Joi Ito's Web

Joi Ito's conversation with the living web.

Seth says he wants to banish anonymous communications.

Seth Godin
Virus writers are always anonymous.

Vicious political lies (with faked photoshop photos of political leaders, or false innuendo about personal lives) are always anonymous as well.

Spam is anonymous.

eBay fraudsters are anonymous too.

It seems as though virtually all of the problems of the Net stem from this one flaw, and its one I’ve riffed on before. If we can eliminate anonymity online, we create a far more civil place.

I disagree. Although most vicious attacks I have received have been anonymous, I still believe there is a role for anonymity and that the value outweighs the cost.

The American Association for the Advancement of Science has a project on anonymous communication on the Internet. They list a few of cases where we might need anonymous communication on the Internet.

Case 1 - The Crimesolvers Website
Case 2 - Chatting Online About Addiction
Case 3 - The Case(s) of the Hot News Tips
Case 4 - An Anonymous Computer Hotline: Is it Worth the Costs?
Case 5 - Terror in Elb!
Case 6 - Good Communication Gone Bad
Case 7 - His Word Against Whose?
Remember that the Internet is one of the few tools for a variety of people who are at risk including whistle-blowers and human rights workers. It is very difficult or impossible to "fix" the Internet without breaking it for others.


I agree and disagree. There are times when being anonymous protects yourself or others from harm. Witnesses to crime for example.
It also helps when signing up to potentially dodgy websites. For a while I used unchecked email accounts when signing up for stuff on the web. I knew that the account would be innundated with junk from such signups.
Other times like the ones mentioned to do with virii or crackers, being anonymous is more of a nuisance.
I've been a part of several idea/discussions for replacement systems to email in which annonymity is removed, some being very good and potential replacements. I'm yet to see one implemented though.

It would be trivial to create a valid internet identity that was totally false.

The idea that requiring un-anonymous communication on the net is simplistic and naive.

Don't you think that the spammers, thieves, and general ne'er-do-wells on the net can't figure out how to game a net identity system?

You can go to convenience store and buy a Visa Buxx ( ) card for cash and use it without ever giving your name. Let alone the Paypal Visa card from the Paypal non-bank. All easy to get without identity.

C'mon people, get real. Anonymity will always be available to those that want it. Right now, I can drive to downtown LA and have a fake driver's license & social security card in an hour. With that I can fabricate an entire identity that will pass most scrutiny in both meatspace and the net.

The future lies in trust & reputation systems that base identity on people, not certificates and faux identity.

The solution to a lot of these problems that I've been rolling around in my head, which is pretty similar to what Robert Kaye outlined in his session at etcon, calls for an end to throw-away anonymity. It is a system where all communication (IM, email, weblog postings/comments, etc) is mediated through a web of social networks and trust metrics anchored to an online identity (think of the WASTE darknet expanded to include multiple social networks and facilities for email and web browsing added in). The identity doesn't have to consist of your real name, but it does have to be consistently used in order to be useful. A brand new identity with little ties into the social network won't be able to do much. Therefore the identity has a vested interest to not misbehave.

In other words, it would take time to build up the social trust in an identity that would allow it to have the potential to abuse the trust. If the trust is abused, then the identity can be censured.

Private communications will of course be encrypted, like in WASTE, but I also had a nutty brainstorming idea for discouraging activites that seriously violate cultural norms, such as child pornography or terrorist activites. Perhaps all private communications could have a small probability to be 'overheard' in a random neighboring social network. In the case that an overheard message prompts outrage, then a certain percentage of the overhearing social network (not the government though) can vote to ferret out the identities of the transgressors.

What I'm trying to come up with is a way to map the social mechanisms that have evolved in the real world onto the online world.

maybe i'm missing the point, but anonymity on the net for me sometimes is taking a break from being tied to my background, name, expectations, etc. whether what i do on internet is trivial or not, i think variability of commitment is somewhat necessary.
like this comment for example.

So I have to wonder how Microsoft Longhorn is going to change anonymity on the net. Who can tell if it will actually protect privacy or if it will be a unique tracking platform to be abused by MS.

Joi's always right, but not this time.

To corrupt the entire net on behalf of whistleblowers is silly.

That's what phones are for.

Through Joi, I've read about anonymous 18th-century newspaper posts in pre-professional days when editors scrambled for copy among the letters received. Early pamphleteers were also anonymous. There is an element of free speech to this kind of communication that all manner of identity schemes defeats at the expense of important political ideas.

You mention an obviously undesirable and unworkable solution ("banning" anonymity?) and then in response weakly suggest an important but secondary list of reasons why anonymity can be useful.

The problems of anonymity that you mention are more fruitfully viewed as matters of trust. If an author chooses to be anonymous (for whatever reason) he is relying heavily upon the powers of discernment of the reader. We live in a gullible, undiscerning society precisely because of the mechanisms of protection available. "Experts" with long lists of impressive credentials tell us what to think, and as often as not they are knowingly or unknowingly serving the interests of the institutions they represent, rather than the truth. If people are forced to correlate a proposition with their own first-hand experience and understanding they will begin to exercise their own powers of judgement. Then when someone says that Joi Ito is actually a talking hand puppet they will know for themselves whether or not it is true, rather than sue for slander.

