[rndgermandude]

Tell that to all those ISPs doing DPI and injecting crap and ads in unencrypted http. Or hotels running captive portals. Or your employer doing org-wise TLS MITM and logging.

Unethical? Most certainly! A crime? Could be depending on what was done and in what jurisdiction, but far from certain.

[wildmusings]

In all of those examples you cite, the user has agreed to allow the monitoring or injection.

[rndgermandude]

Honestly, it is arguable that the user actually agreed to monitoring and in-flow data modification knowingly, and therefore it might constitute an Unconscionable Contract due to an Unfair Surprise (again, depending on jurisdiction).

That is assuming the user did actually agree to anything.

Now what if the exit operator put up a ToS themselves stating users of their exit node will be monitored and/or data flowing through their services might be modified on route even? Because, after all, it is the TOR users using their services, not the other way round.

"You hereby grant Tor Exit Operator Ltd, A Nigerian Prince/Russian Business Network joint venture, the right to monitor, log, modify all data you transmit to our service and an irrevocable, unlimited license to use any data you transmit for any purpose".

[xg15]

Tor noob here: How are exit nodes actually assigned to end-users though? So far my understanding was that the assignment happens automatically without any conscious descision by the end-user. If that's true, construing an "agreement" would be pretty hard - if the user isn't even aware they're using your service.

Same reason shady companies still at least need to make it look like they asked your agreement and can't just state "by looking into our general direction you transfer ownership of all your worldly possessions to us"

[chupasaurus]

I don't know if anywhere on Earth agreements have advantage over law, but AFAIK any illegal action in any agreement is forbidden.

[wildmusings]

The whole point is that these things aren't illegal on you own network if you disclose it to the user. Network monitoring and traffic modification aren't illegal in and of themselves.

Consider this. If I just take your car from your driveway, that's stealing. But if you first sign a contract transferring ownership of your car to me, it's very obviously not stealing.

[jonathanstrange]

If by "to agree" you mean "clicking something away that nobody ever reads in order to be able to use something for which you've already paid" or "silently assuming that some hotel's house regulations that nobody ever reads does not contain a clause that allows them to tap into your private communications", then I guess you're technically right. Somewhat.

[nannal]

yes that's what it means to agree, if someone hands you a document and says "sign here" and you just sign without reading it, you have agreed.