a.x61.sh

How do VPNs operate legally?
from Star@sopuli.xyz to privacy@lemmy.ml on 31 Jan 2025 12:56
https://sopuli.xyz/post/22057835

ISPs get legal notices from companies and are liable if it is found that their users are downloading illegal torrents and they don’t take action against those users.

How are VPNs any different? By using a VPN, aren’t you essentially transferring your accountability to the VPN provider? Wouldn’t courts find that since this or that VPN service’s exit server was used in ____ illegal online activity, they’re responsible and must cease operations?

How do VPNs operate? Are laws different for them? If yes, then how does that benefit the state? Wouldn’t the state benefit from treating VPNs the same as ISPs so they get more control?

#privacy

threaded - newest

PhilipTheBucket@ponder.cat on 31 Jan 2025 13:01 next collapse

I don’t think that it’s actually true that ISPs are liable if they don’t take down users. I think they go along with it because (1) it’s easier than arguing (2) those users are using a lot of bandwidth and the piracy forms a handy excuse.

arstechnica.com/…/supreme-court-may-decide-whethe…

Valmond@lemmy.world on 31 Jan 2025 13:33 next collapse

There is like no information in your link except the USA supreme court or whatever wants to have some power (so over USA VPN only if ever that actually happens).

And what you “think” is kind of irrelevant IMO.

PhilipTheBucket@ponder.cat on 31 Jan 2025 13:55 collapse

There was a mixed ruling at the US Court of Appeals for the 4th Circuit as the appeals court affirmed a jury’s finding that Cox was guilty of willful contributory infringement but reversed a verdict on vicarious infringement “because Cox did not profit from its subscribers’ acts of infringement.”

That ruling vacated a $1 billion damages award and ordered a new damages trial. Cox and Sony are both seeking a Supreme Court review. Cox wants to overturn the finding of willful contributory infringement, while Sony wants to reinstate the $1 billion verdict.

Cox has said that letting the piracy ruling stand “would force ISPs to terminate Internet service to households or businesses based on unproven allegations of infringing activity, and put them in a position of having to police their networks.” Cox said that ISPs “have no way of verifying whether a bot-generated notice is accurate” and that even if the notices are accurate, terminating an account would punish every user in a household where only one person may have illegally downloaded copyrighted files.

Record labels urged the court to reinstate the vicarious infringement verdict. “As the District Court explained, the jury had ample evidence that Cox profited from its subscribers’ infringement, including evidence ‘that when deciding whether to terminate a subscriber for repeat infringement, Cox considered the subscriber’s monthly payments,’ and ‘Cox repeatedly declined to terminate infringing subscribers’ Internet service in order to continue collecting their monthly fees,'” the record labels’ petition said.

So, current precedent is that the ISPs do have to terminate, but there’s no penalty if they don’t. Is November recent enough that the ruling has actually had any impact? Did the Supreme Coury decide to take up the case or not yet? How much does it means that the ISPs “have to” terminate users, but there doesn’t seem to be a penalty if they don’t? Is the fact that there was no ruling until recently, confirmation that they were doing it voluntarily for their own reasons before November? Or were they doing it “voluntarily” because they didn’t want to defend lawsuits like this, except Cox which was refusing to do it apparently? I have no sure idea of the answer to any of those questions. That’s why I said “I think.” But, unlike some people on the internet, I don’t just make up some bullshit and then decide that’s what I “think” and go spouting off about it. I’m just relaying my best guess, reasons for it, and being honest about the fact that it’s a guess.

Valmond@lemmy.world on 31 Jan 2025 15:17 collapse

Maybe where you live 🤷🏻‍♀️

user224@lemmy.sdf.org on 31 Jan 2025 13:45 next collapse

those users are using a lot of bandwidth and the piracy forms a handy excuse.

Or they could improve their network for torrenting like some Indian ISPs did in the past

Several Internet providers in India have found a clever way to reduce the load BitTorrent transfers put on their network, […] They’ve teamed up with Torbox.net which offers a fully fledged torrent search engine that connects users to ‘local’ peers to guarantee maximum download speeds.

Some [ISPs] have had their own custom ‘caching’ setups but increasingly they are teaming up with the torrent search engine Torbox.

Torbox links them to peers in the local network, which means that the traffic is free for the ISP.

Most people who visit Torbox will see a notice that their ISP doesn’t have a peering agreement. However, for those who have a supporting ISP the torrent site returns search results ordering torrents based on the proximity of downloaders.

