Forgot your password?
typodupeerror
Privacy Encryption Networking Security Your Rights Online

"Anonymous" File-Sharing Darknet Ruled Illegal By German Court 285

Posted by timothy
from the your-virtual-papers-please dept.
An anonymous reader writes "A court in Hamburg, Germany, has granted an injunction against a user of the anonymous and encrypted file-sharing network RetroShare. RetroShare users exchange data through encrypted transfers and the network setup ensures that the true sender of the file is always obfuscated. The court, however, has now ruled that RetroShare users who act as an exit node are liable for the encrypted traffic that's sent by others."
This discussion has been archived. No new comments can be posted.

"Anonymous" File-Sharing Darknet Ruled Illegal By German Court

Comments Filter:
  • by Anonymous Coward on Friday November 23, 2012 @09:08PM (#42078489)

    Who thinks it will take long for the hackers to create malware that sets OTHERS up as unwitting exit nodes?

    • by Squiddie (1942230) on Friday November 23, 2012 @09:09PM (#42078497)
      About two days ago.
    • Dunno, but I bet you could make a tonne of money by sending adverts through it.
    • by Anonymous Coward on Friday November 23, 2012 @10:03PM (#42078859)

      I can see it happening already, someone will donate to the judge a cheap and crap computer (Raspberry Pi fits the bill perfectly) and run up a Tor exit node on it. Much hilarity ensues. :-)

      It's academic anyway, because this is a ruling that will get overturned in the EU for being in conflict with basic freedom of speech. Encryption of communications is not illegal in EU.

      What's more, Europeans tend to be strongly opposed to the excesses of the copyright lobby, and strongly supportive of freedom of file sharing. The politicians even listen to them on this subject, as the official political representation shows. So, that judge is out on a rather lonely limb, and a stupid limb if he'd thought about the implications for two seconds before running off to the golf club. It's unlikely to stand.

      • by jamstar7 (694492)

        It's academic anyway, because this is a ruling that will get overturned in the EU for being in conflict with basic freedom of speech. Encryption of communications is not illegal in EU.

        Doubtful. Remember, we're dealing with people who have a vested interest in declaring copyright infringement as 'theft of ideas'.

      • by Seeteufel (1736784) on Saturday November 24, 2012 @07:56AM (#42080907) Homepage
        The story is wrong. The judge decided a particular case where the user is said to have used Retroshare [sourceforge.net]. You cannot rule that it was set up to defame retroshare. Nowhere did the Court rule that using Retroshare was illegal. It didn't and it was not entitled to. In reality Retroshare is the future and F2F is a nightmare for the content mafia. Simply because with Retroshare no one would find out that you shared a file, and F2F creates a network of bilateral trust. The CeBit, the largest European computer fair, will focus on shareconomics next year.
  • by garcia (6573) on Friday November 23, 2012 @09:12PM (#42078541) Homepage

    This is ridiculous. All common carriers then should be held liable for the network traffic that passes around.

    • by mrmeval (662166)

      Common carriers are government sanctioned and they have very specific meanings. The court in that case is most likely not insane but ruling on the law and past precedent.

      Germany does not have free speech in some cases. That's another attack vector against it.

    • by Zorpheus (857617) on Friday November 23, 2012 @10:01PM (#42078847)
      But common carriers give police the names of the customer that was responsible for certain traffic.
      • Re: (Score:2, Funny)

        by garcia (6573)

        So the common carriers know I have an encrypted VPN running between work and my house 5 days a week. They know I have an encrypted VPN between my house and my mobile device 24/7/365 the rest of the time.

        So they give the police my name, what then?

        Q: "What are you doing with that encrypted VPN?"
        A: "Hiding from my fantasy football league friends the fact that I'm watching Barbie.com".

        Please.

        • TOR obfuscates the source and destination of traffic. Common carriers are required to allow police to have that info. Once they know what they're looking at they can force you to give them your encryption keys. There is no "we will take no for an answer" EVER with the authorities. If you're legit then you've agreed to play ball with them, it doesn't work any other way.

