This week the National Archives held its annual digital lecture, which addressed an issue relevant to both society and security. That issue is: how can you have anonymity in a world where your identity is prevalent?
Titled The Death of Anonymity in the Age of Ddentity, the lecture was presented by Carly Kind, director of the Ada Lovelace Institute, who made the valid point that in “everything we do, we are identified.”
This is particularly true of such individuals as Malala Yousafzai and Banksy, where Kind said they used their anonymity to enable political debate, as anonymity can enable political scrutiny as well as act “as a shield” to enable the first amendment and to protect individuals from retaliation. Kind said soon we “will have no choice but to become somebody to everybody,” and we are required to have an identity, as we enter the era of persistent identity.
In relation to privacy, Kind said anonymity is more subtle than privacy, which is the ability to make your own decisions, while anonymity “is often practiced in plain sight, in the public domain.” Kind admitted the two concepts are inter-linked, as privacy allows a conversation to take place, whilst anonymity protects the source who does not wish to be identified.
She said that with the introduction and adoption of biometric authentication into passports and identity cards, it became harder to be more anonymous, and with the introduction of the internet in its infancy it enabled anonymity “and frustrated identifiability.”
She said that the internet was mostly designed for the minimal amount of information an individual had to disclose, as it made it possible for users to assume different identities and enable the freedom of expression, as well as creating “citizen journalists” and whistle blowers.
However, since 2000, the trend has changed to give up more personal information, and the introduction of social media further removed the anonymity factor. Kind said it could be argued that the rise of identifiability, as opposed to anonymity, could increase negative online behavior, as post 9/11 surveillance and the awakening of cybercrime saw anonymity as “enabling extremist movements and online violence.”
Also, as online advertising became more targeted and we signed up for more services, we became the product, and technology enabled advertisers to collect more and more personal data to find a more and more granular buyer.
“The aim of the game became persistent identification, turning online nobodies into somebodies”
“The aim of the game became persistent identification, turning online nobodies into somebodies, uniquely identifying users as they move across the web,” she said, later making the point that the data economy depends on persistent identification, and the collection of identity data is incentivized for data brokers.
As for what is left of anonymity in the age of identity, Kind said it is becoming virtually impossible to be online “in a truly anonymous way” due to online tracking and facial recognition. “We are persistently identified in some form wherever we go.”
In conclusion, Kind said that this may not all be bad, as persistent identification “may lead to greater civility online and off” and while negative behavior, trolling and hate speech are not declining, “perpetrators use technology to their enablement and to conceal their crimes.”
She said it is harder to quantify how much has been lost, as those who seek it do not have the opportunity to “hide behind the shield of anonymity.” In a post-COVID world, where the use of apps to monitor our behavior is becoming normalized, she said “as cultural attitudes towards traditional masks shift; what will be the impact on our approach to the digital mask that anonymity provides?”
The talk made very interesting points, particulary on how the internet was born of a concept to democratize and is now used as a form of free speech on all sides, and where anonymity has been removed in favor of knowing who users are.
From a security perspective, we’ve seemingly struggled with the concept of identity for a while, but as we find the means to better prove who we are, maybe we need to consider if we want to be known at all.