this usage of the word "libertarian." In a truly libertarian system, the webhost would simply sell your personal info to the highest bidder. If everybody is free to do whatever they want, what right do you have to prevent them?
      • Re:Nowhere (Score:4, Informative)

        by PresidentEnder (849024) <wyvernender@gmail.cCOWom minus herbivore> on Saturday January 26, 2008 @05:28PM (#22195850) Journal
        In a truly libertarian system, they wouldn't dare do that, because then nobody would use their services; furthermore, they'd be afraid of retaliation.
        • by BeanThere (28381)
          Contracts and terms of service are also allowed (if I'm not mistaken) in libertarian systems --- at least, last I checked. What GP is confusing libertarianism (minimal government) with is "anarchy" (i.e. basically "everyone does whatever they want and there's no government").
          • by tverbeek (457094)
            Sure, contracts are allowed in libertarian systems. It's just that, without government enforcement, those contracts are essentially indistinguishable from toilet paper.
            • by MrNaz (730548)
              Legal documents are often indistinguishable from toilet paper, especially after it's been used, as at that point, both are covered in shit.
            • Re: (Score:3, Informative)

              by BeanThere (28381)
              Under whose definition of "libertarian" did you deduce that there would be no government enforcement? Libertarianism doesn't mean "no government" - that's "anarchy". Libertarianism is, effectively, 'minimal government required to maintain law and order', and that would include contract law.
      • Re:Nowhere (Score:5, Insightful)

        by Kadin2048 (468275) <slashdot.kadinNO@SPAMxoxy.net> on Saturday January 26, 2008 @05:28PM (#22195856) Homepage Journal

        I don't understand this usage of the word "libertarian." In a truly libertarian system, the webhost would simply sell your personal info to the highest bidder. If everybody is free to do whatever they want, what right do you have to prevent them?
        Well, they would certainly be free to do that, but if their business was predicated on a guarantee of security, it wouldn't be a very rational thing to do. They'd protect you just as long as it was profitable to do so; until the revenue hit from the bad PR of selling you out was less than they'd be paid to sell you out.

        This is essentially how most commercial webhosts in the U.S. operate as it is. They'll protect you if you're just irritating some guy whose only weapon is to write angry letters, but the second you tick off someone with a lot of lawyers and cash to burn, you're up the creek without a paddle.
        • Re: (Score:2, Insightful)

          by poopdeville (841677)
          Well, they would certainly be free to do that, but if their business was predicated on a guarantee of security, it wouldn't be a very rational thing to do. They'd protect you just as long as it was profitable to do so; until the revenue hit from the bad PR of selling you out was less than they'd be paid to sell you out.

          But who says their business would be predicated on a guarantee of security? Extreme privacy is a niche market. Most people just want a fast connection. You are unlikely to find an ISP anyw
      • A libertarian government isn't going to be snooping on people.
    • by Kamineko (851857)
      That's actually a pretty profound answer when you think of it.

      You can host nowhere. Think about it. You can't host anywhere, but you can host 'nowhere'.

      All you need to do is find somewhere which counts as 'nowhere'.

  • stay anonymous (Score:5, Insightful)

    by timmarhy (659436) on Saturday January 26, 2008 @05:02PM (#22195664)
    hosting in another country won't save you. if they find out who you are the government will just arrest you anyway, they don't even need a real reason these days.
  • Try Kinakuta.
  • how does this work (Score:4, Insightful)

    by KevMar (471257) on Saturday January 26, 2008 @05:10PM (#22195728) Homepage Journal
    If your server is hosted in a safe area but you (the owner/responcible operator) reside in the US. Can the FBI contact or require you to provide that info?

    Having it hosted in a safe are only protects the hosting company. The FBI will not get anything from them, the next step is for them to contact you (if they can figure out who you are).

    Atleast that way, you know when the FBI is trying to get info about you or your users.
  • Canada (Score:3, Informative)

    by Secret Rabbit (914973) on Saturday January 26, 2008 @05:12PM (#22195742) Journal
    Canada has wonderful privacy laws. I recommend checking us out. Of course, you should really investigate the specific company you might wish to host with. Because, many will submit to such foreign requests.

