Virtues and Perils of Anonymity: Should Intermediaries Bear the Burden?

AuthorNicolo Zingales
PositionAssistant Professor, Tilburg Law School. Fellow, Center for Technology and Society, Getulio Vargas Foundation
Pages155-171
Virtues and Perils of Anonymity
2014
155
3
A. Introduction: recognizing
different types of anonymity
1
Anonymity is a feature, not a bug, of the Internet.
As Larry Lessig explained when commenting on
the clash between the technical and the social
architecture of the net, “the Internet protocol doesn’t
require that […] you credential who you are before
you use the Internet.”1 In other words, it is only
because of the social protocol that we are pushed
towards identication2.
2
At the same time, however, anonymity is also a
fundamental feature in the social architecture for it
gives individuals the ability to speak in a variety of
circumstances where the revelation of their identity
would compromise it. Peter Steiner effectively
illustrated the centrality of anonymity to our
understanding of the Internet in a cartoon published
in The New Yorker in July 1993, which birthed the
famous adage “On the Internet, nobody knows
you’re a dog”3. The cartoon featured a dog sitting in
front of a computer and (presumably) inserting his
preferences and generalities into a virtual prole,
sharing the insight of the adage to a fellow dog.
That sentence reected an essential property of
Internet communication: individuals engaged in
such communication can mask the real identity to
their audience. The “masking” can be accomplished
by two different means: online anonymity and
pseudonymity. While both are manifestations of
the broader concept of anonymity - the latter being
an attenuated version of the former- it is important
to make clear in what respect the two differ, and
the extent to which they relate to “real world”
anonymity.
3
The most direct form of online anonymity for a
user is, when permitted by the platform where
communication takes place, to avoid giving his or
Virtues and Perils of Anonymity
Should Intermediaries Bear the Burden?
by Nicolo Zingales,* Assistant Professor, Tilburg Law School. Fellow, Center for Technology and Society, Getulio
Vargas Foundation.
© 2014 Nicolo Zingales
Everybody may disseminate this ar ticle by electronic means and m ake it available for download under the terms and
conditions of the Digita l Peer Publishing Licence (DPPL). A copy of the license text may be obtaine d at http://nbn-resolving.
de/urn:nbn:de:0009-dppl-v3-en8 .
Recommended citation: Nicol o Zingales, Virtues and Perils of A nonymity: Should Intermediaries B ear the Burden 5 (2014)
JIPITEC 155, para 1.
Keywords: Internet intermediary liability, anonymity on the Internet, defamation, technological rights
adjudication
via email), which in the Court’s view rendered the
protection conferred to the injured party via direct
legal action against the authors of the comments
ineffective. Drawing on the implications of this (not
yet final) ruling, this paper discusses a few questions
that the tension between the risk of wrongful use of
information and the right to anonymity generates
for the development of Internet communication,
and examines the role that intermediary liability
legislation can play to manage this tension.
Abstract: On October 10, 2013, the Chamber
of the European Court of Human Rights (ECtHR)
handed down a judgment (Delfi v. Estonia) condoning
Estonia for a law which, as interpreted, held a news
portal liable for the defamatory comments of its
users. Amongst the considerations that led the
Court to find no violation of freedom of expression in
this particular case were, above all, the inadequacy
of the automatic screening system adopted by the
website and the users’ option to post their comments
anonymously (i.e. without need for prior registration
2014
Nicolo Zingales
156
3
her generalities altogether. In this case, any message
or action by the user is labeled as originating from
“anonymous” or, alternatively, with some kind of
serial number following the word “user.” A similar
type of online anonymity can be attained if, in a
system of mandatory user registration, there is no
requirement to provide information which will make
him or her actually identiable as pre-condition
to accede to or actively engage in the platform.