    • Be careful what you wish for...
    • They are (Score:2, Insightful)

      if they don't provide law inforcement with the ability to tap into the traffic and identify its source and destination, and content too modulo user encryption. If you want to REGISTER your TOR network as a common carrier and be subjected to (in the US) CALEA then be my guest!

      This whole thing is the UTTERLY predictable response to the whole TOR thing. When you join a conspiracy to hide what everyone is doing then don't be surprised when you're held responsible for the actions of the whole group (network). Wh

      • Just look at Wall Street! They sure learned you can't route around the law.

      • Tor was a lame attempt to route around the law, in any case. The real thing are all the various darknets that don't have exit nodes, with all content stored on them and only accessible via them. Good luck busting those.

    • I read TFA and see that the person charged made the mistake to friend someone he didn't know was a copyright holder. So yes he was the exit node, he was stabbed in the back by a "friend". I don't necessarily agree with the finding but if you use retroshare and only friend people that are oh.. friends.. then you should be fine.

    • To lazy to look it up but just a few days ago ANOTHER german court ruled that parents could NOT be held accountable for the file sharing of their children if they had a talk with the child that it shouldn't do it. The parents could NOT be expected to police their childs online activities all the time.

      So... are you or are you NOT responsible for the actions of another on your system?

      Lower court rulings ain't worth the paper they are written on unless you don't appeal.

  • What's next? (Score:5, Informative)

    by Hentes (2461350) on Friday November 23, 2012 @09:13PM (#42078547)

    Germany declares Tor illegal?

    • by fa2k (881632)

      It wouldn't be that surprising. They already have an EU directive telling all ISPs to save traffic data. Tor is a gaping hole in their ability to "investigate" people. They could do like in this case and make people responsible for things coming out of their exit node. People in Germany could still *use* tor legally in this scenario, that would require a different law.

      It's strange how governments have become obsessed with gathering data. With the old tech, you can send anonymous letters, make calls from tel

    • by gl4ss (559668)

      they already did if they declared this illegal.

    • The Court didn't declare Retroshare illegal [sourceforge.net]. And the nice thing about retroshare is that in F2F relations there is no way to find out and bring the case in front of a judge.
  • ...You might wonder why:

    That's because an IP address is not a human being [itworld.com] when it comes to matters of law.

    This is what our friendly folks in Germany will find out sooner or later. The trouble is that they'll have wasted so much time. Sad indeed.

    • by westlake (615356) on Friday November 23, 2012 @10:09PM (#42078875)

      That's because an IP address is not a human being when it comes to matters of law.

      The decisions of a US district court can't be expected to carry much weight in Germany.

      On 12 May 2010, the Bundesgerichtshof (Federal Supreme Court - BGH) granted an injunction to a music rights marketing company against the private operator of a WLAN under contributory negligence rules.

      The BGH agreed that the plaintiff had no civil law entitlement to damages for breach of copyright by the defendant, either as perpetrator or participant, since it had not been proved that the defendant had shared the music himself or deliberately helped a third party to do so. There was every reason to assume that the person to whom an IP address had been allocated would be responsible for an infringement committed from that address. However, in this case, this assumption had been credibly refuted by the defendant's claim that he had been on holiday when the offence was committed. Neither had he intentionally participated in an infringement by a third party.

      However, under contributory negligence rules, the BGH found the WLAN owner liable for failing to prevent a protected work from being made available to the public (Art. 19a of the Urheberrechtsgesetz - Copyright Act). By operating a WLAN that was not sufficiently secure, the defendant had wilfully and, with sufficient causality, contributed to this infringement and failed to meet his duty of due diligence in this respect. Even private individuals - if only in their own interest to protect their data - could be expected to verify whether their WLAN was sufficiently secure to prevent its misuse by third parties standing outside.

      BGH Finds WLAN Operator Liable [coe.int]

      [2010]

      TorrentFreak, to, to its credit, posted this link as an Update to its original story.

