Perfect anonymity is still a concern

Unlike Gabrielle, I think anonymity is still an issue we should concern ourselves with. The Onion Router (also known as Tor) is being pushed by the Electronic Frontier Foundation as a way to achieve anonymous Internet communication by using technology. Onion routing uses multi-layered cryptology to ensure secrecy for the routers which your data is being bounced across. Thankfully, the US Government can still monitor both ends of the communication if both the sender (user) and the receiver are located in the US. People are also, however, working toward “better” systems. The Phantom Anonymity Protocol, designed in 2008 by Magnus Brading and unveiled at DEFCON 16, was created with the goal of extremely secure anonymity for every user. Its highly decentralized design makes it a much better candidate for allowing users to accomplish perfect or near-perfect anonymity, without the weaknesses and lack of adaptation that plagues Tor.

Regardless of whether these attempts meet success, the truth is that people are striving to make perfect anonymity very real and very easy achieve. Before one of them succeeds, we should consider whether we really want that. Gabrielle described the work of Latanya Sweeney, who could identify unique people using a very small number of traits, and said that we could still link people to their posts using such a method. Yet the technique requires a birthday, zipcode, and gender, and there is little preventing users from entering false information. There have been many times when I set my birthday as “January 1, 19xx” just because choosing not to change the month and day saved me four clicks.

As another example of how difficult it is to be truly anonymous, Gabrielle mentioned the article in Wired about the author who tried to disappear. He was eventually found despite going to great lengths to hide. Yet in the story, search parties had help—they knew what the author looked like. In a world where perfect anonymity exists, it would be impossible to find out anything about where communication originated from, much less about the person responsible.

Of course problems with jurisdiction would arise. I am not suggesting that American officials police everything—I said the proper authorities should be involved. At the very least, we should be able to determine which country the communication originated from and proceed from there. I understand, however, that this only works well in a country with a government I can trust to not abuse the power. I would be content with such identifying ability in the United States, but if the ability were available to the Iranian government, many of the demonstrators might be in very serious trouble.

Still, choosing to not even try governing the Internet because it is not the property of any individual country would lead to a truly lawless Internet, and I don't believe that is good for anyone who isn't a criminal. People have often argued that the Internet is like the Wild West, somehow with the idea that that is a good thing. Despite what quaint memories of spaghetti Western films might tell you, however, the Wild West was not a good place to live, and there's a reason it doesn't exist anymore.

Mixing a truly lawless Internet with the ability to achieve perfect anonymity is a very, very dangerous game. FBI agents have on occasion managed to nail people guilty of spreading worms and other malicious code. In a lawless, anonymous Internet, not only would they not have been able to track down the source of the virus, they wouldn't have even tried. After we decide not to regulate the Internet, I give it a few weeks before the culture of business, collaboration, and discussion we have worked hard to build for more than a decade is destroyed. Child pornography would also boom, and needless to say children will be hurt in the process. I guess it would solve the problem of harassment and cyber-bullying, though—few people will risk their computers' welfare to visit an Internet businesses have abandoned. Maybe this is an exaggeration, but the point is that the harms of a lawless Internet are far too great for us to be lazy about sorting out issues of international law and jurisdiction.

Gabrielle mentioned privacy issues, and I agree that they are a serious concern we should have with the Internet today. I don't agree that the privacy we should be concerned with is related to forums, though. I think the bigger problem is with corporations. As I type this, I realize that Blogger is a tool controlled by Google. Among Google services, I also use Analytics, Calendar, Docs, Gmail, Book Search, Maps, Wave, YouTube, and Voice. With all the information from these various services, Google has a fairly thorough grasp of my entire life. We should be worried about the abuse of this information. In class we discussed ways in which this problem might be solved. Part of it is the amount of legalese that leads to a total lack of understanding held by most people of what various companies can do with our information. I believe the government should be able to punish companies for abusing our information, just as in Europe. Though it often happens after the fact, when it is too late to prevent the information from being shared, so is all prosecution. It's would be a start, at least.