Perhaps you might want to have a look at the Press release from the
AN.ON project:
http://www.datenschutzzentrum.de/mat...e/anonip_e.htm
The AN.ON service allows users to surf the web anonymously by use of a
system in which the communication is lead via anonymising intermediate
computers, so-called mixes. The new version of the mix software
includes a function by use of which the access to a particular web
server can be recorded. Many people felt irritated about this. Due to
the vast number of queries to the collaborators of the research
project at Dresden University of Technology and Free University Berlin
and to the Independent Centre for Privacy Protection
Schleswig-Holstein, Germany, (ICPP) in this context, the ICPP gives
the following statement on the background of the implementation of
this function:
Within the context of concrete preliminary criminal proceedings by the
German Federal Office of Criminal Investigation (BKA) – not against
the ICPP, as wrongly reported –, the ICPP received a judicial
instruction by the Local Court (Amtsgericht) Frankfurt / Main,
Germany, by which the collaborators of the research project AN.ON were
bound to record all access to a particular IP address (which was
probably connected with the release of criminal contents) and to
provide information on the stored data.
Since it is not permissive to release information about current
proceedings according to German law, the project partners did not
inform the public at first. Based on the fact that the developed
software has been released in the source code since the beginning of
the Open Source Project, also the implemented recording function was
of course released. The project partners underestimated the problems
caused by the dilemma between the observance of secrecy within the
context of concrete preliminary proceedings and their own claim for
transparency. They did not want to be accused of aiding and abetting
or penalty thwarting to prevent AN.ON from being criminalised. Since
this was the first judicial instruction of this kind, they did not
have any experience in this context. Because of many AN.ON users'
uncertainty , the project partners feel bound to make a public
statement on this case.
As far as the ICPP is concerned, there is no legal ground for the
judicial instruction in the quoted legal instructions of the code of
criminal procedure. The legal view by the ICPP is supported by the
prevailing commentary literature as well as by the Official
Explanation by the legislator in the legislation process of the
corresponding legal instructions. According to the legal instructions
of the §§ 100g and h of the Code of Criminal Procedure
(Strafprozessordnung, StPO) which have become effective on Jan. 1,
2002 as successors to § 12 of the Law on Telecommunication Facilities
(Fernmeldeanlagengesetz, FAG) and on which the lower district court
and the federal bureau of criminal investigations based their claim,
such a claim for information by the criminal prosecution officials may
only refer to those data that are collected and stored by the service
providers in a permissive manner on the basis of given regulations.
However, as the name says, the anonymisation service will not collect
and store any data referring to the user. According to the
Teleservices Data Protection Act (Teledienstedatenschutzgesetz,
TDDSG), this would not be permissive anyway. The order for a data
recording is not supported by the legal regulations the Local Court's
instruction is based on, i.e., the instruction is obviously unlawful.
According to the Code of Criminal Procedure, the order for a data
recording is exclusively permissive in very restricted cases., i.e.,
there has to be the suspect of a criminal offence which is explicitly
recorded in the § 100a of the Code of Criminal Procedure. A decision
based on this paragraph has not been ordered by the police, probably
because the requirements are not met.
The ICPP has immediately made use of the formal measure of appeal from
the decision. Since this appeal has no postpone effect, i.e. the
content of the decision has to be realised until another court
decision in spite of the appeal, the AN.ON developers have programmed
such a function and implemented it in the current version of the mix
software.
By use of this function, it is possible with the co-operation of the
mixes to record the access to a particular given IP address for the
future only. The IP address of the requesting user, the request, date
and time will be recorded. All other web pages and all other users of
the AN.ON service will not be affected, though! The JAP software as
such which has to be installed by all users of the AN.ON service does
not include a recording function. The current, obligatory, update of
the client software JAP has nothing to do with this function.
The ICPP points out explicitly that only the access to the IP address
mentioned in the judicial instruction will be recorded. The AN.ON
operators guarantee that also in the future, no access will be
recorded without a judicial instruction. The AN.ON service is operated
in every respect in accordance to the valid laws, i.e., a collection
and storage of user data would be unlawful and will therefore not be
carried out. On the other hand, the commitment to law and order means
that a judicial instruction cannot be simply ignored.
Therefore, making the monitoring of access to a particular IP address
related to criminal contents possible does not mean that all users of
the service are monitored. Only in single cases and if all legal
requirements are met, i.e. if there is a binding judicial instruction,
the AN.ON service will record the access to a particular IP address
which has been precisely defined by the judge.
Except for the case mentioned above, the protection of the users'
anonymity is and will remain the central warranty of AN.ON. The AN.ON
operators warn against the generalisation of this single case and the
general jeopardising of the whole service. Anonymity in the internet
makes still sense when the access to a single website with illegal
content is recorded for a limited time period due to a court decision.
From the beginning, AN.ON has been the target of suspicion and
scepticism by many security officials at home and abroad. This had the
result that AN.ON has not only been attacked in police publications
but that single collaborators of Dresden University of Technology have
even been summoned by the police for interrogation. The operators did
not submit to the police pressure but they have to keep to a judicial
instruction just like everybody else. Certain security circles would
probably be very happy if the AN.ON operator would give up now and
drop the guarantee for the anonymous internet access. But the AN.ON
operators do not want to give them this favour. Therefore, AN.ON will
be continued. Those who are really concerned about the anonymity in
the internet should deal with the police procedure in a critical way
and support AN.ON instead of regarding AN.ON operators as the "main
enemy". It is not AN.ON that endangers anonymity but legally dubious
police interference in the operation of AN.ON. Another thing to be
questioned is why a decision about the ICPP appeal has still not been
made after more than six weeks.
We are convinced that the right for anonymity is secured by the
constitutional law. Further on, it results explicitly from the
Teleservices Data Protection Act. All those who want to defend this
right like the ICPP should support AN.ON and the ICPP. We actually
know about our responsibility for the AN.ON users.
Information on the work of the ICPP:
Independent Centre for Privacy Protection
Schleswig-Holstein
Holstenstraße 98 / 24103 Kiel
Germany
Phone: 0431/988-1200 / Fax: 0431/988-1223
E-Mail: mail@datenschutzzentrum.de
Homepage: http://www.datenschutzzentrum.de
Information on AN.ON:
www.anon-online.de
Reply With Quote