We are thrilled to share some exciting news about the future of Library Freedom Project. Thanks to a grant from the Rose Foundation’s Consumer Privacy Rights Fund, Nima Fatemi will be joining Library Freedom Project as our chief technologist. Nima has been a dedicated volunteer with LFP for over a year, most notably helping create the highly successful Tor exit relay pilot project that we recently concluded in New Hampshire. With support from Rose Foundation, we’ll be able to continue the exits project at scale, with Nima traveling to libraries all over the country to implement relays. Nima will also conduct privacy trainings in libraries, taking them to a more advanced level, and help libraries set up privacy-protecting infrastructure.
The following post is by Chuck McAndrew of Lebanon Public Libraries, and Alison Macrina of Library Freedom Project. Each section is labeled with its author.
Completing the Tor exits pilot at Lebanon Public Library - Chuck and Alison
On Friday, November 6th, we turned the Lebanon Public Library’s Tor non-exit relay into an exit — thus marking the completion of a project that started small, but grew to international prominence late this summer after a now infamous failed attempt at intervention by the Department of Homeland Security. After the community responded overwhelmingly in favor of the relay, and the excitement died down, those of us from Lebanon Public Library and Library Freedom Project were left with the more mundane work of completing the pilot. Turning the middle relay into an exit was an entirely unremarkable process — just a simple edit to a configuration file, and then a reload of the Tor service. What’s remarkable, however, is the symbolic significance of this pilot: it marks the first time that a public library has ever hosted a Tor exit relay. And it’s means that Library Freedom Project’s Tor relay initiative pilot phase is officially a success. The path to achieving this milestone has certainly been an interesting one, and Lebanon Public Libraries has been honored to participate and lead the way for other libraries. Now, Library Freedom Project encourages other libraries to join this initiative, and so Chuck (of Lebanon Public Library) and Alison (of LFP) co-wrote this blog post about our pilot experience in the hopes that other libraries will be inspired to do the same.
Why a Tor exit relay? - Chuck and Alison
Libraries have long been guardians of privacy and intellectual freedom for their communities; these values have been in the American Library Association’s Code of Ethics since 1939, and library patron privacy is codified into many state laws, including Lebanon Public Library’s home state of New Hampshire. Today, the freedom to read means more than just providing access to books; it means protecting people’s right to freely access information — in both physical and digital spaces. The Tor network provides strong protections for online anonymity and privacy, allowing people to read, write, and research without the chilling effects of surveillance. By participating as one of many volunteer relay operators in the Tor network, Lebanon Public Library continues the library tradition of protecting people’s privacy while helping make Tor strong. For more on why we started the Tor relay initiative, read our original announcement post. Lebanon Library’s Tor exit relay is only the beginning of their privacy protections for patrons: they’re offering GNU/Linux computers with Tor Browser, Firefox with privacy-protecting extensions, classes on increasing online privacy, and more.
How did we make this happen? - Chuck
From the start of this pilot program, the Library Freedom Project has been outstanding at providing us with support. On the technical side of things, Nima Fatemi (Library Freedom Project technologist and core member of The Tor Project) has been an amazing resource. He has guided us on the setup of the relay, provided security suggestions, and helped with our network setup. Much of what we ended up doing was at Nima’s suggestion, and it has worked out extremely well for us.
Nima and Alison traveled up to New Hampshire to help us setup our relay. We initially set it up on an old desktop computer that I had. It worked perfectly fine on that, but I was bothered by having an old desktop sitting in my LAN room. In the end, I decided to change it over to a virtual machine. It has been sitting on my server chugging away ever since. I am a huge fan of virtualization whenever possible and it has worked out very well. Anyone with the knowledge to set up a virtual machine shouldn’t have much trouble making this work. However, it doesn’t take a real server to run a Tor relay. Most desktop computers are perfectly capable of doing so.
