Speaking at a conference, Mayer said,

“…I think it’s really important as we look at tools to think about how we can support fact checking, how can we guard against misinformation, how is there going to be established an element of authority and trustworthiness? …I grew up with the newspaper and the encyclopedia, which you could trust. And now you have blogs, which are held often as news and often aren’t factual. Or you have Wikipedia, which usually gets most things right, but there are a lot times there is vandalism or corrections that need to be made.”

“When you look at the elements of anonymity and the lack of accountability that happens on the web, it really does start to create doubt in the fibers of who can you trust… The physical world has been around a lot longer, and in the physical world you really can’t do anything anonymously. So when you look at systems online that break that paradigm where you can be completely anonymous, or be whoever you want to be, without any sense of history or of what you did last week, that’s not really reality and that breaks down the elements of trust and authority.”

I think there are a number of things wrong with these statements, including the points raised by Erick, that anonymity is an important defense against authoritarian governments. “Having these open, trusting, everyone-knows-everyone systems is all well and good when you live in the US. It’s not so good in other parts of the world.” I also think there are other problems.

The Premises are Wrong

Mayer has two premises which I think are flawed. The first is that “newspapers and the encyclopedia” are trustworthy. In my 19 years of experience though, I’ve seen that proven false time and time again. The New York Times was shown to be less than trustworthy thanks to Jayson Blair who fabricated and plagiarized stories. Broadcast news was shown to be less than trustworthy thanks to Rathergate. Even the Executive Branch of the government was proven to act and speak on falsities when Colin Powell spoke at the UN. Further, information has never been garnered solely from “trustworthy” sources; it comes from unverified and non-factchecked cocktail party conversations and grocery store gossip, too.

Secondly, the idea that you cannot be anonymous in the physical world is nonsense. It didn’t take the Internet to create anonymity. Sure, Bernstein and Woodward knew who Deepthroat was, but that is functionally no different than your ISP knowing who you are. And as for deciding “whoever you want to be, without any sense of history or what you did last week” only coming about with TCP/IP, that is innaccurate, too. Many a teenager reinvented himself at college and many an individual left town to start a new life. In fact, without pervasive communication technologies like the Internet, I think it is fair to say your history didn’t follow you as easily.

A False Dichotomy Between Anonymity and Trustworthiness

As for the substantive point, that anonymous discourse is inherently less trustworthy, I think it is lucky that this view isn’t true. Psuedonymity, which I view as persistent anonymity, allowed Hamilton, Madison and Jay to write the Federalist Papers under the psyedonym of “Publius.” American Revolutionary War pamphlateers were often anonymous, and countless whistleblowers, including those using WikiLeaks, have been able to inform the public via anonymous speech. As I said in a recent post, anonymity is essential for a free society.

The Supreme Court has recognized as much, saying

“Protections for anonymous speech are vital to democratic discourse. Allowing dissenters to shield their identities frees them to express critical, minority views . . . Anonymity is a shield from the tyranny of the majority. . . . It thus exemplifies the purpose behind the Bill of Rights, and of the First Amendment in particular: to protect unpopular individuals from retaliation . . . at the hand of an intolerant society.”

Anonymity can allow for even more trustworthiness, as in the case of election voting where booths and privacy increase our confidence that the voter chose without undue outside pressure.

Sure, anonymity has and continues to allow offensive, negative speech to flourish. But Mayer’s concern that anonymous online discourse drives its recipients away from engagement is less of a worry than chilling important speech by forced identity. Information, whether digital or physical and whether from anonymous or identified individuals, should always be verified and vetted. Unknown IP addresses have been wrong, but so has Dan Rather. I hope Google recognizes this and continues to allow online identities to run the spectrum of verifiability.

[CC-Licensed Photo Credit]

E.K: The Internet was never designed with security in mind. If I was God, and wanted to fix the Internet, I would start by ensuring that every user has a sort of Internet passport: basically, a means of verifying identity, just like in the real world, with driver’s licenses and passports and so on. The second problem is one of jurisdiction. The Internet has no borders, and neither do the criminals who operate on the Internet. However, law enforcement agencies have jurisdictional limits, and are unable to conduct investigations across the globe. I feel we need an international agency to combat this problem, something like an Interpol for the Internet.

PCW: Won’t your suggestion of Internet Passports remove the anonymity from online browsing, thus causing problems for people who may be operating in countries that are not friendly to their views, and so on?

E.K: There is no such thing as anonymity on the Internet, for the average user. It is relatively easy to identify the casual surfer from his IP address and the ISP’s logs. Criminals, on the other hand, are professionals who know how to hide their tracks. A passport would be beneficial to law-abiding users, and would make it that much more difficult for cyber-criminals to hide.

