Tor aims to grow amid national debate over digital privacy
The Tor Project's new executive director Shari Steele is on a mission to change the image of the group's anonymous browser and make its 'clunky and hard to use' technology more user-friendly.
When she took the helm of the Tor Project after 15 years leading the San Francisco-based digital rights group Electronic Frontier Foundation, Shari Steele had something in common with most Internet users: She had never used Tor’s anonymous Web browser.
Tor occupies a relatively small corner of the Internet. While some 2.5 million users log into Tor daily to mask their Web traffic, browsers such as Google's Chrome that handles an estimated 3.5 billion search queries every day dwarf it.
But amid growing concerns about digital privacy in the US and internationally, Ms. Steele is looking to use her experience building nonprofit organizations – as opposed to her technical skills – to move Tor out from the shadows of the Internet.
"When Coca-Cola hires a new CEO, it doesn’t matter very much if they drink Coca-Cola," she said. "My hiring was part of an effort not to be this little fringe software project."
It hasn't hurt, either, that the FBI's legal case against Apple to compel the tech giant to help unlock the San Bernardino shooter's iPhone gained so much attention. As such, Tor's message to people concerned about digital privacy as a result of that lawsuit was, basically, if you're worried about government snooping, "We will never backdoor our software."
And as Tor steps more into the spotlight, it's getting some high-profile help, too. Edward Snowden, who was featured in the organization's recent fundraising campaign, "This is What a Tor Supporter Looks Like," tweeted in December: "Without Tor, when you walk the streets of the internet, you're always watched."
In addition to getting Mr. Snowden's endorsement, the Tor Supporter campaign is also about attempting to change Tor's image problem. Critics and law enforcement officials often paint it as a haven for criminals and pedophiles who rely on it to avoid detection. For example, a study published in February found that 57 percent of active "hidden services" – sites developed for Tor that help conceal users' locations – are intended for some kind of illicit or criminal activity.
But Steele's work so far is about stressing the legitimate services Tor provides people who often need privacy online the most. "Private kinds of searches have never really reached their full potential, and that’s partially because [Tor is] clunky and hard to use," she says. "But it can help people secretly look up different kinds of medical treatment, or consider changes in their sexual orientation."
Even before Steele came on board, however, Tor began working to make its technology more approachable. In October, it launched Tor Messenger, an encrypted instant messaging service. A November crowdfunding campaign brought in over $200,000 in donations over a six-week period. In January, Facebook announced plans in January to let Tor users connect through an Android application.
"When Tor becomes easy to use, we can expect it to become a default," said tech blogger and journalist Cory Doctorow.
That not only means Tor users will enjoy more privacy online but also be shielded from law enforcement surveillance, said Mr. Doctorow. "There’s no way to make a Tor that can protect people from surveillance from governments without protecting them from the FBI."
Working with the Electronic Frontier Foundation, Steele has proven she's an effective digital rights advocate. At the EFF, she pushed to lower sentencing guidelines for the Computer Fraud and Abuse Act, the federal government’s chief law used to punish criminal hackers. Steele also successfully sued the US State Department in a case that established code as constitutionally protected free speech.
Rebranding Tor will likely be a tougher challenge. The project that got its start as a US Naval Research Laboratory, and still receives much of its funding from the US State Department today, has plenty of adversaries. The US government is chief among them.
Last year, the FBI appeared to use a vulnerability it found within Tor as part of a child pornography sting operation that surveilled a site on the Tor network. A defendant charged in the case sued the FBI to find out about the exploit.
In a separate case, Tor claimed the FBI paid Carnegie Mellon University researchers $1 million to find vulnerabilities in Tor. School officials denied the charges, but a recent court filing showed the FBI has subpoenaed IP addresses from researchers – possibly part of a larger effort aimed at shuttering dark Web markets.
In late 2014, the bureau seized servers and web addresses around the world hosting more than 400 Tor hidden services.
"People say we’re responsible for the Dark Web," Steele said. "That’s not why Tor is essential. It’s like saying people hide behind the first amendment to do Nazi activity. That’s not why the first amendment exists."