I'm not against banning anonymity on specific services on the Internet. If PayPal or eBay want to authenticate the identity of their users in some way, that's fine. What I'm against is trying to change the architecture of the Internet to somehow cause identity to be verified.

Also remember that the US and the "ecommercified" Internet is now just a small part of the world wide Internet. I huge percentage of the world lives in countries where people do not have the freedom to speak and are regularly punished for speaking up. The Iranian bloggers generally write pseudonymously. China, which will soon have as many users as the US still punishes certain types of public discourse. Think about how important the Internet is in providing a new channel of communications.

Telephone is not a very good alternative. In the past, tracing telephone calls was difficult, now it is trivial. I'm sure you can imagine that every telephone call to an omnibusman or the Red Cross is traced by any regime trying to stop people from calling out.

People at B92, which was an essential voice of resistance in Yugoslavia, have made it clear that if it they handn't had the ability to use anonymous communications, they would have been squashed by Milosevic. We need to find end-to-end solutions to the trust and reputation problem which do not involve some sort of absolute tracking that links to some sort of national ID. Most of such general ID schemes don't work for preventing crime anyway since the criminals will break the law. I localized systems of creating trust and reputation are necessary and are useful, but lets not generalize it to Internet architecture.

For instance, over 10% of national ID numbers in Canada are fake. I wonder why?

Seth Godin's comment is worthy of someone who writes saccharine, stupid books that re-hash discredited dot-com enthusiasms, solely to fuel an equally vapid and empty consulting business. PURPLE COW? How can he look at his bald-headed visage in the mirror with anything approaching self-respect, after peddling such a stupid idea in book form?

Now, I genuinely believe that, but I would not have been willing to use my full name to say it.

Why? Because someone who likes or respects Seth Godin, for personal reasons having nothing to do with his (nonexistent) merits as a thinker, might someday "get me back" for saying these things.

That's why anonymity is necessary, and good.

The problem with eliminating anonymity in the internet is that it already happened. At no other point in history was it so easy for the powers that be to track the origin and author of messages, communiqués, manifestos and harangues.

Anonymity is necessary for a society: The perfect attribution simple limits and reduces the possibility of communication, making everybody accountable for their ideas, yes, but at the same time allowing all those with the resources and interest to track and challenge those same ideas that might go against the perceived moral truth.

Anonymity is both precious and endangered: A transparent internet would be as bland as any corporate site, full of platitudes and "approved content".
We need anonymity! We need dissension!

Anyone is free to build servers where you need electronic signatures, real-time television surveillance, biometric ID checks (fingerprint and eyeball) and a personal recommendation letter from John Ashcroft to sign in.

And everybody else is free to ignore such servers, as I would certainly do. And if the control freaks try to use any legal instruments to enforce their vision of total surveillance against those not interested in their way of running things, they will face a strong backlash.

Watching and identifying anyone on the Internet is not a trivial task.

Sure there are a heap of snake oil salesmen and scam artists and spammers and unwelcome intrusions in one's life etc etc on the internet. How is this any different to what is outside your front door?

So rather than blindly trusting, we all need to be as well informed as possible.

Caveat Emptor - "Let the buyer beware". (Sorry I can't think of a suitable latin phrase)

Unfortunately, the same freedoms that allow you to live your life the way you choose, allows less reputable people to exploit it for their own distasteful purposes (Spam, porn, satire). I can tune out as I am not prepared to give up my own freedoms for the sake of ratbags.

I just wish I had the countermeasures technology to deal with spammers who drive me mad. ggrrrr

I have to agree partly with Camino,
we are living in a time where anonymity is very rare.

Consider this in the middle ages you would have lived in a village without any kind of anonymity everybody would have known you, but you just had to walk to another village just 20 kilometres away and abolutely nobody would have known you.
Go to another country and the chance that anybody will ever disover you is 0.
Now today you have no chance of hiding away forever anywhere on this planet, you need like bin Laden a complete society surrounding and hiding you, so the chances of the common guy to get any kind of real anonimity are very small.

Another example maybe easier to understand is this, I'm considering a political career, this was always one of the things I dreamt of, but there is one thing that could haunt me, I'm an active member of the blogosphere that means, in ten years when I start my career it's quite possible that my opponents might have a complete database of my political remarks of the last 10 years.
The danger of the Internet is not anonymity it is storage capability, digital data doesn't work the same way human memory and opinion works, There will be places like the Well and other who require you to give up anonymity but the Internet as technical system needs ways to stay anonymous.

Banning anonymity or strong crypto because the bad and the annoying use it strikes me as overkill.

Spam, while a human problem, has a technical solution.

