Kinds of Anonymity

Technical Anonymity. You use proxies, avoid cookies, you browser leaks no information about your IP, computer or other characteristics about your network traffic and computer. Your cover is blown as soon as you include your name, or other correlating information in a blog entry. Your cover will also be blown as soon as the intermediate parties (the proxy owner, the email provider) decides to hand over your information, say under legal pressures from the government.

Who needs technical anonymity? Spammers and people who’ve violated TOS clauses only need technical anonymity, because the traces that technical anonymity techniques remove the clues that web sites use to ban bad actors. Spammers don’t care if people know who they are as long as they can send email with being automatically ID’d as spammers.

Real humans need social and legal anonymity more than technical anonymity.

Social Anonymity. You don’t include your name or any other correlating information. You even try to change your writing style to avoid tools that correlated your favorite ways to misspell words with other documents on the web you publish under your real name. If the people who want to know who you are lack the resources or skill to trace IP addresses and correlate your ID from scraps of info like cookies and information leaked by your browser, then this can be done probably without any technical anonymity.

Who needs social anonymity? Bloggers and people writing about anything that might piss of the Jones up the street. If you decide you don’t want to be harassed for your religion, politics, personal behavior, etc, you might rather to be anonymous instead of being silenced by your personal enemies. For example, if you want to blog about politics, you don’t want it to ruin your chances of getting a job. These people will not user the courts to extract your ID from a commercial proxy service.

Legal anonymity. You are at risk of being throw into jail or losing your job if your ID is discovered– either because the government is corrupt, your company is evil or you really are a criminal. This is the hardest level to achieve because getting the email and proxy requires relying on 3rd parties to move your network traffic and those parties can be subject to government pressure to fork over your ID. Even commercial anonymity services don’t want to protect tax dodgers, mass murderers or spammers.

Sounds hard, is this a fools errand? Technical anonymity is possible, but you are likely to make mistakes, especially over a long period of time. Social anonymity is possible, but the odds of subtle mistakes are very high. Legal anonymity is probably impossible unless you make sure all your intermediate parties are outside your legal jurisdiction. However, as soon as your ID is being protected by a party outside the law, they you can’t enforce your contract with them regarding how they keep your ID safe! Imagine a proxy server company in Bahama that goes bankrupt and sells it’s assets with scraps of your ID to a US company and then your cover is blown again.

Why not use Tor? Tor would make legal anonymity easier because it isn’t a company and it mixes up tons of legal juridsictions, but the performance of the Tor network makes it unusable.

Comments are closed.