Internet Anonymity: A Right of the Past?
June 25, 2009 6:20 PM   Subscribe

Wasn't Internet anonymity something people used to talk about back in 1995 before they knew any better?
posted by Afroblanco at 6:30 PM on June 25 [1 favorite has favorites]

I'm no lawyer, but the idea of Internet anonymity seems pretty simple to me: you have a right to remain anonymous unless you use it to commit a crime, at which point your activities and identity become part of the public record.

There's probably a lot more legal finesse to this issue, particularly in the United Kingdom with it's much more serious libel laws, but I guess the right to anonymity has always felt like the number one unwritten rule of the Internet (for better or worse).
posted by Donnie VandenBos at 6:31 PM on June 25

Everybody get ready when the contents of all your social networking sites, your browsing history and your recent downloads are all available to your employers and the general public. Get used to the idea of everybody knowing that you are really into zoosex.

Also my name really is Avenger.
posted by Avenger at 6:34 PM on June 25 [1 favorite has favorites]

Talking about specific police cases seems pretty risky, but I wish I'd gotten the chance to see his blog before it was outed. Sounds depressing, though.
posted by graventy at 6:34 PM on June 25

The link provided in the first link:

http://www.cbsnews.com/stories/2008/09/12/tech/cnettechnews/main4443738.shtml

Literally has about ten times more information on the "IP Traceback" proposal which it claims was proposed by China. It sounds like it primarily would be effective against non-technical people.
posted by XMLicious at 6:55 PM on June 25 [1 favorite has favorites]

Boy, I can't *wait* to find out who the freak is who keeps posting those weird & fascinating questions on AskMe.
posted by UbuRoivas at 6:59 PM on June 25 [2 favorites has favorites]

so long as NSA involved, I feel safe and secure.
posted by Postroad at 7:06 PM on June 25

The right to vote rests upon anonymity. Any meaningful polling result rests upon anonymity.
posted by Brian B. at 7:08 PM on June 25

I, FOR ONE, HAVE NOTHING TO HIDE AND AM COMPLETELY COMFORTABLE WITH THIS CURRENT SURVEILLANCE! DEATH TO THE ENEMIES OF BIG BROTHER AMSOC!!!
posted by paisley henosis at 7:10 PM on June 25 [1 favorite has favorites]

A United Nations agency is quietly drafting technical standards, proposed by the Chinese government...

So it begins.
posted by Sys Rq at 7:14 PM on June 25 [1 favorite has favorites]

The interesting part to me is that you can still have anonymity on the Internet, if you want it — it just means giving up a large part of your audience, and letting other people get take the PR credit for your work.

E.g.: if you post exclusively to Usenet via a relay system like mixmaster, using a name that is not in any way connected to any other online identity, you are almost guaranteed of your anonymity. There are theoretical attacks against mixmaster, but an attacker would have to compromise a large number of nodes (similar to attacks on Tor); unless you are really pissing in the NSA's oatmeal, it's unlikely. Libel away.

(You could also use Tor and normal weblogs, but I wouldn't really trust this; it's too easy, if you're not very careful, to accidentally break your anonymity via JavaScript or just forgetting to fire up Tor, or because the website you're using blocks Tor endpoints from posting/commenting, or a dozen other things. Simpler protocols are safer.)

However, the audience that will read what you write is rather small. You won't become a famous blogger that way, in all likelihood, unless what you are transmitting is really noteworthy. Average users will never see it, unless it's republished by someone else. That's the tradeoff.

When I see people getting burned online, it's usually because they're engaging, unknowingly, in a tradeoff. If you want to participate in Web culture without going through a lot of technological hurdles, you aren't anonymous. This is because the modern Web was not designed for anonymity; it has a lot of features, like referrer headers and cookies, that would never have been implemented if privacy had been a key goal.

I got bitten, hard, by the "Internet exceptionalism" bug that circulated in the mid to late 90s. I really thought that the Internet would change everything, and that we could create a world-within-a-world on the Internet and the Web in particular, where obnoxious laws just wouldn't apply, or barring that just wouldn't be enforceable. It was naive. It was naive not because the technology didn't pan out, but because most people just didn't care. (And I've come around to this, after a decade or so; I suspect it's possible for a determined searcher to get my real identity from my MeFi username, I just don't think anyone cares that much.) The number of people who really want/need true anonymity are small, the number of people who will abuse it if it exists are large, and the number of people who just say "meh" to the whole idea are overwhelming. So, we ended up where we are now: the tools to remain anonymous online exist, invented and kept alive by a determined group of people who really believe in them, but the average user doesn't know how to take advantage of them.

