Fact-checking the Tor Project’s government ties

Fatwah / March 7, 2018

By Yasha Levine

First published on SurveillanceValley.com

The Tor Project, a private non-profit that underpins the dark web and enjoys cult status among privacy activists, is almost 100% funded by the US government.

In the process of writing my book Surveillance Valley, I was able to obtain via FOIA roughly 2,500 pages of correspondence — including strategy sessions and contracts and budgets and status updates — between the Tor Project and its main funder, a CIA spinoff now known as the Broadcasting Board of Governors (BBG), an agency that oversees America’s foreign broadcasting operations like Radio Free Asia and Radio Free Europe.

(See the full set of documents here.)

I obtained the documents in 2015. By then I had already spent a couple of years doing extensive reporting on Tor’s deeply conflicted ties to the regime change wing of the U.S. government. By following the money, I discovered that Tor was not grassroots. I was able to show that despite its radical anti-government cred, Tor was almost 100% funded by three U.S. national security agencies: the Navy, the State Department and the BBG. Tor was military contractor with its own government contractor number — a privatized extension of the very same government that it claimed to be fighting.

This was a shocking revelation.

For years, the Tor Project — along with other government-funded crypto tools like Signal — has been seen in almost religious terms by the privacy community as the only way to protect people from government spying online.

The Electronic Frontier Foundation held up Tor as the digital equivalent of the First Amendment. The ACLU backed it. Fight for the Future, the hip Silicon Valley activist group, declared Tor to be “NSA-proof.” Edward Snowden held it up as an example of the kind of grassroots privacy technology that could defeat government surveillance online, and told his followers to use it. Prominent award-winning journalists from Wired, Vice, The Intercept, The Guardian and Rolling Stone — including Laura Poitras, Glenn Greenwald and Andy Greenberg — all helped pump up Tor’s mythical anti-state rebel status. Even Daniel Ellsberg, the legendary whistleblower, was convinced that Tor was vital to the future of democracy. Anyone who questioned this narrative and pointed to Tor’s lavish government support was attacked, ridiculed, smeared and hounded into silence. I know because that’s what Tor supporters tried to do to me.

But the facts wouldn’t go away.

The initial evidence that I had gathered in my reporting left little room for doubt about Tor’s true nature as foreign policy weapon of the U.S. government. But the box of FOIA documents I received from the BBG took that evidence to a whole new level.

Why would the U.S. government fund a tool that limited its own power? The answer, as I discovered, was that Tor didn’t threaten American power. It enhanced it.

The FOIA documents showed collaboration between the federal government, the Tor Project and key members of the privacy and Internet Freedom movement on a level that was hard to believe:

The documents showed Tor employees taking orders from their handlers in the federal government, including hatching plans to deploy their anonymity tool in countries that the U.S. was working to destabilize: China, Iran, Vietnam, Russia. They showed discussions about the need to influence news coverage and to control bad press. They featured monthly updates that described meetings and trainings with the CIA, NSA, FBI, DOJ and State Department. They also revealed plans to funnel government funds to run “independent” Tor nodes. Most shockingly, the FOIA documents put under question Tor’s pledge that it would never put in any backdoors into their software. (See below.)

The documents conclusively showed that Tor is not independent at all. The organization did not have free reign to do whatever it wanted, but was kept on a short leash and bound by contracts with strict contractual obligations. It was also required to file detailed monthly status reports, giving the government a clear picture of what Tor employees were developing, where they went and who they saw.

I used many of these documents in my book, Surveillance Valley, to tell the story of how privacy technology evolved into a tool of military and corporate power. But now I’m going further: I’m releasing the full cache of FOIA files on Tor and the BBG to the public. I hope that journalists and historians will make use of this information to explore the close relationship between privacy technology, government power and Silicon Valley economic dominance.

In honor of this release, I’m putting together a little fact-checking primer on Tor’s government ties that’s based on these documents. I’ll be releasing a “fact-check” every few days, starting with the first:

CLAIM #1: Tor does not provide backdoors to the U.S. government
RATING: Moderately true.

Buy it today!

And check Yasha Levine’s Surveillance Valley blog for updates.

