[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
identity, privacy, & anonymity in cyberspace
hal finney recently wrote an interesting message taking the position that
cypherpunk aims are not so much to pursue total anonymity but
to promote systems with a variety of degrees in identity and
pseudonymity so that the appropriate level can be achieved in various
settings. (for example, borrowing money seems to require that one
sacrifice some degree of anonymity and privacy).
below is a message i have taken to represent the cypherpunk position
from hal finney. this came from chaos.bsu.edu, a fun gopher server with
a lot of cypherpunk position papers (i assume they are representative).
in it, hal argues against identifying anonymous messages,
saying that it would mark them with
a `scarlet a' and relegate them to the `ghetto'. his recent comments
seem more accommodating and less extremist.
>The level of anarchy will
>inevitably increase as larger numbers of people acquire net access.
it seems to me that the cypherpunks already have a name for the kind
of anarchy that can happen when somebody uses pseudonyms to harass and
cause trouble. that word is `detweiler'. do you really know what `anarchy'
is, cypherpunks? as the old parable goes, be careful what you wish for,
you might get it.
hal argues below that `you already know nothing about the people you
interact with on the net' and that `anonymous remailers introduce no
more problems than are already present on the net'. these seem to me
to be flawed arguments. here's why.
first of all, everyone has the experience of going to a party and
knowing nobody there. but the fun of the party is learning about the
people who are there! do we really want an online environment where
identity is as transitory as a nym on IRC? it seems that what everyone
is craving behind the banging on the keyboard is what has been called
active, human `interconnection' to contrast it to `interaction' with
a computer alone (still generally considered an inanimate object).
if we want communities, the places we like to live in, it seems that
identity is intrinsic to them.
next, `anonymous remailers do not introduce any problems beyond those
that already exist'-- aren't we trying to *solve* the problems associated
with building an online community, our civilizations in cyberspace?
it seems to me that if cypherpunks want the rest of the world to adhere
to their ideas, they have to show how they are *superior* to those already
present, and how they *solve* nagging problems. yes, remailers solve the
problem of trying to post messages without identity, but are we sure
this is a `problem' we want to `solve'?
for example, hal notes that
some system operators completely ignore complaints on the net. but
do we really want a community of system operators that simply throw
any feedback to /dev/null? what about when someone is mailbombing Usenet
from a site? isn't what we *really* want a more basic definition of what
is allowed and what is not? besides, under the cypherpunk vision,
operators would never censor a user for postings-- but is it the case that all
cypherpunks can say they have never tried to censor anyone by notes
to sysadmins, i.e. of detweiler?
regarding the pseudonymity issue, it seems to me a more basic,
fundamental design goal might be this: we wish to
make sure that people do not use sensitive private information against us.
it is not a problem for our friends to know this information-- in fact it
is critical that they do (friendship is based on identity!). the
cypherpunk vision seems to split the world into two groups: those people
i trust (my friends) and everyone else (whom i completely distrust with
intense paranoia). this is a very xenophobic and chauvinistic philosophy
at heart.
hal argues below that there is `no line dividing the clean from the
unclean' (real name vs. pseudonymous vs. anonymous etc.).
to the contrary it seems to me to be the case that
either `i know who you are' or i don't. what does it mean for me
to `know who you are'? i admit there is no basic definition, but it
does seem to me that should not prevent us from trying to find one.
for example, it seems to me you cypherpunks have a very important agenda,
but you seem to be extremists. the important goal is `defining what privacy
really means' and cypherpunks seem to take the position, `it means that
nobody knows anything about me'. our society simply cannot function under
this constraint. if i wish to `interconnect', identity is necessary to
minimize risk to the people i `interconnect' with.
so what the cypherpunks might consider is a less extremist elucidation
of what `privacy' means. for example, cypherpunks, what information should
a bank be allowed to have on you when you go in to request a loan? what
should companies be allowed to do with credit histories, and what rights
does the individual have to influence them? if you continue to insist
that `nobody should know who i am' i fear you will be bypassed by more
sophisticated groups that have a less polarized view of issues of
identity and privacy. and it will ultimately be the least controversial
proposals that will shape the future we live in.
the recent hal finney message as well as recent considerations of `morality'
on the list (albeit quizzical) suggest to me you might be open to a
more conciliatory, less dogmatic position on these immensely important issues.
i am going to sign off for awhile in an attempt to advance some new
meaningful projects (such as set up a gopher server), but i thank
you for your stimulating conversations and email, and i apologize to anyone
i have ever offended (send me mail if you feel i have personally left
something unresolved).
hal finney's message follows.
pseudonymously yours,
--tmp
-----BEGIN PGP SIGNED MESSAGE-----
I sent mail to Cypherpunks on this a couple of days ago, but it never
appeared.
There is a problem with the notion that all "anonymous" remailers and
news-posting services should label their messages as anonymous so that
users can decide whether to read them or not. This approach abandons one
of the strongest arguments in favor of anonymous remailers, which is
that the net is inherently an anonymous environment.
Especially as more public access Unix systems, BBS systems, and so on
become part of the net, we are going to see less and less of the strict
controls on identity which were possible when the net was restricted to
a few government labs and large universities. The level of anarchy will
inevitably increase as larger numbers of people acquire net access.
Unless massive and universal authentication efforts are undertaken, it
is going to be more and more the case that you will know little about
the true identity of a poster.
Because of this, those who object to having to read the words of an
"anonymous" poster are taking an untenable position. They are already
reading words of people about whom they know no more than they would
about an anonymous poster. And the argument that "non-anonymous" posters
are subject to a form of discipline not available to anonymous posters -
messages to the system operator - is clearly falsified by the existance
of many sysops who care nothing about complaints. As more and more people
run their own machines with net access, these cases will only increase.
In short, we anonymous remailer operators have every right to be part of
the net. We introduce no more problems than are already happening and
will continue to occur as the net grows and becomes more universal. The
resistance we've seen is from old-time sysops who are unable to adjust
to a changing network environment.
Rather than placating obsolete beliefs about network identity by agreeing
to mark our messages with the scarlett letter A for anonymity, by accepting
that we deserve to be in a ghetto set aside for inferior posts, I feel that
we should challenge the net with messages that blur the distinction between
anonymous and authenticated posts. The sooner people realize that there is
no line that divides the clean from the unclean, the sooner anonymity will
be widely accepted on the net.
Hal Finney
[email protected]
-----BEGIN PGP SIGNATURE-----
Version: 2.1
iQCVAgUBK7S2oqgTA69YIUw3AQEfagP8DlzINcvUDn7jc351S+hHTBz5NtB3RbRC
l+0rgltFcn6QxWaE0GsWFcOa6RcPOe1DOTlwiJejiT6MbnfuDopbUoS98bCiIzLE
0Q2ZVhtsfLs5zFdUj08bRzzU7zyuzSmNoSsCx01O6OiGZB/zs0PEnx/0XqRtXFD2
RM1YTCPIF7Y=
=0zw5
-----END PGP SIGNATURE-----