Admittedly, Kaspersky doesn’t have a whole lot of space to elaborate on his “Internet passport,” so I stand the chance of misunderstanding him, but as I understand it, such an idea would be dangerous and unneeded.

One of the major problems confronting cybersecurity is attribution. When Estonian websites are pounded with DDoS attacks, it is next to impossible for the sysadmins to know if the IP address attacking them is just a zombie conduit or the intentioned attacker. Therefore, it is hard to punish those responsible for cybercrime. An Internet passport would, it seems, lower this level of non-attribution and make the senders accountable for their packet-streams.

Free speech relies on anonymity – a face the Supreme Court has recognized, saying,

“Protections for anonymous speech are vital to democratic discourse. Allowing dissenters to shield their identities frees them to express critical, minority views . . . Anonymity is a shield from the tyranny of the majority. . . . It thus exemplifies the purpose behind the Bill of Rights, and of the First Amendment in particular: to protect unpopular individuals from retaliation . . . at the hand of an intolerant society.”

An “Internet passport” would not only jeopardize that, it would disproportionately affect the innocent. Curiously, Kaspersky seems to make this point, saying “there is no such thing as anonymity on the Internet, for the average users… Criminals, on the other hand, are professionals who know how to hide their tracks.” Does Kaspersky really think a criminal-proof system could be created? It seems to me that cybercriminals would simply steal, fake or cheat the Internet passport system, just as they do with our current equivalent – IP addresses and ISP logs. They have both the intent and capability to do so.

While it is true that regular users can be tracked to a certain extent in our current system, there are dozens of well-known methods available to dissidents, journalists and business people to be anonymous online. An Internet passport, by attempting to curtail the criminals’ use of anonymity would do more damage to those who rely on user-friendly, non-technical solutions like TOR. We should not walk down that path.

Some of the folks involved with taking McColo offline thought it was nonsense that what they did could be abused – after all, they were very conscientious of making sure that the spammers they were punsihing were indeed guilty. My argument wasn’t so much with them, but with the style of enforcement. By no means does the law always get things right, but the checks and balances within it help avoid rash decisions. Take the news out of Michigan State University where a student government leader was found guilty of spamming university faculty after emailing 391 professors about a controversial change in the academic calendar. Although the scale differs, MSU is attempting to do the same thing HostExploit.com does – use extralegal efforts to stop cybercrime. As EFF, FIRE and others point out, in doing so, they overstep constitutional boundaries.

Today’s big news about the RIAA suspending their “sue-the-fans” policy made it clear that extralegal law enforcement is about to explode in popularity. Instead of continuing to file lawsuits against people they allege were downloading or making available music on p2p systems, the RIAA has “hashed out preliminary agreements with major ISPs under which it will send an email to the provider when it finds a provider’s customers making music available online for others to take.” The ISPs will agree to cut off service for repeat offenders (2-3 times).

This has a number of problems. As Fred Benenson points out, the courts are starting to turn against the RIAA’s tactics and legal theories about “making available” but ISPs need not heed those esoteric copyright differences. Instead, they can simply amend their Terms of Service (ToS) to reflect the extralegal arrangement worked out between the RIAA and themselves. Just as the courts are beginning to realize that identifying users based on IP address is flimsy proof at best, ISPs will use this approach to kick users off from the Internet.

Reasonable people may argue that companies should be free to construct ToS to their liking and customers can either take them or leave them; through market forces ToS will become acceptable to both parties, goes the argument. In reality, though, ISPs hold a disproportionate amount of the power in the relationships. It is obvious why few people read ToS – they are infamous for their illegible legalese. They are written by corporate lawyers who have a keen interest in covering all their bases and are often written to give incredible leeway to the company enforcing them. And with the little local competition in the broadband market that most Americans have, taking your business elsewhere is difficult.

As Mike says in discussing this at Techdirt, “These days, an internet connection is a necessity — and taking it away from people because someone is sharing the gift of music with others not for any sort of commercial gain is totally unbalanced.” In promoting freedom of expression, it is critically important to err on the sie of unfettered Internet access. Internet access, per se, may not be a right, but it is crucial to a free information age: Koffi Annan once said, “And of course, the information society’s very life blood is freedom. It is freedom that enables citizens everywhere to benefit from knowledge, journalists to do their essential work, and citizens to hold their government accountable. Without openness, without the right to seek, receive and impart information and ideas through any media and regardless of frontiers, the information revolution will stall, and the information society we hope to build will be stillborn.”

A society of rash decision-making, biased towards revoking Internet access is not one to which we should move, whether the auspices be copyright protection or spam elimination. The legal system can be frustratingly slow and wrongheaded at times, but Americans are lucky to have one of the most robust, honest systems in the world and we shouldn’t toss it away.