Anonymous Proxy Servers & Public Proxy Servers

We are not lawyers, and cannot provide legal advice. This article is intended only to raise awareness of a few of the many issues involved with the use of "public" proxies.

When I first learned about anonymous proxy servers, I thought they were the greatest thing since sliced bread. But given their "public" availability and lack of advertising support, a question loomed in my mind: "Why would anyone operate a public proxy server?". A little logic, and a little research, eventually led us to establishing iPrivacyTools in it's current form (using private proxies). Here's why:

If I worked in law enforcement and wanted to catch "bad guys" by the dozens, there would probably be no better way of accomplishing that objective than by setting up an "anonymous" proxy server and monitoring/logging the traffic flow. My guess is that anonymous proxies are a magnet for abuse by criminals who wish to be "invisible". Along the same lines, if I were a criminal and wished to tap a goldmine of passwords and financial information, setting up an anonymous proxy would also be a perfect way to do just that.

These problems are magnified by the fact that most public proxy servers are not configured to work with SSL.

Furthermore, the complete lack of any "terms of use" or "privacy policy" on such services should be a red flag to legitimate users.

So aside from the "honeypot" purposes mentioned above, why would anyone be motivated to provide free bandwidth for an anonymous public proxy server? It's true that there are some generous people out there who think that everything on the Internet should be "free". But keep in mind that operating such a relay exposes the server owner to tremendous legal risk, as they become "associated" with all the activities of people surfing through their IP's. Who would want to do that, without any user screening? The answer is probably: nobody.

I don't know the statistics, but my guess is that these "public proxy servers" are usually open to public access either because of system admin error, or as a result of a computer virus, hacking, or malware. In other words, they are not actually "public", but rather private servers that are being accessed by the public without permission. And that means that you may be breaking the law just by connecting to them.

Having said all of the above, I must also say that I have never personally heard of anyone being sued for surfing via a proxy server without permission. And it seems that thousands of people continue to use them despite their other risks as well.

If you do choose to use "public" proxy servers, or "anonymous" proxy servers, I believe there may be a few things you can do to limit your personal risk:

1. Find a server that supports SSL connections. Although they're more difficult to find, having SSL functionality will make it much less likely that your passwords could be intercepted while logging into websites via an https:// page.
2. If you cannot find an SSL-compatible proxy, then do not login to any pages with passwords, and do not submit any financial information (e.g. credit card numbers) while surfing. Viewing web pages is about all that you can do safely without SSL.
3. Do not do anything illegal. Obviously, doing anything illegal on the Internet is illegal whether you're using a proxy or not. Feeling that you might safely break the law while using an anonymous proxy server would be a false sense of security. You may actually just be exposing yourself to one more level of legal risk.
4. Do not ever expect untraceable anonymity from an anonymous proxy server.

Again, we are not lawyers, and none of the information on this page should be construed as legal advice. If you have any further legal questions or concerns, it would be best to consult with an attorney.

Do you have any input about anonymous proxies or public proxies that you'd like to add here?

Please let us know, so that we can keep this information fresh and useful.