Archive for June, 2011


June 22, 2011

The whole concept of “Anonymous” does focus attention on a long-running debate about the Internet. How much anonymity should users be permitted? Some people think that everything you do online should be easily traceable to a real person, even by other users. The theory, I guess, is that people will be more polite if they can be held accountable for their online actions in their offline life. A less stringent version is that someone’s real identity should at least be available via legal action, whether that be law enforcement or a court order in a civil case (or areas where the line between the two is blurry, such as copyright infringement.)

Anonymous, the “group”, obviously takes the opposite stance – that no action should be able to be traced to an individual. Indeed, this seems to almost be a basic tenet of the hacker subculture – certainly you’d think so by the love that is pored on Tor and similar tools at hacker cons. It seems that accountability in any way is just something the “business folks” force on the technologists… a necessary evil, at best.

However, both of these positions are, regardless of their ideological merits, technologically infeasible. If someone makes even a token effort to disguise their identity online, it becomes cost prohibitive to track them down in many cases. On the flip side, given sufficient resources, it becomes possible to track down almost anyone eventually. If you saw my recent talk, you’ll know that it requires almost inhuman self-discipline to keep your identity secret from nation-state level adversaries.

So what’s left? Pseudonymity. (Did you see that coming?) Allowing people to adopt online personas that can be penetrated if necessary (e.g., kiddie porn; terrorists) but that give people the ability to interact without worrying overly much about consequences in real life for their opinions.

The other advantage to pseudonymity is that a single real person can adopt more than one online persona and switch between them. This ability can be educational, therapeutic, or detrimental, depending on the person. Conversely, multiple real people can run a single pseudonym.

Pseudonyms have become very common online, especially in completely public forums (as opposed to semi-public spaces like Facebook). Some forums have specific rules that forbid users from posting real names, etc., while others have a sort of “gentleman’s agreement” not to unmask other users or contact them inappropriately. Many leave it up to the users to police themselves.

Why Pseudonymous? It’s not a statement on whether total anonymity or total accountability are right or wrong, nor a belief that pseudonyms are the pinnacle of Internet identity. It’s an acknowledgement that this is the way the Internet works today and that, given technology, law and human culture, it’s likely to be the way the Internet works for the foreseeable future.

Given this observation, the basic tenet of Pseudonymous can be stated as “People should have the right to decide for themselves what information they publish”, or to simplify, “Everyone has the right to privacy.”

By everyone, we mean everyone. The members of Anonymous and LulzSec seem to think they have the right to anonymity but that they can publish other people’s secrets freely. While this may be a political statement in some cases (Wikileaks), in other cases they punish innocent individuals for someone else’s actions (Sony’s customers.)

Pseudonymous believes governments have a right to keep some information secret – national security information, delicate political negotiations, etc. Corporations have the right to keep some information secret – trade secrets, R&D, etc. Perhaps most importantly, individuals have the right to keep information secret, including from corporations and governments. We take no stance on where the line should be drawn; we provide the *ability* to keep information private and let society decide how to use it.

We believe that in some cases, you give up your right to privacy. We believe you do not have the right to invade someone else’s privacy.

Our exploits will not be “epic” or “legendary”. They will be covert, even clandestine. We will disavow all knowledge of any incidents which would seem to further our agenda. We will take no credit for tools we release.

We will keep our tongues firmly in our cheeks.

We are Pseudonymous.

If you want to join us, we’ll contact you. We have your IP address.