Cатсн²² (in)sесuяitу / ChrisJohnRiley

It seems like everyone and there twin sisters first cousin is blogging about the breach of Palin’s email accounts. I’ve resisted so far, but wanted to touch on the latest report from the BBC that says that FBI agents are investigation the breach. As part of the news story the use of the CTunnel tool was mentioned as the anonymous proxy service used by the “hacker”. It seems that the FBI is seeking records from the people behind CTunnel in connection to the investigation.

After a quick look at the CTunnel website, I found the following text in reference to the CTunnel logging and retention of data.

“Because our visitors value their privacy, it is not in our interests to spy on you, lest we lose traffic and advertising revenue. Because government subpenoa could require us to hand over our server access logs, access logs are regularly deleted to protect your privacy. In short, we value your browsing experience as well as your anonymity, and would not do anything to break your trust in us.”

It’s not specific from this what “regularly” means, and it will be interesting to see what legal ramifications come from the use of CTunnel in this breach. If the people behind CTunnel are forced to provide all logs related to the breach, I can see people moving away from the service for fear of future privacy issues. I would be much more comfortable if CTunnel had a specific written policy that details things a little better than just “regularly”. However I’m not a customer of the service, so it’s not for me to say. However if CTunnel truly “value your browsing experience as well as your anonymity” then I’d hope they have better in-house policies than the badly worded ones listed on their website.

I guess we’ll have to watch this one as it unfolds.