Although there is no agreed-upon denition of the
exact type of information that would trigger a loss
of online anonymity4, it is generally understood
that authentication via email address to “join the
community” would sufce for that purpose. In
contrast, pseudonymity does not exclude long-term
relationship with the community of the platform,
but presupposes the creation of a user prole that
identies him or her within that community as the
holder of a particular pseudonym. However, the
system of registration does not guarantee that the
online “persona” chosen by the user represents,
in any way, his or her real identity. In fact,
pseudonymity not only enables people to maintain
several online identities but also allows multiple
individuals to manage a unique persona.
4
The “mask” provided by online anonymity and
pseudonymity is not a peculiarity of Internet
communication; the possibility of corresponding
anonymously was long established prior to the
invention of the Internet, and pseudonyms had been
used throughout history by a number of literary
gures, musicians and authors of political articles5.
What is different in the context of the Internet is the
ease with which the digitalization of communication
and the advancement of tracking technologies have
made it possible for a real identity to be uncovered.
Not only are the logs of every communication
originating from our devices systematically recorded
by internet service providers or the servers through
which we connect, but the use of cookies and other
tracking mechanisms has signicantly affected our
ability to keep anonymity vis a vis the websites that
we visit; in addition, the tools available to infer real
identity from network analysis, patterns of behavior,
and data mining have minimized the extent to
which pseudonymity can be considered an effective
anonymization technique vis a vis not only the other
users of that particular website, but more crucially
the State and private entities offering their services
online. In fact, extensive literature points out the
failure of the conventional mechanisms currently
used to secure anonymity6; in other words, “real
world” anonymity has simply become much more
difcult to accomplish today, in a society that is
increasingly based on online interactions.
5 Furthermore, new technologies have emerged that
afford platforms the opportunity to authenticate the
identity of users in an increasingly reliable manner:
for example, certain platforms have started using
software to verify identities by scanning national ID
cards7, and asking security questions- the answer to
which must match the one contained in the credit
le linked to a particular person’s bank account8.
Soon, we might be confronted with widespread use
of facial recognition technologies for ID verication,
which have already become available on the market9.
Currently, these advanced verication technologies
are used on an opt-in basis, in exchange for access
to special privileges or simply to promote a higher
trust with the other members of the community.
Yet, it is not hard to imagine a future in which
the gap between basic and premium services is so
signicant as to make the anonymous use of Internet
inconceivable as a practical matter. It is precisely to
warn against this danger that this paper aims to offer
a critique of a judgment of the European Court of
Human Rights which, if conrmed on appeal, would
likely lead to the realization of this gloomy picture.
6 Before plunging into the specics of the judgment,
however, it is important to clarify that a discussion
on anonymity cannot abstract from the questions
“against whom” and “in what circumstances”, both
of which qualify as different subtypes of anonymity.
The rst question departs from the assumption
that anonymity is to be seen as an absolute quality
–i.e., erga omnes- and recognizes that an individual
might just aspire to achieve anonymity vis a vis
the other users of the platform, as opposed to an
internet service provider, or the public authority.
In this respect, one should differentiate between:
(1) platform anonymity; (2) customer anonymity;
and (3) citizen anonymity10.
7
(3) (Citizen anonymity) is invariably the most
protected type, one with constitutional rules
in place in different countries to guard citizens
from arbitrary interferences, yet one which tends
to be most easily abridged for law enforcement
purposes, and probably the hardest to ensure at
the technological level11. (2) (Customer anonymity)
refers to the identity given to the provider of the
Internet connection –which can only be hidden in
very limited circumstances; for example, from a
public wi not requiring registration, or another
online service –in which case, anonymity can be
ensured through the use of VPNs, web proxies or
anonymity networks
12
, along with decentralized and
anonymized payment systems. What remains under
(1) (Platform anonymity) then is just a thin version
of anonymity, which can be achieved inter alia
under some form of pseudonymity. It is clear that
escaping identication by the three target audiences
at the same time can be very challenging and can,
occasionally, be an impossible task to accomplish.
8
The second important clarication concerns the
circumstances in which anonymity should be

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT