Long-time readers of this blog know I'm a fan of privacy, and often criticize websites which violate their users' privacy (and mock those which claim they don't). But there are people online who don't just value online privacy - they're obsessed with it.
Where is the line between wanting to protect privacy, and being irrationally paranoid? Well, that's a subjective judgment, and my opinion on that is probably no more valuable than anyone else's. Perhaps the folks over at The Tor Project might just be in that latter category. Or maybe not.
First, a little background. Your I.P. address is a number used to identify your internet modem. It does not actually identify your computer (unless you only have one computer on that modem) - and you can have several computers on one I.P. address, as in the case of a wireless home network or a business using an intranet. When you send someone an e-mail or visit a website, the I.P. address you are using at the time can be retrieved. A service like Whois.net can tell anyone where your I.P. address is located. These free online trackers will not give your name or home address, but more expensive systems such as the ones used by law enforcement will - and people who know what they're doing (not me) can track the activity down to an individual computer, even if there is more than one using the same I.P..
Back when I was first learning about how people with dubious intent can use your I.P. address to track your online activity, or do horrible things to your computer, proxy services were all the rage. I tried one at that time, which masked my I.P. address with one somewhere in Germany. I amused myself with the fact that all of the websites I visited thought they had a visitor in Germany, and with all of the German ads I received from Google (Gmail and Search). Those systems required a download, and too many of them contained viruses and spyware, and some did not function well with the updated browsers. Most internet providers now provide a firewall and anti-virus protection (either for free or for a small fee) and security has made some of those earlier measures unnecessary. Now, a casual user who occasionally wants to visit a website without revealing an I.P. address can use the online-based proxies. I suspect most of the people using those are accessing sites from work their employers might not exactly approve of, but I don't have data to verify that. These are usually paid for by ads, so they are rather inconvenient to use on a regular basis. Also, unfortunately for the folks mentioned above, many network administrator (i.e. employers) often block access to them.
So the folks at The Tor Project decided to basically get together and co-op their servers (located all over the world), effectively making one huge international intranet, so at any given time the users' I.P. address can be located anywhere. That's a really over-simplified explanation; Wikipedia has a good description of the service, here. So what could go wrong?
Well, TechDirt is mocking ICE this week for not understanding what this type of network is, and what it is designed to do. I'm on the side of law enforcement on this one, however. While there is obviously nothing wrong (either legally or morally) with using a service to protect your I.P. address or any other personal information, it is likely to assume that characters who invest in the software and equipment needed to run one of these types of services are those who have a vested interest in hiding their identity. And I don't mean their credit card information (there are plenty of free ways to do that). These services are going to appeal to those who are engaging in activity online which is either illegal or "frown upon," and who do not want to be identified as participating in those activities. These would include, for example, political dissidents (who, rightly or wrongly are often the target of local governments) and those engaging in human trafficking and child pornography (which is illegal in most places).
So, if you're using one of these "anonymity services," you are probably be innocent, and just wanting to protect your own identity and that of your business and household. Likewise, many of the other users are most likely doing the same, and are using the service for their own personal reasons. However, there is no escaping the fact that there are going to be a disproportional number of users on the network for nefarious purposes. Law enforcement knows this, and you should, too. And you should not be surprised when they show up at your house to see if that criminal activity which appears to have taken place on your server actually did.