I too worry that the actions of a zealot defending a principle will negatively affect my service. I am sympathetic to the pragmatic position Linode has taken. Although this thread appears to have been beaten to death, there might be one worthy observation:

One apparent point of widespread agreement between many posters and indeed, Linode managerment is this:

We are supportive of the notion of protecting privacy, and thus the running of Tor "in theory." But in practice we are not. Like having one's cake and eating it.

Well, talk is cheap.

More like "We don't have anything against Tor as itself, but we explicitly forbid any malicious and illegal traffic. So if you are able to magically make your Tor note relay only traffic that's not illegal (in our country of operaton) and not malicious, you're welcome to use it. Otherwise, tough luck for ya.".

_________________
rsk, providing useless advice on the Internet since 2005.

As a practical matter, this incident demonstrates that one may not run a Tor exit node on Linode. Maybe Linode should reexamine any statement to the contrary because it is demonstrably disingenuous in light of recent events. Tor, by its nature, will support nefarious activities, just as a toll road will support the transport of stolen property. But we typically would not require the owner of a toll road to inspect the content of every passing vehicle or hold them responsible for illegal commerce. We do value privacy enough sometimes to pay a price for it. I did not read the DMCA legal text closely, but understood it to be analogous. I trust that I will be disabused of any misconceptions. There are certainly legal parallels to the operation of the PSTN: Carriers don't manage content. Wiretaps require court orders. Well, they did at one time in the past - but I digress.

So this is a double-edged sword; any way you handle it, you risk blood:

If Linode wishes to avoid hassles by caving to mild pressure on one side, it might find itself setting a precedent from which we assume that it considers itself responsible for such filtering (and raising such expectations in its customer base) and thus liable for future failures to police traffic. So given the inherent nature of Tor, can we not infer in this context that they are negligent in allowing its use? But if they prohibit it, what else is on the list? Torrent? SMTP? NNTP? IRC? Might they be better served by leaving law enforcement to official law enforcers and cooperating with such agencies when courts require it, but otherwise keeping at an arms length from specific issues? I know, the anonymity is the rub, but the parallels still apply.

Also, consider the specific complaints. To wit, traffic supporting an illegitimate purpose has come out of the Tor network. We consider it impossible to regulate the purposes for which Tor is used. Therefore, isn't the complainant's accusation tantamount to demanding that Linode cooperate in shutting down the Tor network? You can support anonymity in principle and practice, or you can oppose it. But if you want to be neutral...

It might be naive to think that a Linode practice of "just make it go away" is sustainable indefinitely. So Linode finds itself in a tough place, and that's business, cupcake. Does Linode really want to be doing the job of the courts and the police? I wouldn't want to. Ideally, Linode would be "hands off" and our intrepid Tor operator would be assuming responsibility for dealing with the complaints associated with the IP he controls. It's an "unmanaged" service, right? Or is it only unmanaged when it's convenient (or expedient) to be unmanaged?

The applicable guidelines would seem to be found in the Privacy Policy, Section 3(1):

Linode does not disclose customer information to other third parties except where required under applicable state and federal laws for purposes of investigation of criminal complaints, or where required by court order.

Will Linode support me if I become the target of bogus accusations? It's a legitimate question, regardless of the particulars of this recent incident. It goes right to the heart of the question of the day regarding the advisability of using cloud services.

Maybe a tougher stance in terms of adhering to legal procedures and standing with customers might serve Linode's long-term interests better.

Reasonably written and accurate.

The problem is Linode is stuck in the middle, and either choice they make, comply or dispute, costs them time (which is money) and money (which is money).

The legal system in America, is heavily biased to the rich. Fair and just are just buzz words, rich and powerful are the superior hand in court.

Even a neutral stance by Linode could cost a small fortune, a cost that will either be passed on to all their clients, or cause them to go out of business.

In either instance, I don't care about somebody elses "privacy" enough to jeopardize my VPS vendor of choice. I don't use Linode because they are the Champion of Freedom (or justice or privacy), I use them because they provide a good VPS service at a good price, period.