I despair that there will ever really be any different solution. Easy-to-use anonymity breeds 4chan-like asshattery; no anonymity breeds censorious oppression. The best we can do is try to keep the tools for it around, and hope that the people who really need it realize their need before they get burned.
posted by Kadin2048 at 7:19 PM on June 25 [13 favorites has favorites]

This would be great for Iran!
posted by b1tr0t at 7:21 PM on June 25 [1 favorite has favorites]

So maybe this is a dumb question. Maybe.

But if we can't even get most companies / DNS sources / software moved over to IPv6, how on earth are they proposing to put into place an entirely new protocol like this?
posted by strixus at 7:27 PM on June 25 [7 favorites has favorites]

When I see people getting burned online, it's usually because they're engaging, unknowingly, in a tradeoff.

Or just unaware of how the technology works. Your computer needs an IP address, which is associated with its mac address, which is then associated with the traffic it generates up to the gateway, whose IP is also assigned based on its MAC address or set statically, and requests for web pages or even just any old opened connections are are associated with that as well.

All of this is may or may not be logged, but all of it _can_ be logged, and for the most part in this modern age is. Which is why the ability to be anonymous is very much a product of imperfect, inactive or just decentralized logging. And drive space is so cheap now that you see that less and less.

To actually be really, truly anonymous on the internet takes a lot more work than even smart people realize. There's a lot of tech working against you on that front.
posted by mhoye at 7:30 PM on June 25 [2 favorites has favorites]

I guess I don't see what the fuss is about with anonymity. I stand behind my posts, opinions, work, thoughts, etc... If someone really wants to let my boss know that I did a search for jugs and butts then so be it. If someone wants to point a loved one to a post I made being critical of them, so be it. I probably told them what I thought already. I guess I don't have enough nefarious time invested in the net to this point.
posted by Gravitus at 7:36 PM on June 25

The right to vote rests upon anonymity

Technically, no. In a secret ballot, no single vote can be traced back to the person who cast it, but it's not the same as anonymous voting. An open, transparent voting process has to have some system by which people can know how many votes were cast and by who, so that people can't vote multiple times or for other people. If you turn up to the polling booth and you won't identify yourself, you shouldn't get a vote.
posted by Fiasco da Gama at 7:36 PM on June 25 [2 favorites has favorites]

There is no 'right' to internet anonymity and never was. There was just a while there where people thought they were being anonymous and got used to it.

Whether there should be such a right is an interesting question.
posted by unSane at 7:36 PM on June 25 [1 favorite has favorites]

as the internet becomes an increasingly important commincation technology - more and more important speech as carried across.

internet anonymity is a free speech issue. no one disputes that the gov't shouldnt be able to wire-tap my hard-line phone. but data-mining cell phone text messages and emails is different. or is it?

it is different - because instead of tapping one phone and listening to one guy, with the internet they can data mine everyone at one time, essentially wire-tap the entire internet generation.
posted by Flood at 7:56 PM on June 25

Technically, no. In a secret ballot, no single vote can be traced back to the person who cast it, but it's not the same as anonymous voting. An open, transparent voting process has to have some system by which people can know how many votes were cast and by who, so that people can't vote multiple times or for other people. If you turn up to the polling booth and you won't identify yourself, you shouldn't get a vote.

When assuming the right to vote (because not everyone has the right to vote) then it rests upon an anonymous vote, or, anonymity.
posted by Brian B. at 8:05 PM on June 25

No, Brian B. It's the voting paper that's unidentifiable, not the voter. Unless you've got some kind of identification system of eligible enrolled people, you can't have one-person-one-vote. You get one-person-as-many-votes-as-they-can-be-bothered-to-cast.

Democratic elections depend on the banning of sockpuppets.
posted by Fiasco da Gama at 8:20 PM on June 25 [3 favorites has favorites]

When assuming the right to vote (because not everyone has the right to vote) then it rests upon an anonymous vote, or, anonymity.