      • by Damouze (766305)

        That is just sad...

        One of the cornerstones of the whole "free internet" thing is that since ISPs are just conduits, they can't be held responsible for what goes through their "pipes". I would think that the same would apply to individuals who have WLAN bubbles in and around their house, regardless of whether or not they had secured them. Especially, if you have a closed WLAN, however insecure it may be, gaining access to that WLAN without the owner's permission would be equivalent to breaking down the door.

    • by dadioflex (854298)
      The last thing anyone in the EU wants is a legal system similar to the USA. We'd have to build ten times as many prisons. We have NO money.

      The "Prisoner Defence", ie "I am not a number, I am a free man" is a grand idea but it's hard to avoid contributory negligence. So, if you had a car and you let anyone borrow it regardless of whether they had insurance or even a driving license then you'd be committing a crime. If you pay for an internet connection and you are equally lax about how it's used then you
      • Re: (Score:2, Insightful)

        by Anonymous Coward

        I don't understand how anyone has a problem with this.

        Anyone who cares about privacy, freedom, and anonymity has a problem with this. Equating the desire for anonymity to letting random people drive your car or leaving a gun out in your yard is just ridiculous.

    • by Nyder (754090)

      ...You might wonder why:

      That's because an IP address is not a human being [itworld.com] when it comes to matters of law.

      This is what our friendly folks in Germany will find out sooner or later. The trouble is that they'll have wasted so much time. Sad indeed.

      Germany is distracted with building their forces up for another go at taking over the world. please forgive them.

      • Actually I suspect it to be a constructed case to defame Retroshare [sourceforge.net]. This case is not about retroshare, if is about an offense allegedly done by a person with retroshare. You hardly go to court for infringement. So expect that to have been constructed by the copyright mafia using the notorious Hamburg court. I can't see what the copyright mafia could do against F2F networks. You antigermanism does not cut it.
  • by tftp (111690) on Friday November 23, 2012 @09:21PM (#42078587) Homepage

    The problem is not whether it is "legally" "legal." You cannot afford a lawyer that can argue that part. If the traffic came from your computer you are guilty, and that's it - this is how most judges will interpret the act. There is no way to prove otherwise - your incoming traffic is encrypted. Even if the judge understands the technology he may slap you with being an accessory to the crime.

    Some mention public telecommunications services. I'm sure those services have an entirely different legal environment - starting with their corporate charter that is signed by the Secretary of their State. A peasant in his hovel does not have even a shred of paper to point at; he is not a corporation, nobody with the government had a chance to audit his intentions... not that it should be required, but as things are it is required.

    • You could try to observe the MAC address(though equally possible to spoof) if the network topology is sufficiently shallow and the routing sufficiently transparent.

      Also, all traffic from an IP address doesn't necessarily come from a single computer. It just means it comes from a certain network.

    • by adolf (21054)

      I have four adults and one minor living in my house. We all use the same IP address, as do many of the various visitors we have who use the household WiFi.

      Who committed what?

      • by tftp (111690) on Saturday November 24, 2012 @01:59AM (#42079927) Homepage

        The person who pays for the Internet will get an offer that he cannot refuse. It's like speed cameras - nobody can be sure what specific member of the household drove that car, but the ticket is sent to the title holder.

        If a crime had been committed and all N possible suspects are equally likely to be guilty, an enlightened idealist would say that the police will let them all walk. However a police professional will tell you that the police/prosecutor will select a prosecutable individual and railroad him regardless of his actions. If they picked a wrong man, chances are good that he will start talking and "the real killer" can be then arrested.

        Besides, in most cases it's not rocket science to find out who did what. If the list of suspects includes your mother, who is an accountant, your grandfather who retired 30 years ago, and you (of the tender age of 18, studying computer science) many detectives will point their finger straight at you. A few hours in detention, a few colorful scenarios of whatever remains of your life, all masterfully explained to you by a seasoned professional, and you will break. They will question you for days asking the same questions, you will mix something up or lie in small details, they prove it, and that lie seals your fate. But why do I explain all that - the whole story is exactly about that, how they get "their men." Only Assange is still safe, but he can't hide forever. And if he does, it's nothing but a self-imposed prison sentence.

