Since Edward Snowden exposed the extent of online surveillance by the US government, there has been a surge of initiatives to protect users’ privacy. But it hasn’t taken long for one of these efforts—aproject to equip local libraries with technology supporting anonymous Internet surfing—to run up against opposition from law enforcement.
In July, the Kilton Public Library in Lebanon, New Hampshire, was the first library in the country to become part of the anonymous Web surfing service Tor. The library allowed Tor users around the world to bounce their Internet traffic through the library, thus masking users’ locations. Soon after, state authorities received an e-mail about it from an agent at the Department of Homeland Security.
“The Department of Homeland Security got in touch with our Police Department,” said Sean Fleming, the library director of the Lebanon Public Libraries.
After a meeting at which local police and city officials discussed how Tor could be exploited by criminals, the library pulled the plug on the project. “Right now we’re on pause,” said Fleming. “We really weren’t anticipating that there would be any controversy at all.”
He said that the library board of trustees will vote on whether to turn the service back on at its meeting on Sept. 15.
Used in repressive regimes by dissidents and journalists, Tor is considered a crucial tool for freedom of expression and counts the State Department among its top donors. But Tor has been a thorn in the side of law enforcement; National Security Agency documents made public by Snowden have revealed the agency’s frustration that it could only identify a “very small fraction” of Tor users.
The idea to install Tor services in libraries emerged from Boston librarian Alison Macrina’s Library Freedom Project, which aims to teach libraries how to “protect patrons’ rights to explore new ideas, no matter how controversial or subversive, unfettered by the pernicious effects of online surveillance.” (The Library Freedom Project is funded by Knight Foundation, which also provides funding to ProPublica.) After Macrina conducted a privacy training session at the Kilton library in May, she talked to the librarian about also setting up a Tor relay, the mechanism by which users across the Internet can hide their identity.
The library board of trustees unanimously approved the plan at its meeting in June, and the relay was set up in July. But after ArsTechnica wrote about the pilot project and Macrina’s plan to install Tor relays in libraries across the nation, law enforcement got involved.
A special agent in a Boston DHS office forwarded the article to the New Hampshire police, who forwarded it to a sergeant at the Lebanon Police Department.
DHS spokesman Shawn Neudauer said the agent was simply providing “visibility/situational awareness,” and did not have any direct contact with the Lebanon police or library. “The use of a Tor browser is not, in [or] of itself, illegal and there are legitimate purposes for its use,” Neudauer said. “However, the protections that Tor offers can be attractive to criminal enterprises or actors and HSI [Homeland Security Investigations] will continue to pursue those individuals who seek to use the anonymizing technology to further their illicit activity.”
When the DHS inquiry was brought to his attention, Lt. Matthew Isham of the Lebanon Police Department was concerned. “For all the good that a Tor may allow as far as speech, there is also the criminal side that would take advantage of that as well,” Isham said. “We felt we needed to make the city aware of it.”
Deputy City Manager Paula Maville said that when she learned about Tor at the meeting with the police and the librarians, she was concerned about the service’s association with criminal activities such as pornography and drug trafficking. “That is a concern from a public relations perspective, and we wanted to get those concerns on the table,” she said.
Faced with police and city concerns, library director Fleming agreed to turn off the Tor relay temporarily until the board could reconsider. “We need to find out what the community thinks,” he said. “The only groups that have been represented so far are the Police Department and City Hall.”
Fleming said that he is now realizing the downside of being the first test site for the Tor initiative.
“There are other libraries that I’ve heard that are interested in participating, but nobody else wanted to be first,” he said. “We’re lonesome right now.”
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.