Tor, Germany, and Data Retention
With the "enforcement" phase of Germany's data retention law coming into effect on January 1 2009, it's time to start considering design modifications for Tor to make us more resistant. There are many different pieces to consider, including
- How should we change path selection so Tor clients are less at risk from German ISPs that decide to log?
- What exactly will German ISPs log, and who is supposed to have access to it?
- What suggestions should we give to German Tor relay operators, and German privacy advocates in general, about how they should fight this law without putting themselves too much at risk?
I propose some technical changes to Tor in this or-dev post:
Stay tuned for the policy suggestions -- perhaps we'll cover those at 25C3!
These are important questions since often when I log on thru Tor I find myself on a German server.
Not that I know what I'm talking about but; would it be reasonable to have TOR send out dummy connections with dummy data? That may create speed issues however it can be made as an option people can enable or disable.