        • Re: (Score:2, Insightful)

          by Anonymous Coward

          Thats why you never talk to the police.

          Never, ever.

          Good talk on this subject:
          http://www.youtube.com/watch?v=6wXkI4t7nuc

          With the same advice given by a police officer ;)

  • by zergl (841491) on Friday November 23, 2012 @09:26PM (#42078615)

    For what it's worth, this is a copyright case and Hamburg is the preferred location for ridiculous lawsuits by rights holders due to their excessively industry friendly media rights chamber.

    The BGH [wikipedia.org] overturns their verdicts with satisfying regularity and the defendant hopefully will appeal that one.

    • Oh, please, who are you kidding? German politicians and courts are so completely in the pocket of media companies and copyright holders that people don't even realize anymore what's going on because it is so entrenched. Germans have to pay GEMA, VG Wort, and other such organizations if they fart. And much of the ridiculous copyright legislation in the US is pushed by German media companies like Bertelsmann.

      • by zergl (841491)

        True, copyright/IP law around here is quite bad, but I wouldn't agree that the courts are in Big Media's pocket (well, except for Hamburg, obviously), the pirate party has been gaining considerable traction causing some rethinking in the bigger parties when it comes to sucking up to the content industry for IP legislation and it doesn't change that this verdict has reasonable chances of getting overturned if appealed considering the stellar track record of the OLG Hamburg when it comes to that.

      • Not really, there is multiple truths to it. Certain neighbourhoods of Hamburg may be perceived dangerous by locals but no where close to Bogota. The content mafia isn't as strong anymore as it used to be.
  • by Sique (173459) on Friday November 23, 2012 @09:28PM (#42078629) Homepage
    ... This is no legal precedent, as in German law, there is no precedent. Another court can rule completely differently, and Hamburg has some fame for ruling quite strongly in favor of big media conglomerates and contrary to the interest of the internet users. Only if the highest court in Germany, either the Bundesgerichtshof (Federal High Court) or the Bundesverfassungsgericht (Federal Constitutional Court) rule, it sets legal precedent.
    • by westlake (615356)

      Another court can rule completely differently, and Hamburg has some fame for ruling quite strongly in favor of big media conglomerates and contrary to the interest of the internet users. Only if the highest court in Germany, either the Bundesgerichtshof (Federal High Court) or the Bundesverfassungsgericht (Federal Constitutional Court) rule, it sets legal precedent.

      But you have to be realistic about these things.

      Hamborg, officially Free and Hanseatic City of Hamburg, is the second largest city in Germany, the fifteenth largest German state, and the sixth largest city in the European Union. The city is home to over 1.8 million people, while the Hamburg Metropolitan Region (including parts of the neighbouring Federal States of Lower Saxony and Schleswig-Holstein) has more than 5 million inhabitants. Situated on the river Elbe, the port of Hamburg is the third largest port in Europe (after the Port of Rotterdam and Port of Antwerp) and tenth largest worldwide.

      Hamburg [wikipedia.org]

      • by Sique (173459)
        You have to be realistic here: Hamburg decision are riled on in other parts of Germany, because they run contrary to what other courts rule.
  • by girlintraining (1395911) on Friday November 23, 2012 @09:29PM (#42078635)

    Let's be honest: If you're doing something that someone with significantly more money than you is upset by, you will be punished. Most of what you were taught as a kid was a lie; The law isn't here to protect you, but control you. Every law advantages one group by disadvantaging another. And the idea of morality, ethics, punishment proportional to the harm, any judicial concept you care to toss out I can show numerous and significant examples where it has been thrown out because of the money issue I mention at the start of this.

    Money isn't power per-se, but in this society, the value of a person is the balance in their accounts. If you're a valuable person, you get special treatment -- police will investigate crimes for you more readily, favors are easier to get, and everybody wants to be your friend. But if you don't have money, then the only real power you have is that people like you greatly outnumber people like them. But unless that potential is actualized, forget it.