Huh? I think "anonymity" might mean the opposite of what you think it means.
posted by Sys Rq at 8:42 PM on June 25

No, Brian B. It's the voting paper that's unidentifiable, not the voter. Unless you've got some kind of identification system of eligible enrolled people, you can't have one-person-one-vote. You get one-person-as-many-votes-as-they-can-be-bothered-to-cast.

Obviously. But I explicitly assumed a right to vote, not just some anonymous style of voting itself, as you suggested.

Democratic elections depend on the banning of sockpuppets.

But not by banning the anonymity of individual votes, or writing our names on the ballots, which would be an effective method, but one which misses the point of desiring a free and unbiased outcome, which is the point of the voting right itself: to avoid an external influence, such as the threat of retaliation. Therefore, the right to vote (freely) rests on anonymity.
posted by Brian B. at 8:42 PM on June 25

In a secret ballot, no single vote can be traced back to the person who cast it

Unless you live in some tiny place where you are the only registered voter. There is a township in my state that had only one resident in 2000. The "anonymized" data from the Census Bureau about her township is all about her. If she were the only voter in an election, the results for her precinct would reveal exactly who she voted for.

More common would be a case where every registered voter in a very small town voted for the same slate of candidates. Their names would be known from the voter rolls, and their political preferences would be known from the results.
posted by Knappster at 8:51 PM on June 25

I guess I don't see what the fuss is about with anonymity.

You would if you were trying to smuggle protest footage out of Iran right now.

Internet identities are extremely useful in many situations. eBay would not work if everyone were anonymous. Metafilter would be completely different. One of the major benefits of developing Facebook apps is that you automatically tap into a user authentication system with millions of active users.

But there are valid and important reasons for anonymity, notably to afford protection from retribution resulting from voicing opinions that powerful people do not want to hear.
posted by qxntpqbbbqxl at 9:04 PM on June 25

I think we're on the same page, Brian B., it's just that "secrecy" is a more precise word for the balloting process. "Anonymous" voting has the potential to be confused for internet petitioning.

writing our names on the ballots, which would be an effective method

Heh. I ran in a student council election once where the returning officer was a post-graduate economist from an American Ivy League college on exchange, honestly the most democratically incompetent man I have ever met. He didn't understand preferential voting or how to calculate quota or how to distribute surplus, which I thought was odd for an economist, but on polling day when the opposition brought a whole lot of "voters" to the booth who didn't have student cards—who I argued were ineligible to vote—he came up with his brilliant solution I remember him for.

"Why don't they write their names on the back of the ballot papers and we can check them later"?

Sometimes the smartest people can be so, so stupid about simple things. I'd like to think that this IP protocol is being drafted with the same spectacular naivety, rather than deliberately to erode people's rights.

[hopes]
posted by Fiasco da Gama at 9:14 PM on June 25

Maggie McLetchie, a lawyer for the ACLU in Nevada, is defending four people whose names she does not know. ...four people who left anonymous comments on a story about a tax evasion trial in the Las Vegas Review-Journal. A subpoena has been issued demanding the IP addresses, email addresses and any other information about them in an attempt to identify who they are. Prosecutors claim that these commenters were leaving threats against the jury and the prosecutor in the case.

There is a gigantic misconception of the concept of "rights" in the US. There is no absolute right to anything, including life. An individual's right to anything may be taken by the government as long as the person whose right is taken is given due process of law, which in its simplest formation requires an unbiased decision-maker and the right to reply. The unknown internet commenters do have a right to privacy in some sense, but the government has the right to take that privacy away in the investigation of crime, as long as the persons have a right to move to quash the subpoena.

This is the basis of the system set up by the founding fathers. It is genius in design and pretty good in operation.
posted by Ironmouth at 9:14 PM on June 25

On the one hand, I don't like the chill this may have on free speech.

On the other hand, if it means the end of moronic youtube and local newspaper comments, I'll donate money to see it happen.
posted by maxwelton at 9:28 PM on June 25

There is no absolute right to anything, including life.

I generally agree, but I would suggest that there is one "absolute" right of privacy in the act of voting, which is generally accepted as a citizen's duty, if we have the right to vote. In that booth we expect and enforce the right of absolute privacy for each vote. I believe this should matter in any argumentation of rights pertaining to anonymity, or else some incompetent judge may wrongly assume that no right to privacy ever existed.
posted by Brian B. at 9:38 PM on June 25

That document was provided to Steve Bellovin, a well-known Columbia University computer scientist...

