A Russian Tor node operator has been arrested and charged with terrorism offenses, after law enforcement associated his exit node’s IP address with a series of online posts they claim incited dissent and disorder.
Dmitry Bogatov, a mathematics lecturer at the Finance and Law University in Moscow, was taken into custody by Russian police on April 6 in what has been described by privacy activists as a “gross misunderstanding” of the nature of the decentralized network.
Authorities say that Bogatov was behind two posts at sysadmins.ru where, they claim, he encouraged protesters to riot with “rags, bottles, gas, turpentine, styrofoam, and acetone” at an unsanctioned anti-corruption rally under the pseudonym “Airat Bashirov.” In another post by the same author featuring Kanye West’s “No Church In The Wild,” police investigators claim that the music video invokes an “insubordination to the legal demands of the police, and mass disorder.”
The investigators linked the posts to the IP address of a server within Bogatov’s property and are now using that as evidence that he is behind these so-called “public calls for terrorist activity.”
However, Bogatov uses this server to maintain an exit node for the Tor network—meaning that anonymized traffic from across the globe will route through this server and in doing so will temporarily take on its address.
The Tor network is designed to protect the privacy of its users online. It operates by passing the user’s data through a several relays. There are thousands of these relays worldwide, managed by volunteers who commit their computer servers as nodes. Each data packet is encrypted to anonymize the user and passes, or is routed through several of these servers, known as relays, travelling through the final relay called an exit node.
The key detail in Bogatov’s case is that the destination website receives the exit node’s IP address as the source of the traffic. The fact that Bogatov’s server IP address is associated with the posts in question on sysadmins.ru proves nothing.
Not only has “Airat Bashirov” continued to post on the same forum since Bogatov’s arrest, but the individual behind the screen name has interacted with one Russian journalist to verify that he is not Bogotov.
Bogotov also appears to have a pretty solid alibi. According to one report, CCTV footage shows that he was at a local supermarket with his wife less than four minutes before one of the posts went live.
Still, when the judge who heard the charges said that Bogatov should be released in the interim pending his court date in June, the Russian Investigative Committee brought a further terrorism charge—meaning the lecturer would have to remain held in prison until trial. Human rights activists now fear that the math lecturer is being scapegoated by the authorities for his work on both open source and privacy software.
“[We] condemn Dmitry Bogatov’s continued detention and the detention of others by Russia or other governments for exercising their human rights or facilitating increased internet security,” Access Now and the Electronic Frontier Foundation (EFF) said in a joint statement. “Put simply: running a Tor exit node is not a crime and Tor exit node operators should not be treated like criminals.”
Two further organizations at which Bogatov has voluntarily dedicated his skill and time as a software developer, Debian and the Tor project, have also issued statements in condemnation of the detention and charges. Elsewhere online a #FreeBogatov campaign has kicked off and Tor node administrators are planning to rename their relays “freeBogatov” and “KActionLibre,” the Russian’s online handle, to raise awareness.
Bogatov is set to appear before court on June 8.