Sunday, October 7, 2018

Economics of anonymity -- but whose economics?

Re-reading the posts I've tagged with the anonymity label, I think I finally put my finger on something that had been bothering me pretty much from the beginning.  I'd argued (here, for example) that economic considerations should make it hard to successfully run an anonymizer -- a service that allows you to connect with sites on the internet without giving away who or where you are.  And yet they exist.

The argument was that the whole point of an anonymizer is that whoever's connecting to a given site could be anyone using the anonymizer, that is, if you're using the anonymizer, you could be associated with anything that anyone on the anonymizer was doing.  Since some things that people want to do anonymously are risky, an anonymizer is, in some sense, distributing risk.  People doing risky things should be happy to participate, but people doing less risky things may not be so willing.  As a result, there may not be enough people participating to provide adequate cover.

However, this assumes that anyone can be (mis)taken for anyone else.  At the technical level of IP addresses, this is true, but at the level of who's actually doing what, which is what really matters if The Man comes knocking, it's less applicable.

There are lots of reasons to want anonymity -- the principle of the thing, the ability to do stuff you're not supposed to be able to do at work, wanting to hide embarrassing activity from the people around you, wanting to blow the whistle on an organization, communicating to the outside world from a repressive regime, dealing in illicit trade, planning acts of violence and many others.  The fact of using an anonymizer says little about why you might be doing it.

If I'm anonymously connecting to FaceSpace at work, there's little chance that the authorities in whatever repressive regime will come after me for plotting to blow up their government buildings, and vice versa (mutatis mutandis et cetera.).  In other words, there's probably not much added risk for people doing relatively innocuous things in places where using an anonymizer is not itself illegal.

On the other hand, this is little comfort to someone trying to, say, send information out of a place where use of the internet, and probably anonymizers in particular, is restricted.  The local authorities will probably know exactly which hosts are connecting with the anonymizer's servers and make it their business to find out who's associated with those hosts -- a much smaller task than tracking down all users of the anonymizer.

This is much the same situation as, say, spies in WWII trying to send radio messages out before the local authorities can triangulate their position.   Many of the same techniques should apply -- never setting up in the same place twice, limiting the number of people you communicate with and how much you know about them, limiting the amount of information you know, and so forth.

So I suppose I'll be filing this under not-so-disruptive technology as well as anonymity.