Political battles are just that, and fighting them inside Linode's business model is neither efficient (you don't have control) and pretty much unreasonable (it's their livelihood you're gambling with).

Seems accurate to me...

Anyway, I thought I'd poke my nose into this thread (hi, by the way) because a couple years ago when I was with Slicehost, I had pretty much the same experience as the original poster, and they seem to have (or had) similar policies as Linode with respect to Tor. My experience would suggest that a fairly restrictive exit policy can do a lot to cut down on the chance of a Tor node generating a DMCA notice, since I got my notice about a day after starting up my Tor node, but after implementing a restrictive exit policy I've been running it for two years without incident. I wrote a few blog posts at the time that might be useful information for people who are into this sort of thing.

In the third post you wrote:

To a first approximation that's a pretty good policy. I doubt many torrent systems will use those well-known-ports (it is technically possible, but I just can't make myself think this'll ever be wide-spread) so this policy should allow for "good" anonymous communication while blocking torrents. It won't prevent blog-comment-spam, but this is a good start.

Thanks for posting that.

_________________
Rgds
Stephen
(Linux user since kernel version 0.11)

Yeah, that was basically my thought process as well. And like I said, it seems to work pretty well in practice. Good to know the information is useful

Many users use common ports for BitTorrent to evade ISP throttling. 1723 is pretty common, since it's PPTP's port (for control anyhow)

If this was the position of Linode I would agree with it completely. But it is not. If you read what Linode support repeatedly said, the position is very different: we will allow you to do whatever you want as long as we don't receive complaints claiming that what you are doing is illegal.

"You can do what ToS allow; when we NOTICE you are breaking them, we'll act.". "Noticing" may be due to a complaint, may be due to investigation who and why chokes a network device with a six-digit number of connections, may be you yourself admitting it on the forums...

_________________
rsk, providing useless advice on the Internet since 2005.

Linode TOS is the whole problem:

In other words, Linode will cancel services if you continue doing something which "prompts the receipt of abuse complaints", not if you "continue to do something illegal". I am not suggesting Linode doesn't have a right to include whatever they want into TOS agreement. I am suggesting this paragraph in Linode TOS agreement is unreasonable and ultimatly not in the best interest of either Linode clients or Linode itself.

How is that? The Linode TOS are, I'm sure, crafted by Linode's lawyers to protect Linode. Linode shouldn't be put in the position to play detective and determine if the complaint is valid. Linode appears to pass on the full complaint information to their client. If the complaint is not valid and the client is not doing anything illegal, they (the client) needs to call up their lawyer and have them respond to have the complaints stopped. If the client can't afford a lawyer, they may want to rethink what types of activities they perform on their node (e.g. running a TOR exit node).

If Linode has to get involved in every complaint, beyond forwarding it to the client, Linode's costs go up. If Linode's costs go up, guess who has to pay for it?

You can argue that clients may prefer that linode fight all their legal battles for them, sure, but how is that policy not in the best interest of linode itself?

Let me boil it down for you. when you get complaints, linode staff have to pass them on. That takes time and therefore money. get more than a couple and linode isn't making money providing you service anymore. If it gets to that point, why would they keep you around as a customer? They're running a VPS business, not a legal charity.

I read as far as your username and gave up on the fact that I knew it was going to be a pointless argument.

Why didn't you quote the whole paragraph? Here, I'll do it and I'll highlight the parts that explain the "prompts" part:




It means Linode can't know what you're doing unless:

1. They receive a complaint
2. They monitor your service, which probably means deep packet inspection because port number does not prove anything.

And they're not going to monitor because it is pointless, technically very difficult unless you're in business of monitoring traffic and would probably open a privacy violation pandora's box somewhere and somehow, if they did.

So yes, they rely on complaints to act upon. And no, don't twist the words, the TOS prohibits you from doing anything illegal, period.