Privacy and Anonymity on the Internet

This must be April Fools’ Day

Yes, it is. But the topic is serious. Every day, individuals get surprised by institutions’ “betrayal” because their identity and/or actions are outed. On the other hand, leaders at large platforms routinely feel besieged, and feel that they are subject to shifting rules.

?

This issue of First Principles will take an inventory of the two prevalent models, reject both as inadequate, recommend a new model, and provide reminders for individuals, so they can make smart choices.

?

Privacy and Anonymity

They are connected through big data

?

To start our analysis, let us define these two terms:

• Privacy: Your identity is exposed, but your actions are private.
• Anonymity: Your actions are exposed, but your identity is private.

?

The terms are clearly different. However—thanks to the power of big data—this is a difference without a distinction. If you are not anonymous, then software can tie together your disparate actions, build a “digital twin,” and bring in your private activities from various sources. Your privacy is gone. Similarly, if your actions are known (no privacy), then analytics can do a good job of tying them to your real identity.

?

Because of this, we will look at the two together in this article.

Current Models

Both prevalent models are unsatisfying and filled with obfuscation

• All anonymity all the time: e.g., Yelp, classic Glassdoor:
• Pros: Candid conversations, safe for the marginalized or the persecuted
• Cons: Filled with trolls, misinformation, fake reviews, stalking, doxing, pervasive abuse, hatred
• All authenticated: e.g., your company intranet:
• Pros: Accountability
• Cons: Content-free conversations, a forum for HR corporate-speak, PR fluff, and organizational suck-ups

As the cons demonstrate, neither model is satisfying or sustainable. We need a better contract with public-facing platforms.

Recommendation: A Solomonic Strategy

Membership should mean mandatory authentication; public loss of anonymity should be for known situations

?

Private platforms such as employee groups do not have any anonymity, irrespective of what your CEO or HR leader says. My recommendations apply to public-facing platforms.

• Include both named and anonymous contributors.
• Provide greater “conversational rights” to named contributors. In other words, contributors who give up anonymity will gain something in return. This will create a positive value tradeoff.
• Authenticate everyone, including anonymous members.
• Some people will not—or will not be able to—join a platform that authenticates all members. That is OK.
• Under extreme and known situations, anonymous contributors can lose their anonymity.
• -- This must be disclosed at the time of joining, as well as at the time of contributing content.
• -- Some use cases are easy, e.g., clearly illegal conduct such as planning a murder. It becomes trickier with, say, potential libel. If I post that [company X’s] executives are embezzling money, does that qualify for my anonymity to be stripped away? These are the situations that platform owners will have to deal with. But providing numerous examples upfront—before someone joins the platform—will increase trust.

Reminder for Individuals

There is no privacy on the Internet

This destruction of privacy will include “non-Internet” interactions. Get ready for loss of privacy for:

• Medical, psychiatric, and genetic information. Please do not trust HIPAA to keep your health information private.
• Conversations with doctors, lawyers (attorney-client privilege notwithstanding), and pastors/priests
• Tax returns
• Compensation information

I welcome your suggestions, perspectives, and experiences on this important topic. Of course, all your submissions will be publicly visible ??