    Btw, if privacy is really your concern, you should at most co-locate and use disk encryption, etc. Also, if you aren't in the physical US, you should consider hosting the site yourself. That's really the only way you'll know for sure...
  • Sealand or Tor (Score:4, Informative)

    by Yahma (1004476) on Saturday January 26, 2008 @05:16PM (#22195762) Journal

    You have a few options, the first being Havenco [havenco.com] in the micro-nation of Sealand, which is an old WWII off shore platform that claims sovereignty. They have not, however, been recognized by other states, leaving their international legal status in limbo. They do claim, however, to not be under the jurisdiction of other nations laws.

    Your second and cheaper option is hosting via Tor [torproject.org] network. There are a few blogs and other sites hosted via Tor, although there are some technical difficulties involved.

    Be aware, if your privacy blog angers a powerful entity such as China, they can choose to just block all traffic to your site, rather than forcing your site offline.

    --
    Boycott Nokia [nrwspd.de] - Stop corporate Greed. Nokia, connecting people with the unemployment line.
    • I have been looking for such an alternative for quite some time as you can read from here http://tinyurl.com/66488 [tinyurl.com]. But to my dismay haven't found anything really interesting. Last month I received an email referencing my post and offering some secure and politically independent hosting solution. It is called the Republic Cyberbunker and it may be an interesting alternative. CyberBunker was built as a NATO base in 1955. In 1995 it was sold to a company under the control of it's present royal family and gove
  • IANAL (Score:5, Insightful)

    by Mawginty (882393) on Saturday January 26, 2008 @05:25PM (#22195828)

    And you might consider consulting one (if you have the money). You might also consider exactly what sorts of liability you'll be exposed to and search for jurisdictions with the most lax regulations in that area. You say that your site is going to be driven by user submissions . . . are you worried about copyright? You say you're worried about the FBI requesting user data, is there any particular reason you think the FBI will ask for your user data (that is, will you be requesting submissions on political/revolutionary/Islam topic areas? I suppose one could even piece together a user submission website dedicated to the discussion of criminal activity and how one might go about practicing crime . . . clearly an exposed place to be).

    Also remember it isn't only the FBI that can compel disclosure of user identities. The Think Secret/Apple, Inc. lawsuit proved that. A foreign jurisdiction might make it really hard for the government to get at user data, but make it really easy for private parties to do so in a lawsuit. Also consider, however, that if your servers are in a foreign jurisdiction then U.S. constitutional guarantees may not apply (you might say that they don't apply here anymore, but I would submit that they protect you at least a little bit). That could mean that if the government wants your user data, and the servers are outside the U.S., they could tap/hack/physically break in and get the data they want w/o even the pretense of judicial sanction, and w/o even the possibility of court action for you.

    My point here is that jurisdictions treat privacy differently across subject areas and differently depending on who's asking or taking the data. Find the subject area that your website most squarely fits under, and then find a jurisdiction with the most protective privacy laws, on the whole and against everyone you're scared of, for that subject.

    • by russ1337 (938915)

      That could mean that if the government wants your user data, and the servers are outside the U.S., they could tap/hack/physically break in and get the data they want w/o even the pretense of judicial sanction, and w/o even the possibility of court action for you.

      I'd say no matter what the hosting solution is, the server being compromised is a significant risk. (I'm sure the Three Letter Acronym organizations can get in if they try hard enough). So you'd want the people posting to be using an anonymous p

  • Greece? (Score:2, Informative)

    by Pinckney (1098477)
    Privacy International [http://www.privacyinternational.org/] ranks Greece highest among the nations they have examined in terms of the protection it provides for privacy.
  • Liberal IP and fair use laws, public notice and awareness of State side (**AA) bullying, decent bandwidth availability fair privacy laws.
  • You can not get more freedom than FreeNet [freenetproject.org]. Yeah, everybody knows netcraft has confirmed that it is dying but it is still there :)
  • You could host with someone who says they won't give out your info but you still have to deal with their server provider. If the server provider get a signed court order to give up a server most companies will be obligated to obey it.

    I run a small web host in Canada that hosts Cannabis related sites. I had to ask my server provider first if they allow that kind of traffic and their said they are ok with it and will only give out info with a signed court order. Same goes for me. Unless you have a signed cour
  • Why worry? (Score:3, Insightful)

    by nurb432 (527695) on Saturday January 26, 2008 @05:50PM (#22195978) Homepage Journal
    If you arent hiding anything, you have nothing to worry about.