One of the big concerns that we had going into this project was that it not impact our current level of service to our patrons. Our main worries were making sure that the relay didn’t take bandwidth away from our patrons and that nothing about the Tor network impacted our patron’s ability to surf the internet. Some websites do not like Tor traffic and will block any IP address that is associated with a Tor exit relay. Before we converted our relay to an exit relay, we wanted to make sure that Tor traffic went out on a different IP address than our public internet to avoid any possible problems, and Nima was helpful in ensuring that this all happened smoothly.
Happily for us, setting up this relay coincided with some changes to our network which we had been planning for other reasons. In the end, taking Nima’s suggestions and working with local open source advocate Bill McGonigle from BFC Computing, we were able to significantly improve our network and lower our operating costs. Initially, we had two lines coming in to our library. One was for the public internet and the other for the staff. We were able to drop one of those lines by introducing a pfSense firewall. This allowed us to safely firewall off the Tor relay and send Tor traffic out its own IP address (our account already had a 5 IP bundle). This also helped alleviate our second concern. The pfSense firewall allowed us to monitor how much bandwidth was being used by each interface. This helped us to donate as much bandwidth as we could while ensuring that our patron’s web browsing was unaffected. Having the data provided by pfSense was a great help to us.
Although there was a cost involved with bringing Bill in to help us change our network setup, it was offset by the cost savings of being able to cancel one line. I now feel very confident that we have a secure, easily managed network that provides me with lots of information about what is going on on our network. Setting up your network to securely accommodate a Tor relay is potentially the most expensive part of this project. How costly (or if there is any cost at all) will depend on the library’s current network setup and level of in-house IT knowledge. Other libraries participating in this project can rely on the expertise of LFP staff to ensure that your relay won’t impact current services.
Lessons learned - Chuck
This project has been a success in many ways. We are strengthening the Tor network by hosting an exit relay. We are benefiting people all over the world who need privacy and anonymity. We are living up to the core values of librarianship. We also have once again proven the relevance of public libraries in the digital age. We have started a conversation about privacy in our community and used that to educate our patrons about many of these important issues. That is all to the good, but we did learn many lessons along the way. If we were starting over, there are some things that I would do differently and some lessons that I am glad to have learned.
Lesson 1: Engage the community from the start.
When our library received push back from law enforcement it was largely due to our amazing community support that we were able to proceed. We are extremely thankful that they came out and let it be known that these were important issues to them. However, it would have been better if we had engaged our community prior to starting this project. If we had been able to point to the strong community support we had, we could have avoided a lot of uncertainty during this project. We started this project because we felt it was important and felt that it would be important to our community. In the end, we were validated, but it would have been very nice to know for sure before hand.
Lesson 2: People care about privacy.
It is a common narrative that privacy is dead and/or most people don’t care about privacy. This is wrong. People do care about privacy and intellectual freedom. People often feel powerless in the face of pervasive surveillance by huge corporations and national governments. If you have no realistic way to defend yourself, the sane thing to do is to accept the situation. However, a very different picture emerges when people start to learn about tools which are easy to use and that give them the power to enforce their privacy. All of a sudden you have people from all walks of life who are very interested in these issues. The problem isn’t that people don’t care, it is that they are being told over and over that there is nothing that they can do about it. Projects such as this one show people that there is hope. People find that extremely empowering. No one is saying that people shouldn’t be able to share whatever they want online. With social media, people share all kinds of information about themselves. What we are saying is that people should be the ones who get to control what information is shared about them. This message is very powerful, especially when combined with education about how to achieve it.
Lesson 3: You can have an impact.
Technology is a powerful tool. It can be intimidating, and even overwhelming, but it can also let you do amazing things. Compared to many libraries across the country, the Lebanon Public Libraries are a small system. If you would have told us two years ago that we would be involved in an international conversation about privacy and intellectual freedom, I am sure that many people here would have laughed. But, thanks to the support of our community, we are. You don’t have to wait for someone bigger, or better funded, or more important to do something. Everyone has the ability to make an impact.