TorrentFreak spoke with EBS director Victor Francess, who says that with this setup most torrent data is served from within the ISP’s own network.

“It all creates a very powerful user experience, so in fact just about 10-20% of all torrent traffic comes from the upstream and everything else is local,” Francess says.

mukt@lemmy.ml on 31 Jan 2025 13:59 collapse

Torbox.net doesn’t seem to be up at the moment.

user224@lemmy.sdf.org on 31 Jan 2025 14:00 collapse

The article is from 2016.

refalo@programming.dev on 31 Jan 2025 20:14 collapse

Even if Section 230 didn’t require providers to terminate the user’s service, providers further upstream could technically punish that ISP for breaking their own ToS depending on what it is.

People like Liz Fong-Jones and Keffals have successfully lobbied multiple Tier 1 ISPs to blackhole websites that have posted information about them that they didn’t like based on this fact, behavior which the EFF has specifically called out as a threat to the free and open Internet. Even the CEO of Cloudflare has openly admitted to being personally involved in blocking sites without a really good reason.

will_a113@lemmy.ml on 31 Jan 2025 13:17 next collapse

The scenario you describe with ISPs is pretty US-centric, as are the various copyright laws and companies backing it, which is (one of the reasons) why many of the most successful VPN companies are either not based in the US (and most have server nodes that are not too).

Mullvad is from Sweden, for example, and Proton is from Switzerland, so if a content company can even figure out which endpoint nodes are hosting/routing the pirate content they then also have to figure out (a) who owns the node and (b) then send them an angrygram which will just immediately be torn up by the VPN provider as they’re not subject to US law.

Finally, an operating principle of these companies is to keep no logs, so even if a US-based VPN company got an angry letter, they’d probably be unable to do anything since they would have no record of the activity.

Nollij@sopuli.xyz on 31 Jan 2025 15:15 collapse

Related, Pirate Bay used to (might still?) have a section where they mock all of the threatening letters that cite a different jurisdiction. Usually the US DMCA, but also similar laws from other countries.

They never posted any letters that cited Swedish (IIRC) law, because those were valid threats.

jet@hackertalks.com on 31 Jan 2025 13:20 next collapse

It’s like running a mailbox center for people. You’re providing the infrastructure, but you’re not responsible for the mail that goes through your mailboxes.

zante@slrpnk.net on 31 Jan 2025 13:55 next collapse

As it stands, ISPs are not liable for what you do with your internet any more than apple would be liable if you called in a bomb threat on an iPhone .

Imprint9816@lemmy.dbzer0.com on 31 Jan 2025 15:00 next collapse

I think there are a few things to clear up…

a VPN and an ISP are two different types of services. VPNs are not an internet service provider. They are held to two different standards.

Good VPNs don’t log your information. Depending on what country they are based in they are obligated to hand over information if they have it but since they keep no logs there is nothing to hand over. Even if a court wanted to force a VPN to cut off service to a user there would be no way to know who that user is.

VPNs are beholden to the laws of the country they are based in, not the laws of their users. Its very hard for a US court to force a Swiss based VPN to do anything. That’s why it’s important to have a VPN that’s based in a privacy friendly country. Sure a US court could sieze their server if one is located there but if there are no logs, it doesn’t provide much.

I think there is this misconception that your VPN provider will break the law for you. Its not the case. Your VPN is going to hand over any info it’s legally obligated to if it has that info

DieserTypMatthias@lemmy.ml on 31 Jan 2025 15:21 collapse

Even better if you use a mesh VPN like Tailscale (or Headscale, since the TS server is proprietary)

DieserTypMatthias@lemmy.ml on 31 Jan 2025 15:20 next collapse

VPNs are a double-edged sword. They can be used in a good way and a bad way.

kekmacska@lemmy.zip on 31 Jan 2025 16:37 next collapse

many companies, if not all, use some kind of selfhosted vpn solution

0x0@programming.dev on 31 Jan 2025 17:07 next collapse

Depends. On. The. Country.
Any company will be subject to the country’s laws, be it ISPs, VPN providers or a second-hand clothing shop.

The good ones will get away with no logging if they can do it legally.

zer0bitz@lemmy.world on 01 Feb 2025 08:05 next collapse

And this is why people should torrent over I2P.

ertai@programming.dev on 03 Feb 2025 17:21 collapse

“By using a VPN, aren’t you essentially transferring your accountability to the VPN provider?”. This is true if you aren’t paying for your VPN in an anonimous way, which is why 99% of the “VPN fOr PRiVacY” are scams.