As a business eBay is responsible to stamp out fraud and misbehavior on its site.

As an individual, I'll use a nym on the net whenever and where ever I please. Being anonymous does not equate to being rude. I sometimes feel the need to say something an employer may not like. While I may be a wage slave, I sure as hell am not a stupid wage slave.

If I annoy someone while using a nym, what is to ensure that I will be any less annoying should I use my name?

Anonymity doesn't create assholes. It cloaks them. Pull the cloak off and they are still assholes. And nothing has been solved save for the errosion of rights.

I agree with V, and just to illustrate V's point, that previous spam-comment, which will be dealt with technology.

no offence meant to seth godin, but it seems he's not done offering excuses to marketing for more spam, he's now taken to turning cyberspace to a government+business haven.

anonymity online may seem like an uneccessary burden, an obstacle that ought to be overcome, for secure e-commerce transactions to take off. as everyone who's ever read larry lessig's code, which remains the best book, inho, on this matter, an architecture that enables anonymity may have certain downsides (especially from the point of view of governments wishing to keep an eye on citizems, and wishing to continue getting their taxes from commodities sold and bought online, etc)but it also undermines malicious control. we accept that anonymity may hinder the growth in e-commerce, and it may prove a pain in the ass for governments wishing to track dissidents, and so forth, however, we, as activists, also value the contribution of anonymity in our communications.

a good example that comes to mind is remailers. say i work for a powerful and unscrupulous corporation and i want to alert a senior state officer to some wrongdoing, but i fear that my employer might retaliate. what do i do? do i use my *legitimate, corporate* email account? no i use a remailer instead. the list of examples is dramatically long, from reporting abuses of human rights, to organising revolutions.

to godin's credit, many of his ideas are brilliand, and this is why i have a problem with some of his ideas = exactly because his ideas are so influential. so, when godin says we need to put an end to anonymity online, people listen. and his arguments are so well articulated, that many people fall prey to his extraordinary litary wit and opinionated arguments. well, let it be heard, not everyone immersed in cyberspace is obsessed with buying stuff securily and upholding the illegitimate governemt claims to playing big brother.

It seems a spiecious argument to say that "anonymity is already gone, so why not make continuous serveilence even easier". It's simply not true that anonymity is gone, the volume of data alone makes tracking very difficult, and it's not like the FBI can just grab Joi's (or anyone's) server logs, and sift through them and the public content to find the malcontents (and send them off for treatment?).

The questions around persistant digital identity are some of the most important current issues of the Internet. For anyone who hasn't already seen it, the Augmented Social Networks paper is an essential read for anyone thinking seriously about these issues. The main theme of the paper is contrasting the our needs for digital identity as Citizens as apposed to the models being developed to help commercial entities track us as consumers. The authors of this paper are having a difficult time getting financial support to do the necessary work to fully develop this concept and influence the design of commercial identity protocols to insure that they do not endanger our rights as citizens either.

One other point, I don't have a link for this, but I read recently about the effects of different reputation systems on "transaction quality" over time. With a closed system as was common in the recent past, everyone knows everyone and nobody can get away with low quality. On the other hand, with open systems, the point was made that there is a distinct difference between positive vs. negative reputation. With negative reputation, they said that overall transaction quality drifted downward, but with positive systems the results were more like the closed system (higher quality in the long run).

This is sort of like commercial branding where a large investment is made in building up a positive identity, so you would not damage of abandon it lightly, but you can still maintain several for different domains and purposes.

I don't have an analysis of this, but I suspect that most of the problem sited with strict anonymity could be addressed with a technically sound identity system with the properties suggested here and in the ASN paper linked above.

I agree with Joi and many of the other posts that there are advantages and disadvantages of anonymity on the Internet and we should not 'fix' some problems at the expense of the benefits.

More serious than anonymous (an unknown identity) is the false identity where the anonymous becomes believable because they are trusted or known:

-- The virus infected attachment gets opened because you think a friend sent it.
-- A known politician has his words rearranged and credited to him or her.
-- You are redirected to a fake PayPal site.
-- Money is stolen from your account by someone using your card number.

If you know that a source is anonymous you just have to use common sense and ask the question do I believe this or not. If the source is using a stolen identity you need to be smarter than the fraudster if you are not to get your fingers burnt. How can we 'fix' the Internet for those of us who are not so smart? How can we leave the Internet free so that we can see the world at large but have total security for any one-on-one transaction?

I am now off to read Augmented Social Networks to see what solution it offers.

I think most visitors post anonymously not because they want to stay anonymous but because they don’t have time to register for every site just to (for example) leave comments and forget the username & password right after that. Those who want to stay anonymous may register with fake identity anyway. (tools for it) I mean it's often a matter of convenience to remain anonymous.

1 TrackBacks

Listed below are links to blogs that reference this entry: Anonymity on the Internet.

TrackBack URL for this entry:

Joi: The problem with eliminating anonymity in the internet is that it already happened. At no other point in history... Read More