Bruce Schneier, in Crypto-Gram: January 15, 2008, writes an excellent article on the ease of re-identifying “anonymized” data. The Census, research results, survey results, and many other databases are released with identifying information removed with the intent to protect the identity of the subjects in the database. It turns out that it is disturbingly easy to attach the real identities again.
This article What’s In A Name at Design Observer, Steven Heller argues against the use of pseudonyms and anonymity in blogs. He states, but never really argues, that pseudonyms are:
Despite the fact that I blog under my real name, few may find it surprising that I disagree with his claims. In this age where every word we post will last well beyond our years on earth, one should take great care about posting anything under a real name. I hold very different opinions now than I did when I was young. I would not want to have those thoughts thrown back in my face. Many bloggers hold opinions that run counter to those of their employers. Making strong arguments that might be detrimental to ones employer could well be a “career limiting move”. The fear of such retaliation is often much worse than the reality. The chilling effect on speech can be significant. Far from being cowardly, I argue that pseudonymous blogging is simply prudent in many cases.That pseudonyms are deceitful would seem to apply to only a very small subset of bloggers, those who are using a pseudonym that appears to be real but is not and which is masking a true identity that, if known, would significantly color a readers interpretation of the blog. In other words, where the choice of the pseudonyms is made with an intent to deceive. The vast majority of pseudonyms I have seen used are obviously such. There is no doubt that the author is using a pseudonym. The desire to speak from behind a mask is completely overt. In addition to security and privacy concerns, one may well choose to do this to allow the writing and arguments to stand on their own, completely apart from the identity of the writer. For example, in a forum on Israeli / Palestinian issues, the ethnicity of a posters name is likely to completely overshadow the content of the message. A pseudonym allows the reputation of the blogger to be developed on its own. If the arguments and information are sound, the reputation with grow. Because names are not unique identifiers, the use of a real name (or apparently real name) in a blog may give an unrealistic sense of attribution.I completely support the right of people to create spaces where people must be identified. It is their right to do so, and is completely appropriate and reasonable. It is unreasonable and inappropriate to suggest that this should be imposed on the entire Internet and all communications therein.
Israel recently forced Google to hand over the identity of a blogger. Declan McCullagh wrote a good post covering the facts of the case. This case illustrates one of the problems caused by the international nature of the Internet. A message, article, or blog post you write (completely legally) in your country, may subject you to prosecution and punishment in another. I am not thinking here of obvious and major crimes such as fraud, child pornography, etc. (and even these are not universally criminal), but rather of more subtle speech and thought crimes.In the United States, the “truth” is an absolute defense in liable cases, while in the UK it is not (lawyers in the audience, please correct me if I am in error here). Denial of the holocaust is protected first amendment speech in the US but not in much of Europe. Personal sharing of copyrighted materials is legal in many countries, but not the US. Think cartoons of Mohammed, the Satanic Verses, the secret teachings of the Scientologists, pictures of Burmese protests, publishing of Cryptography software. Each of these is legal in some countries and not in others.How can anyone know if their words or actions might be illegal in some country somewhere in the world.
Free Secure Email Certificates Secure Email Certificate Email Security Digital Email SignaturesUsing email encryption is often a complicated and painful process. These days strong SMIME based encryption is built in to almost all major email clients. The cost and complexity of obtaining the necessary cryptographic certificates is the biggest obstacle to wide spread use at this point. Sites like Comodo make the process easier. While the security model is not perfect, any reasonable application of crypto and certificates will vastly improve the general security of email.
The Raw Story | US drafting plan to allow government access to any email or Web searchNational Intelligence Director Mike McConnell is developing new policies for Internet intelligence gathering. It looks like the changes may be very broad and deep. I worry that this kind of change often has significant impacts on civil liberties while providing minimal improvements to our security.Bad guys have any number of ways of protecting their communications and activities. It is the innocent Internet user that will be caught in this bigger and tighter net.