Clearly not an expert on anonymity.
posted by Bokononist at 10:23 PM on June 25 [1 favorite has favorites]

Ugh. You're muddled on anonymity and voting, Brian, and derailing this into a discussion of absolute rights is only going to muddle things further.

Though your muddling does reflect how language is failing the broader issue of internet "anonymity," in that what we're really talking about is pseudonymity and privacy, not true anonymity.
posted by klangklangston at 10:32 PM on June 25

Votes in a UK General Election can be traced back to individual voters: it's just that doing so requires the co-operation of a large number of people and a significant amount of work to correlate the various paper records.

In other words, the anonymity of your vote in a UK General Election exists only because of the amount of effort that would be required to break it.

(I believe the intention is that the anonymity of the vote would be broken only to investigate allegations of widespread fraud: in other words it's there to support the integrity of the voting system by ensuring that fraud can in principle be discovered. Of course, our Labour government did an end run around this by setting up postal voting with little or no security, which led to an inevitable upswing in fraud at the following GE: the backlash fortunately meant that they pretty much abandoned their plan to make all GE voting postal.)
posted by pharm at 11:53 PM on June 25

Metafilter: I just don't think anyone cares that much.
posted by kaspen at 12:04 AM on June 26

That came off glib, but really I think that's what the entire debate comes down to, for better or worse. Personally, I'm not at all concerned some industrious hacker will infiltrate my system to... judge me for my tastes in pornography or mp3s? Read over my old undergrad papers? Check out the vacation photos I already publish for the world to see on facebook? Obviously the ability to ensure privacy is important in certain specific, dramatic situations such as the ongoing repression in Iran, but for everyday individuals who are already publishing so much of their lives online, what is there really to be afraid of?
posted by kaspen at 12:15 AM on June 26

Look through your bank records?

Why did the USA PATRIOT Act grant the FBI the ability to monitor what books you check out of the library without notifying you of the check?

Not all everyday individuals are publishing their lives online. I'm not as good as I ought to be about keeping everything anonymous via Tor, etc. but I don't post personal information online and I try to have a different username at each site I visit regularly.

And BTW it might not simply be a hacker looking at your stuff. It could be some sort of automated mechanism that takes everything and indexes it in a Google-like search engine. It amazes me that anyone would see no problem at all in every detail of your life being collected and amassed, even just by an identity thief, much less a corporation or government. If I complain about a company or another organization somewhere on the internet I don't want my name, address, cellphone-tracked GPS location, and every detail of my life history popping up on the screen of someone who works at that organization.
posted by XMLicious at 12:44 AM on June 26 [3 favorites has favorites]

Boy, I can't *wait* to find out who the freak is who keeps posting those weird & fascinating questions on AskMe.

They're all me.

I keep DTMFA'ing myself, but then later I break down and take myself back, over and over again.

I just can't quit me.
posted by rokusan at 2:21 AM on June 26

This is what happens when totalitarian states take over the drafting of internet protocols.
posted by acb at 2:36 AM on June 26

The "anonymized" data from the Census Bureau about her township is all about her.

Seriously? I can't imagine any legitimate statistical organisation would publish such information.
posted by ninebelow at 3:22 AM on June 26

Given how difficult it is now to be anonymous this seems absurd. And is really scary in that 1984 kind of way.

For some reason most people don't see that once something like this is in place you have invited a future totalitarian regime to take over. Someone will ultimately make use of this information in horrible and totalitarian ways. It has happened too many times in the past. Pol Pot, Hitler, USSR, Guantanamo Bay. Why do you honestly think it won't happen again?
posted by mary8nne at 4:10 AM on June 26

The IEEE paper linked from the CBS article has these disclaimers:

While there is on-going work
on following attackers through intermediate hosts [47], [41],
there are still significant challenges in developing a generally
applicable and universally deployable solution to this problem.
One interesting possibility enabled by the packet marking
approach is to extend traceback across "laundering points."
For example, identifying marks could be copied from a DNS
request packet into the associated DNS reply, thereby allowing
the victim to trace the full causal path. However, this would also
increase the required path length to be reconstructed in such
cases--possibly exceeding the limited space in the length field.
Even in absence of such "laundering," our approach does not
reveal the actual host originating the attack. Moreover, since
hosts can forge both their IP source address and MAC address
the origin of a packet may never be explicitly visible.