    Of course I'm joking, but good luck finding a place 100% secure, anywhere in the world.
  • riseup.net (Score:3, Interesting)

    by Phlegethon_River (1136619) on Saturday January 26, 2008 @05:51PM (#22195984)
    riseup.net

    From their Privacy Policy:

    Please delete your user data (No contact info means that they can't be forced to give something which isn't there. Drawback: forget your password, you're screwed)
    We keep minimal logs
    We do not share data with anyone
    We will defend your data
    We will not monitor your communications
    Your data is encrypted

    (No, I am not affiliated with them, just found out about them this week myself)
  • IANAL.

    How would an encrypted, passworded filesystem work as a means of privacy? Granted, the server admin would need to be present at boot time (and for every reboot) either to input a password or connect some kind of storage with a key file. The latter option isn't as secure, because courts could subpoena that media. However, there was a recent court ruling (SCOTUS?) which said that a person cannot be compelled to divulge a password on the grounds that doing so would cause self-incrimination, and is uncon
    • by MulluskO (305219)
      I think you are on the right track, but if you're considered a service provider the better tactic may be to use HTTPS and not to log anything. It might make banning people more difficult, but maybe you could (here's a neat idea) save secure hashes of IP addresses instead.

      It really depends on what information you're trying to protect. Users' identities? Content of posts? Should you be on the web at all?
  • and can therefore still be tapped, subpoenaed and used in evidence. It doesn't matter where the hosts are, you need to consider where the traffic will flow on it's way to and from whereever. If it touches US territory, they'll still get you.
    • by Lally Singh (3427)
      The trick is to make the traffic useless against you. Everything unencrypted says nothing about you. Encrypted traffic makes it difficult. Encrypted traffic conveying a false identity will make it even harder :-)
  • by SplatMan_DK (1035528) * on Saturday January 26, 2008 @06:14PM (#22196158) Homepage Journal
    You might want to consider the Scandinavian/Baltic region.

    Sweden, Norway, Denmark, Finland, Greenland are all pretty protective about their citizens privacy. Provided your sites contain only "controversial" (but not illegal) content, you would definitely be in the clear!

    Illegal content would be: child pornography, copyrighted material for which you do not have the distribution right, neo-nazi propaganda and holocausts-denial. Pretty much everything else is accepted. Including blasphemies drawings

    Germany is also a good bet - but you would have to add "scientology" to the list of illegal content ;-)

    - Jesper
    • ...meant so write "including blasphemies and sarcastic drawings" as a reference to the recent "Mohamed cases" in Sweden and Denmark :-)

      - Jesper
    • Germany is also a good bet - but you would have to add "scientology" to the list of illegal content ;-)

      Morbo welcomes our new German overlords. May death come swiftly to their enemies!

    • <ad type="ISP">

      Check out Bahnhof Internet [bahnhof.se], specifically http://integrity.st/ [integrity.st]

      They guarantee:

      1. only to close web pages that breaks Swedish law
      2. not give information about customers to third parties
      3. not to store information unless demanded by Swedish law
      4. only to give user information to the police if demanded by the Swedish law
      5. etc

      </ad :-)>

  • by this great guy (922511) on Saturday January 26, 2008 @06:59PM (#22196414)

    If I were you, I would first recognize that no matter how careful you are, there will always be a chance of someone (the govt, your web host) with the authority to take down the physical server hosting your website. So I would physically host the site in at least 3 different countries. Use DNS to spread the load on the different locations (all are active at any point in time). If one of them get taken down, update the DNS accordingly to redirect traffic to the other locations, and start setting up one more server in another country (have the technical procedure clearly described and easy to follow so multiple people you trust can follow it). Of course you need to have the user content posted to any location automatically replicated to the others. (Notice how this sounds much like NNTP).

    If someone succeeds into getting administrative access to your DNS records, register a new domain name and get the word out to communicate it (IRC channel where you guys usually hang out, a post to some other forum, etc). Or just communicate the IP addresses prominently.

    Good luck to someone trying to take down something hosted as described above ;-) Choose the right 3 countries and, because of red tape, no governments will ever be able to successfully cooperate to take down the 3 physical servers at the same time.