    Laws like this will continue to punish file sharers because file sharers are poor. You're being punished, not because what you're doing is unethical or immoral, but because you make less money than the people who say it should be illegal. Whether it's the german courts, the european courts, the american courts... it doesn't really matter. All countries are the same: With enough gold, anything is possible. And when you have enough gold, the first thing you do is punish and inflict harm on anyone who has less than you do... or else. Or else they could some day have enough gold too.

    • Laws like this will continue to punish file sharers because file sharers are poor. You're being punished, not because what you're doing is unethical or immoral, but because you make less money than the people who say it should be illegal.

      Perhaps, but only in so far as it's economical to do so. One might easily imagine a scenario where these encrypted darknets, perhaps aided by those whose machines were hacked and turned unknowingly into exit nodes, remain so difficult to penetrate that the effort will only be expended as part of larger military conflict between nations and not for what amounts to a relatively minor economic matter like copyright.

      Or to put it another way, if it costs too much to track down the file sharers then the effort wi

      • by girlintraining (1395911) on Friday November 23, 2012 @11:06PM (#42079143)

        One might easily imagine a scenario where these encrypted darknets, perhaps aided by those whose machines were hacked and turned unknowingly into exit nodes, remain so difficult to penetrate that the effort will only be expended as part of larger military conflict between nations and not for what amounts to a relatively minor economic matter like copyright.

        One might imagine that instead of imagining, one simply looks to history: When PGP 2.6.2 was released, it opened the possibilities of encrypted and secured data exchange between private citizens that the government could not easily crack. Citizens now had access to technology only the military had, and it proliferated rapidly. It led to the rapid expansion of the internet, secured business transactions; It made quite a few people very wealthy, and changed the entire landscape of society. Our society now relies on something that was, not even all that long ago, considered to have no practical application beyond military conflict.

        And now, private citizens are building their own technologies and tools to withstand the sustained efforts of a coalition of the world's largest governments to spy on them. It's being used to help people organize politically and socially in oppressive regimes, bring medicine and information about the outside world to those who otherwise could not. It's also helping terrorists, pedophiles, and murderers. There is good, and there is bad, but encrypted "darknets" are increasingly a part of our lives, and looking at the history, it's only a matter of time before outlawing them will not only be impossible and foolhearty, but also not in the best interests of national security.

        When I hear about this endless bullshit with the RIAA, copyright law, filesharing... I realize that they're helping to create a digital underground not unlike what happened during the prohibition. Thanks to them, identity thieves have convenient and covert forums to ply their trade, and a lot of that money winds up in the hands of terrorists and political extremists both foreign and domestic. Because they've targetted such a wide swath of the general population and forced them to develop effective defenses against snooping, they've made it easier for those truly damaging to our interests to hide in the noise. It speeds the development of ever-stronger crypto and secret communication channels.

        Would we really need cryptography if the governments, corporations, and wealthy private interests, were not so aggressive in turning everyone into a criminal? No. Which means crypto communications would be easily spotted, and it would be easier to monitor and track the truly dangerous. It is a direct consequence of heavy-handed tactics like this that has created a significant and well-connected network of "cyber" criminals; In the beginning we had Napster. Now we have bittorrent and P2P software. You know who else has those? Bot herders. Identity thieves. Non-criminals developed the technology to protect themselves from over-zealous enforcement agents, and as a consequence hundreds of millions of computers right now are engaged in acts of terrorism, vandalism, sabotage, and theft, on a scale that is hard to even comprehend. The size of these criminal enterprises dwarfs that of the entire entertainment industry, globally.

        By the time the governments of the world wake up and realize what they've done, we'll be looking at a global criminal infrastructure mated to our communication networks, with a robust distribution network thanks to the drug trade, that not even a coalition of every first world government will have a snowball's chance in hell of dismantling. All because they listened to a few people out to make a buck, and conveniently forgot the law of unintended consequences.

