However, many people don’t want the things they say on the internet to be connected to their real identities, and there are good reasons why people would want to remain anonymous when using the internet. Anonymity can provide some of the same protection as privacy in the discussion of sensitive topics (such as medical and psychological matters), and can be used to voice political dissent without facing persecution in countries with repressive political regimes, or to avoid retribution when divulging information about misconduct that criminals, governments or corporations would want to suppress (Palme, 2002). Unfortunately, there is a darker side to anonymity in which it can also be used to cloak criminal or malicious activity on the internet, such as money laundering, drug dealing, terrorism, fraud, and preying upon the vulnerable, which ironically impinges on the privacy of other people (Armstrong and Forde, 2003). The proliferation of cyber-crime has prompted governments and security experts to create surveillance policies that further narrow the possibility for ordinary citizens to protect their privacy (Palme, 2002).
To combat the growing threat to personal privacy, anonymizing services have been developed to make it possible to send messages anonymously. One type of such services is an anonymity server, which receives messages and re-sends them under an anonymous address. There are two types of anonymity servers: those that offer full anonymity since no identity information is forwarded with the message, and pseudonymous servers, which forwards the message under a pseudonym so that other people can reply to the original message without knowing the original address of the one who sent it (Palme, 2002). A problem with this single-proxy approach to achieving anonymity is that the anonymous server is vulnerable because it represents a single point that is open to failure or attack. If the server has to go down for maintenance or because it becomes the target of a denial-of-service attack, there is no back-up to continue services. There have been cases where corporations or other entities have pressured police to raid the location of such servers, forcing its administrators to reveal the identity of those who use the server for purposes they object to (Palme, 2002). With the high level of controversy surrounding anonymous servers, it is no surprise that they tend to have a short life-time (Eklund).
These days people tend to prefer to use more advanced anonymizing services that utilize a network of proxies as the intermediary between the origin and destination of information. One method of this is called “onion-routing”, and one of its major manifestations is Tor. Tor works by allowing users to join a network of computers around the world that randomly exchange information between each other in an encrypted layered protocol before sending that information to its destination (Schneier, 2007). While all information within the network enjoys this level of encryption, it eventually passes though an exit node in an unencrypted form prior to arriving at its original destination. This means that whoever is operating the exit node potentially has access to all this information, especially if the original data going into the network isn’t protected by the original user’s own attempts to encrypt it, which happens to be the case most of the time (Schneier, 2007). For this reason, even the most sophisticated efforts to achieve anonymity on the internet presume that the administrators can be trusted and such attempts do not offer complete privacy.
Armstrong, H.L., and P.J. Forde. “Internet anonymity practices in computer crime.” Information Management & Computer Security 11:5 (2003):209-215.
Eckert, Claudia and Alexander Pircher. “Internet anonymity: problems and solutions.” Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge (2001): 35-50.
Eklund, Esa. “Controlling and Securing Personal Privacy and Anonymity in the Information Society.” Helsinki University of Technology:
Department of Computer Science. 5 April 2009 <http://www.niksula.hut.fi/~eklund/opinnot/netsec.html>
Palme, Jacob. “Anonymity on the Internet.” Stockholm University: Department of Computer and System Sciences. 30 July 2002. 5 April 2009 <http://people.dsv.su.se/~jpalme/society/anonymity.html>
Schneier, Bruce. “Lesson From Tor Hack: Anonymity and Privacy Aren't the Same”. Wired.com. 20 Sept. 2007. Wired Magazine. 5 April 2009 <http://www.wired.com/print/politics/security/commentary/securitymatters/2007/09/security_matters_0920>