    • He is trying to protect the privacy of users of his site, by keeping whatever information he has about them that isn't public (IP address, email, etc), out of the hands of the powers that be. Hosting in multiple locations doesn't address that problem - it makes it worse.
  • Uncensorable Hosting (Score:5, Informative)

    by JWSmythe (446288) * <jwsmythe@nOsPaM.jwsmythe.com> on Saturday January 26, 2008 @10:32PM (#22197564) Homepage Journal
    There are two big things with this.

    First, any provider can and will give in to pressures. Just because they're not "in" the United States doesn't mean that they won't be leaned on by the United States.

    Every provider connects to someone else. Otherwise, you being on your residential Cable/DSL/whatever wouldn't be able to reach Rajhed's IndiaPorn. :)

    Being that it is true, the gov't could simply lean on American held companies, or companies with American interests, to find out who you are, find out what's on your servers, or simply get you unplugged. Just because you host at Sealand, in central Siberia, or whereever, you still run the risk of provider A strongly encouraging provider B to do something about it.

    Been there. Done that. Got the Federal agent sitting in my office about it. Of course, I played stupid until I found out what the hell he was talking about, and then made some phone calls to find out the rest of the story. :) (short story, our customer handed over an exploited server. It was only because it was exploited, it had nothing to do with the content. They had already put a new machine up with restored content, as good exploit protocol suggests.)

    Second, what the hell do you think you're going to say, that will get the feds knocking on your door, on the hosting facility's door, etc, etc?

    I run http://freeinternetpress.com/ [freeinternetpress.com] . If you read what we say, and have said for years, by all the legend of the National Security letters, we quite likely should have our phones tapped, servers confiscated, and been visiting Southeastern Cuba for more than a few days.

    In reality though, we've had every (like, EVERY) intelligence agency in the world read our news. That was scary at first, but I made some friends (through other means) who had worked in intelligence, and they broke the bad news to me. The feds aren't watching us because they're interested in getting us. They're watching us because we are a good news source. Even though we've NEVER had a single contact regarding Free Internet Press, we're read every day. Above that, you'd be surprised to find out how many intelligence agencies there are out there. It took us quite a while to decode a lot of the hostnames, even when we ran them up and down a few of our grapevines. My favorite that I still like to brag about is eop.gov . They were monthly visitors.

    I haven't bothered to re-check our logs to see what odd hostnames come in any more. It's entertaining, but serves no other purpose.

    I'm VERY close with my hosting company. (like, VERY). I'd know the moment they were sniffing around, mostly because I'd be the one to open the cabinet door for them. :)

    If it came down to it though, we'd just dump the hostname off to another server (I have a few spare hosting accounts in my pocket, all under different people's names, at different facilities), and put it right back online with a big notice "WE GOT SHUT DOWN BY THE FEDS, Here's the documents!"

    If I didn't do it, there are a dozen or so other people with enough access to do it for me. Like, if I ended up in Southeastern Cuba, with an orange jumpsuit, a blanket, and a copy of the Koran (they issue 'em to everyone, from what I understand).

    So, what's going to keep you from landing in hot water?

    1) Don't say you're going to kill someone.

    2) Don't threaten to blow something up.

    3) Don't make claims above and beyond anything you're really willing to do.

    For example (EXAMPLE!) if you were to say, "I'm going to blow up the Whitehouse tomorrow", if you're not serious, you're stupid for saying it. If you are serious, you deserve to get beaten down and thrown in jail for a long time. While I'll disagree with
  • No Provider (Score:3, Informative)

    by Tom (822) on Sunday January 27, 2008 @07:06AM (#22199258) Homepage Journal
    There is no solution to your problem unless you cut out the provider part. For every provider, you will be a minor customer not worth major trouble with government or law enforcement, and often not even with something like the RIAA or even just a lawyer who knows how to write impressive letters.

    I ran one of the major DeCSS sites back when they were being taken down by the dozens (and new ones appeared quicker than that). In the turmoil, I offered one of about ten or so reliable static points, simply because I didn't have a provider at all - I worked at the company hosting the site, and I was one of the guys in charge of the server farm, and would have been among the first the lawyers would've talked to in case of any serious trouble.

    Go work for an ISP and make sure you know the people in the legal department. Oh, also: Make sure it's not a company server, but a private server for which you have an agreement that it'll be hosted, cost-free, as part of your employment. That's how I've done it at several companies, and the only thing I'd do different today is to make sure I get that in writing.

Nothing succeeds like success. -- Alexandre Dumas

Working...