        • by Kjella (173770)

          Long story short, there is no digital equivalent of a letter only post cards and impenetrable safes. Apart from all the people that legitimately want to hide things from oppressive governments or illegitimately hide things from the law, was it ever reasonable to expect that people in general would continue to communicate with post cards? I mean except for the exception that the government might issue a warrant it's undoubtedly a private conversation, so I don't feel any objection to using a secure messaging

      • by Dunbal (464142) *
        They don't have to track down all the file sharers. Only a select few, and make highly publicized examples of them.
    • The law isn't here to protect you, but control you.

      It's neither one or the other, it's both, that's why she wears a blind fold.

      • It's neither one or the other, it's both, that's why she wears a blind fold.

        Tell me, what inspires your confidence in a blind woman wielding a sword passing judgement on others? Because generally, that's the kind of thing that makes the evening news, not the basis for justice.

        • Justitia (the Roman God of Justice that the statues are modeled after) refers to the Egyptian Goddess Maat who is charged with upholding the laws of the Creator.

          If 4500 year old Gods aren't good enough for you I don't have an answer.

    • by countach (534280) on Saturday November 24, 2012 @01:08AM (#42079747)

      If that's true, the law has failed. The only reason we have law is to protect those with less resources from those with more.

  • Need to know (Score:5, Informative)

    by Tom (822) on Friday November 23, 2012 @11:05PM (#42079141) Homepage Journal

    Two things you need to know:

    One, this particular court (and I know it well, this is my home city) is being ridiculed throughout Germany and its judgement are routinely reversed by the higher courts. It does cause trouble, but it is an outlier, not the norm.

    And that is important because Germany follows the CIVIL law system, not the common law system - courts do not set precedents, other courts will interpret the law, not whatever some court elsewhere decided. And the so-called "flying court", a system where you can choose which court to sue in if you can reason why the case falls into its jurisdiction - easy for Internet-related cases to do - has been dramatically culled back this year, with more and more courts not accepting the easy arguments anymore.

    So, in essence, this is one court well-known for being crazy. Still unfortunate, but not half as consequential as the summary makes you believe.

  • From The Wikipedia: "A darknet is a private, distributed P2P file sharing network where connections are made only between trusted peers — sometimes called "friends" (F2F)[1] — using non-standard protocols and ports."

    What they're talking about in TFA is something like TOR.

  • The Internet started as a darknet.

  • by Anonymous Coward on Friday November 23, 2012 @11:22PM (#42079227)

    ... can kiss my exit node.

  • Then why aren't the communication stream providers also deemed to be just as liable and guilty for this infrinement/infringing activity?
    • ISPs move packets as efficiently as possible, and they do follow laws that give them certain immunities as long as they adhere to accepted protocols, like responding to lawfully filed notices. ISPs do NOT work really hard to hide the source of an act, making it slower and more costly in the process. These "darknets" expend ten times as many resources specifically for the purpose of hiding people who don't want to be held accountable for their actions. The whole point of the proxy is "I'll do your dirty wor
  • ... based on random source address in UDP datagrams. The payload is still fully encrypted, and the receiving app that decodes it with its own private key can discover the context of the datagram (e.g. which network session it belongs to, and which aspect of that session it means ... like which file and offset in the file). This way the party receiving the content can't see what exit node is involved.

    ISPs could block forged source addresses. It's expensive. But if they do, then maybe DDoS attacks would g

  • by raymorris (2726007) on Saturday November 24, 2012 @02:47AM (#42080071)
    If I knowingly delivered packages from people who wanted to hide their identity, making it more expensive and slower due to the extra steps required to hide, I would expect to be held responsible for any bombs or drugs I delivered. How Is this different from.an ISP? An ISP delivers content as efficiently as possible - they don't take extra steps to hide the perpetrator of unlawful acts.

Receiving a million dollars tax free will make you feel better than being flat broke and having a stomach ache. -- Dolph Sharp, "I'm O.K., You're Not So Hot"

Working...