And:

Even with perfect traceback support, unambiguously identifying a
sufficiently skilled and cautious attacker is likely to require cooperation
from law enforcement and telecommunications organizations.

I've only skimmed it, but it looks like they're talking about 'marking' packets with the route they take from source to destination. I could be missing something, but I don't see anything here that would prevent someone from taking the actual content of packets and resending it. The footnotes referenced (41,47) point to papers published in 2000 and 1995, not exactly late-breaking news.

Unless there's further information for people to offer, I agree with XMLicious:

It sounds like it primarily would be effective against non-technical people.

With the addition that the IEEE paper's authors seem to be thinking about certain kinds of attacks, and it sounds like their suggestions could be helpful in those specific situations.

There are a lot of places in the linked articles and items linked from them where people state their intentions, or claim "someone else is working on this", without stating how it would be done.
posted by gimonca at 5:36 AM on June 26

Personally, I'm not at all concerned some industrious hacker will infiltrate my system to... judge me for my tastes in pornography or mp3s?

Do you save any passwords on your machine?* Say you're a Firefox user...all someone needs to do is grab a copy of your signons3.txt and suddenly they're doing a lot more than critiquing your porn collection.

* You may not, but plenty of people do.
posted by JaredSeth at 5:55 AM on June 26

The issue of government over stepping their authority and assholes abusing rights swings back and forth. When the rights abuse gets to the breaking point, people freely let the government do what they want to control the assholes. Then the government through change slowly allows assholes to start abusing rights again. I would say the solution is to shoot all of the assholes in the world but then there would be nobody left....
posted by Mastercheddaar at 5:56 AM on June 26

I'm no lawyer, but the idea of Internet anonymity seems pretty simple to me: you have a right to remain anonymous unless you use it to commit a crime, at which point your activities and identity become part of the public record.

LOL what? More like you have a right to privacy until you do something that pisses someone off enough to want to file a lawsuit (regardless of whether or not you would actually win) so they can supena your ISP, possibly suing someone else to get your IP address.

The Nightjack thing would only automate the process. Which is still bad, because it would remove the actual effort required to do, meaning that it could be done without anyone knowing, and en-masse.

I would say the solution is to shoot all of the assholes in the world but then there would be nobody left....

That's why the NRA is so worried about gun rights!

E.g.: if you post exclusively to Usenet via a relay system like mixmaster, using a name that is not in any way connected to any other online identity, you are almost guaranteed of your anonymity. There are theoretical attacks against mixmaster, but an attacker would have to compromise a large number of nodes (similar to attacks on Tor); unless you are really pissing in the NSA's oatmeal, it's unlikely. Libel away.

Or the government could just ban stuff like that, and require ISPs to use Deep Packet inspection to prevent it. On the other hand you throw in things like Stenography and information hiding to prevent things from being detected, but that takes a lot of work.

I can imagine people emailing eachother JPGs with hidden data, or something.

Anyway, the internet is much less robust against government, erm, curiosity, then people think. All of these technologies can be subverted pretty easily by a government. And because whatever technology comes around to keep things hidden won't really be used all that much because most people "have nothing to hide" and don't particularly care or worry.

An open, transparent voting process has to have some system by which people can know how many votes were cast and by who, so that people can't vote multiple times or for other people.

Not true at all, in fact votes are cast anonymously (or at least in a method compatable with anonymity). Multiple voting is done by marking the fingers with un-eraseable ink that lasts for a while. Everyone will know you voted, but no one needs to know who you are. The problem, of course is that people who are ineligable to vote can't, but that can be solved by making everyone eligable to vote.

On the one hand, I don't like the chill this may have on free speech.

On the other hand, if it means the end of moronic youtube and local newspaper comments, I'll donate money to see it happen.

So what you're actually saying is: You're opposed to free speech. Also this is obviously not going to availble to everyone. The government always increases it's access to information about us, and decreases our information about itself. It should be the other way around.
posted by delmoi at 6:44 AM on June 26

I guess I don't see what the fuss is about with anonymity. I stand behind my posts, opinions, work, thoughts, etc... If someone really wants to let my boss know that I did a search for jugs and butts then so be it. If someone wants to point a loved one to a post I made being critical of them, so be it. I probably told them what I thought already. I guess I don't have enough nefarious time invested in the net to this point.