1 Comment

Add your own

1. Lumpy Gravy | October 29th, 2018 at 4:27 pm
—————————————————–
On August 28th, 2012 Anonymous said:
https://blog.torproject.org/blog/wading-social-waters
Excellent comment, I couldn’t agree more. Facebook, Twitter, Google+ and other such “services” are in the business of data mining and they sell/leak information to commercial and government agencies. Their convenience and their friendly looking front ends are designed to lure in the gullible, who unfortunately seem to make up the majority of the computer using public. Such “services” fly in the face of everything the Tor project stands for. Why on earth would a project that advocates anonymity of Internet communications let itself in with organizations that systematically violate every last bit of its own objectives?
I also agree with what you said/suspected about Tor’s sponsors. Why is it that on these pages we always hear about Internet censorship in places like China and Iran but never about Internet censorship in places like Saudi Arabia, Bahrain or Qatar, whose dungeons are full of people who have dared to voice protest in the streets or on the Internet? Is it because the governments of China and Iran have been targeted by the U.S. government for corruption or even removal, while the governments of Saudi Arabia, Bahrain and Qatar are U.S. allies who host U.S. military bases and the worlds largest military fleet? I think there’s an obvious bias in the Tor project’s response to real or perceived Internet censorship, depending on where it occurs. It is also not that far fetched to suspect that this bias may have to do with the influence that one or more sponsors exert on the project. But, alas, there’s no way of finding out more about this because the Tor project’s sponsors page …
https://www.torproject.org/about/sponsors.html.en
… is quite useless, as it does not publish a complete list of the corporate, institutional and individual donations it has received … no names, no dates, no figures, nothing. There’s an entry referring to the donation(s) of “An anonymous North American NGO”. But this makes matters only worse. Why this intransparency? Why would an NGO making a generous donation want to remain anonymous? So, we’ll probably never know whether George Soros or some devious Washington think tank believes Tor to be a useful tool for fomenting dissent in China and Iran, or for triggering a colour revolution in Belarus.
I am not blaming the project’s staff for any of this. Interesting and decently paid IT jobs that allow for occasional travelling are hard to come by these days and, for all I know, technically they’re doing a great job in developing and maintaining Tor. But I think, the project’s origins, its political bias and the intransparency regarding its sponsors really stink.
—————————————————–
On September 9th, 2012 Anonymous said:
https://blog.torproject.org/blog/wading-social-waters
> If you’re saying that wanting anonymity makes you
> suspicious, maybe you’re using the wrong tool. 🙂
There’s a world of difference between a private individual’s need and right (!) to anonymity and the attempts of governments or large organizations (governmental or not) to hide their dealings from the public to whom they are accountable. Really, arma, I am surprised you don’t seem to be familiar with even the basics of “right to anonymity” in every day use. Do you seriously believe that you and I and Erinn and Jacob and Goldman and Sachs and Procter and Gamble and Exxon should be seen as one big family with the same rights and obligations, or that “individuals” like Obama, Romney, Murdoch, Soros etc., whose little personas represent much larger interests, should be regarded the same as Joe or Jane Sixpack from upstairs? Why, do you think, do most countries in the world have laws in place to prevent shady behind-the-scenes dealings of large organizations and their representatives? Why, do you think, do most countries in the world have laws in place that regulate donations to political parties? For anyone with half a brain the answer to such questions should be obvious: shady behind-the-scenes dealings of governments and large organizations cause systemic corruption which is infinitely more harmful to the greater common good than anything a private individual could ever do …
… and of course, it goes without saying, the same applies to large anonymous donations to the Tor project. There is absolutely no reason whatsoever why a million dollar donation of a “North American NGO” should be made anonymously unless, of course, the donor’s name is an embarrassment to the project, which it would be if it was Hoover Institution, Soros Foundation, CSIS or other such organizations with a “mission”. I know that your wages are paid from donations to the project. But wouldn’t you be happier if you knew where the money was coming from and whether there are any strings attached to such a large donation? Most Tor users don’t have the ability to verify the security of their clients or the functionality of the network. They have to trust the developers, the maintainers and the operators of nodes and bridges. The project has therefore a responsibility to demonstrate its integrity and trustworthiness by being transparent in its actions and completely open regarding its financial supporters.