What’s next for the LFP Tor relay initiative? - Alison
After all of the excitement after DHS and the local police tried to intervene in the pilot project, we ended up with more attention to this project than we initially anticipated, which created a bottleneck for LFP staff. We’ve finally emerged on the other side and have been planning out our next steps, including creating a resource packet of ideological, legal, and technical resources for our interested libraries. We’ve heard from libraries across the US who are interested in participating, and our network of free software technologists and advocates all over the world are busy setting up their own relay initiatives with local libraries — in places from Sweden to Australia. Very soon, we’ll be making a big announcement with some good news about the relay initiative and its future, but in the meantime, interested libraries can contact us for more information by emailing exits (at) libraryfreedomproject (dot) org. Thanks to everyone for all of their support for Lebanon Public Library, Library Freedom Project, and our Tor exits initiative. Our success is due in part to our amazing community.
We’re excited to announce a new Library Freedom Project initiative, the Library Digital Privacy Pledge. Together with Eric Hellman (of Gluejar/Free Ebook Foundation/GITenberg/general notoriety in the library world), we’re asking libraries and vendors to help protect reader privacy by moving their services to HTTPS. I’ve written about why this matters, and EFF’s Jacob Hoffman-Andrews has done an even better job making the case. For even more info on the what, why, and how of this pledge, check out our FAQ. We’ve already got some amazing charter libraries and vendors signed on, and we’re hoping that many more will follow suit. Join us in protecting patron privacy by emailing pledge(at)libraryfreedomproject(dot)org!
It’s been an exciting couple of days at Library Freedom Project. ProPublica broke the story of the Department of Homeland Security and the local police in New Hampshire intervening to try to shut down our Tor relay pilot at Kilton Library. We responded to this law enforcement harassment with a public letter of support for the library, signed by a broad coalition of organizations and individuals, and linked to it in an even bigger petition on EFF’s website. That petition has received over 1700 signatures in 24 hours, and media attention continues to increase (we’ve gotten coverage on EFF’s blog, Motherboard, and the Concord Monitor, just to name a few). Kilton Library has received dozens of supportive emails and calls, and the conversation on social media has been popping off — this incident has engendered a robust discussion around libraries and free expression, how we can publicly commit to those ideals, and how hard we should fight back when challenged. It’s also catalyzed a number of libraries to get in touch with us about participating in the exit relay project — talk about the Streisand Effect!
We’re amazed at how this has resonated with our broader community, and how much support we’ve received — librarians, privacy advocates, technologists, and more — and things are only just getting started. Nima and Alison, along with Devon Chaffee of the ACLU of New Hampshire, will attend Lebanon Libraries board meeting on Tuesday, September 15th, at 7 pm at Lebanon Library (the other branch of Lebanon Libraries). We hope to see members of the local community come out to that meeting and show their support for Tor, free speech, and free libraries. Supporters should also sign our petition to show the library that they have global support. For updates, keep an eye to Twitter: Alison is @flexlibris, Nima is @mrphs, and we are all at @libraryfreedom. After Tuesday’s meeting, we’ll update our community with the results of the board’s vote. Thank you all for your support, and for helping us fight the good fight. Resistance is possible when we all join together.
Greetings! It’s been an exceptionally busy few months over here at the Library Freedom Project. We’ve been conducting privacy trainings at libraries across the United States and some internationally, and in June we held our first Digital Rights in Libraries conference. We’re also starting an HTTPS campaign for libraries with friend o’ the Library Freedom Project Eric Hellman and the good folks working on Let’s Encrypt (more on that to come in about a week or so). LFP: can’t stop, won’t stop.
Today, we’re announcing the start of a new initiative, a collaboration between the Library Freedom Project and our friends at the Tor Project: Tor exit relays in libraries. Nima Fatemi, the Tor Project member who’s already helped Library Freedom Project in a number of ways, is our main partner on this project. This is an idea whose time has come; libraries are our most democratic public spaces, protecting our intellectual freedom, privacy, and unfettered access to information, and Tor Project creates software that allows all people to have these rights on the internet. What’s more, Tor Project is Free and Open Source Software (FOSS), which is the best defense against government and corporate surveillance. We’re excited to combine our efforts to help libraries protect internet freedom, strengthen the Tor network, and educate the public about how Tor can help protect their right to digital free expression.