Then you have no need for anonymity. But if you were an activist against an extremist organization with unlimited funds, complete disregard for the law & a history of abuse of the legal system as a means of stifling dissent, you might find it useful.
posted by scalefree at 6:48 AM on June 26

Ugh. You're muddled on anonymity and voting, Brian, and derailing this into a discussion of absolute rights is only going to muddle things further.

I put my reference to "absolute" in quotes, after quoting it, and it wasn't my derail, even about voting.

Though your muddling does reflect how language is failing the broader issue of internet "anonymity," in that what we're really talking about is pseudonymity and privacy, not true anonymity.

Now that's what I call muddled.
posted by Brian B. at 6:57 AM on June 26

scalefree: "...But if you were an activist against an extremist organization with unlimited funds, complete disregard for the law & a history of abuse of the legal system as a means of stifling dissent, you might find it useful."


I guess I'm in the clear then.
posted by Gravitus at 7:45 AM on June 26

I generally agree, but I would suggest that there is one "absolute" right of privacy in the act of voting, which is generally accepted as a citizen's duty, if we have the right to vote. In that booth we expect and enforce the right of absolute privacy for each vote. I believe this should matter in any argumentation of rights pertaining to anonymity, or else some incompetent judge may wrongly assume that no right to privacy ever existed.

I'd have to dispute this too. Because if you vote illegally, then your vote is discounted. See Colman v. Franken, currently in the news. In the case of a ballot dispute, your vote must be counted or discounted based on your legal qualifications to vote. Thus, there is no "absolute" right to anything.

This is basic Con Law.
posted by Ironmouth at 8:07 AM on June 26 [1 favorite has favorites]

I suspect it's possible for a determined searcher to get my real identity from my MeFi username, I just don't think anyone cares that much.

Same here.
posted by Chuckles at 9:13 AM on June 26

I guess I'm in the clear then.

Yeah that's one of those fantastic stories that never happens in the real world, but what about government or corporate whistleblowers? Most people have no need for strong anonymity and as we move into an age of transparency we're becoming acclimated to living our lives in public. But there are & always will be cases where people have a legitimate need to speak to the world while protecting their identity from powerful people who see them as a threat to the source of their power. Without the protection of anonymity all dissent is dependent on the good graces of those in power, on their willingness to play by the rules & withhold the full exercise of their power to uncover those who would limit them.
posted by scalefree at 9:37 AM on June 26

I guess I'm in the clear then.

Yes, you probably are, if by "in the clear" you mean not directly persecuted by those interests.

If you mean "living in a world in which these interests are held in check in their ability to ruin things for everyone," perhaps not.

Although... there is nothing saying that people must adopt any standard given to them, is there? Isn't that basically why IPv6 still hasn't caught on enmasse?
posted by JHarris at 11:05 AM on June 26

"Get used to the idea of everybody knowing that you are really into zoosex."

No one knows I'm into zoosex.
posted by Smedleyman at 12:53 PM on June 26

Ah, crap.
posted by Smedleyman at 12:53 PM on June 26

Not true at all, in fact votes are cast anonymously (or at least in a method compatable with anonymity). Multiple voting is done by marking the fingers with un-eraseable ink that lasts for a while. Everyone will know you voted, but no one needs to know who you are. The problem, of course is that people who are ineligable to vote can't, but that can be solved by making everyone eligable to vote.

You're solving three wrong problems, delmoi.
1. Multiple voting is far better, and more transparently, prevented by having a list of names you tick off one by one, ie. a roll. It's the actual casting of the ballot that is done in secret. Secrecy ≠ anonymity.
2. Inky fingers are used in countries where the electoral rolls are questionable and/or there are technical barriers to voter identification, religious requirements for women to hide their faces, for instance. There's no other reason for it.
3. That people who are ineligible to vote can't vote isn't a problem—not a bug, but a feature, as the saying goes. The size and nature of the franchise, though, is a political, not a technical, question. There's no physical reason children and non-citizen residents of any particular country couldn't cast a vote, unless prevented.
posted by Fiasco da Gama at 2:50 PM on June 28