Was Proxy.sh right to sniff traffic?

Over the past few days something of a storm has been created over the VPN Provider Proxy.sh. In summary Proxy.sh had installed packet sniffing software known as Wireshark on their “Illinois 1” server in an attempt to catch a “hacker” who was supposedly harassing a family or daughter of a family. So we ask, Was Proxy.sh right to sniff traffic?

Now when we think of a VPN we think of privacy, anonymity and encryption. So from the outset the question seems at odds with what a VPN and VPN provider is supposed to be offering. Most will understand that they are paying for a service which should, in theory, protect your privacy. So how can recording the internet traffic that passes through that server be classed as private?

For those of you who aren’t au fait with Wireshark the purpose of it is to record the packets of data that are passing through the server. This basically shows what is going where, who is requesting what and basically identifies what you are doing over that server. If you’re searching Google for “Best VPN providers” then this can be identified, if you’re chatting over VoIP then this can be identified and even played if in a compatible encoding format. Basically, anything you do can be seen and identify you as the user doing it. The very fact you’re using a VPN is because you don’t want your data to be identified so by running such a product on a server it defeats the purpose of using a VPN for your privacy and anonymity.

There are two camps, those who agree it was fine to do and those who are up in arms about it and how it invades the privacy of the users. To question the situation you really have to ask at what price should privacy be respected? When using a VPN you expect to be able to surf the web anonymously but when did the idea of using a VPN become a free for all for all criminal types to expect to be able to do what they want, when they want and without retribution?

The list of crimes that could be committed range from hacking, harassment, racial abuse, sexual abuse, child pornography, terrorist related crimes, hate crimes etc. The list of possible illegal uses of a VPN service can be vast and wide and for those who are baffled by the data sniffing situation regarding Proxy.sh really need to ask themselves, are they happy, for the sake of privacy to allow crimes such as those listed above to be committed anonymously? Are they happy to allow criminals to carry out such heinous acts against other human beings, including children without punishment? A VPN service should not serve the purpose to hide a person responsibly for committing crimes of such a horrible nature that would make the majority of the civilized human race feel sick to the stomach.

Now I do understand that logging or data sniffing goes against the grain of what a VPN is supposed to offer, but there has to be a moral obligation at some junction in which we say, no, that is enough, we are not prepared for the sake of privacy to allow this to happen.

What makes what Proxy.sh did even more clear is they announced in advance that they intended to install Wireshark on the server for the very purpose they described. Now the only fault I can find with this is it was posted only on their server status page and like many others this is not a page I check regularly of any VPN provider unless there is an issue with a server I would want to use. In hindsight they should of made the user base more aware by making a notice on social media such as Twitter/Facebook and even perhaps by email.

If Proxy.sh did not have the best interests of its general users at heart then it could quite easily of installed data sniffing software on the server without making an announcement. While highly unethical, who would’ve known any different? So by being clear and making a public announcement it appears they have been criticised when they tried to be as transparent as possible.

When selecting a VPN provider all users have to make an informed choice of if the service is likely to be living up to their claims. There are plenty of services which claim they do not log at all. This would be putting themselves at risk of closure simply because of the jurisdiction they are operating out of. No western civilised society is going to allow a VPN service to operate without some kind of ability to weed out the wrong do’ers of the service and at what point as users do we feel that people who could be up to all sorts including such things like plotting terrorists attacks should be free to do as they wish just because they have enlisted the services of a VPN provider?

It appears as if there is a camp or mentality of certain users of VPN services that the service is the enabler of illegal activity. There is a huge difference between protection your privacy and anonymity and creating a world in which criminal acts are allowed to flourish without consequence.

Furthermore Proxy.sh has always had an Ethical Policy which forms part of their Terms & Conditions and states :-

“there are ethical limits we would like to detail out with you”

Which go on to details that when ethics tell them to they “will do much efforts to respond to the request of legitimate third party”

So not only did Proxy.sh pre-warn about the data sniffing on the server but they are already making it clear in their Ethical Policy regarding such situations. Due to this anyone who has or had engaged in such activity should of already been aware of such Terms & Conditions.

Proxy.sh has updated their Ethical Policy on the 1st October 2013 after the incident to include :-

“that are directly harmful to other human beings”

and

“Your decision to move forward with us binds you with our ethics. These ethics are here to protect our network, so that the external world knows it is not a harmful one. With those transparent ethics, we provide clear guidelines about what you can achieve and what you can’t achieve in our network. Resulting actions from any decision will be made explicitly and openly available to you. That is what makes proxy.sh so special.”

We would like to hear your thoughts on the situation in the comments and if you are against data sniffing when required what your ideas would be in a situation when someone is carrying out illegal activity.

Leave a Reply

Your e-mail address will not be published. Required fields are marked *