Is Anonymous Blogging Possible?
posted by Daniel Solove
Howard Bashman at How Appealing muses whether anonymous blogging is really possible:
These days, however, most users of the internet understand that every bit of information communicated electronically leaves electronic fingerprints that can be used to trace the source of the information, even if the source hoped to remain anonymous. To be sure, there are ways to anonymize emails and other forms of communication, but they tend to be complicated to use and difficult to figure out. . . .
I doubt whether anonymous blogging is possible. It surely isn’t possible if the blogger conducts email correspondence with others and fails to mask his or her internet protocol address. Plus, even the act of logging on to a blogging service provider, such as TypePad or blogger, leaves electronic fingerprints, and I’d have to assume that “UTR” had a TypePad subscription, enabling someone to subpoena the blog owner’s identity and/or payment information. So, to you anonymous bloggers out there, have fun, but don’t fool yourselves into thinking that simply by not providing your identity you are doing an effective job of remaining hidden.
I generally agree that it is very difficult to blog anonymously, but it is certainly possible if a person is careful.
First, the term “anonymous” is often used as a catch-all term that refers to many things, such as psedonymous blogging. To be more precise, there’s (1) anonymous blogging (no name or identifier attached); and (2) pseudonymous blogging (using a pen name, such as A3G). It is hard to have an anonymous blog since it depends upon having a stable existence — and hence the blog itself becomes the pseudonymn — so perhaps the only real anonymity is when people post anonymous comments. Beyond anonymity and pseudonymity, there’s the issue of linkability. To what extent can a person’s anonymous or pseudonymous postings be linked to their true identity? This is what Bashman is referring to in his post.
Of course, there are some limited legal protections for the anonymous blogger from being unmasked in a lawsuit or by the government, but these protections are limited. What Bashman is referring to, however, is whether it is possible to blog in a way so as to never be linked to one’s blog.
Here’s one possible relatively easy way to blog anonymously (in the sense of not having one’s true identity linkable to one’s blog): A person can sign up for a free account on Google’s Blogger, having only to provide an email address as a contact point.
For the contact email, a person could establish a Yahoo email account which anybody can readily establish from anywhere. If a person is careful to not use any computer that she can be linked to, she might be able to pull off anonymous blogging. A person could just move around to various coffee shops, schools, apartment buildings, and other places with unsecure WiFi connections and connect wirelessly to their networks. Of course, this would probably mean not being able to blog while at work . . . which I’m sure absolutely nobody does . . .
I am by no means an expert on the technical issues involved here, so I would welcome the comments of those with greater expertise. Would the above way of blogging (if done carefully) prevent a person from being linked to her blog?
For more on blogging anonymously, see the EFF manual, How to Blog Safely.
Related Posts:
1. Solove, Article III Groupie Groupie
2. Solove, The Mysterious Disappearance of Article III Groupie
3. Solove, Article III Groupie Disrobed: Thoughts on Blogging and Anonymity
4. Solove, The Blog Impersonators
5. Solove, A Victory for Anonymous Blogging
November 17, 2005 at 2:07 pm
Posted in: Anonymity, Blogging, First Amendment, Privacy
Print This Post
Responses (17)
Mike - November 17, 2005 at 2:27 pm
For the contact email, a person could establish a Yahoo email account which anybody can readily establish from anywhere. If a person is careful to not use any computer that she can be linked to, she might be able to pull off anonymous blogging.
Unless I have another false memory, Gmail does not give out your IP address.
Paul Gowder - November 17, 2005 at 3:16 pm
In addition to the EFF site, this page also has some useful information.
Paul Gowder - November 17, 2005 at 3:25 pm
Incidentally, in terms of the wifi, I’d be nervous about possible tracing to the wifi card by the service providers who run the wifi points. Do the cards transmit unique identifiers to the wifi points? (I’m not sure.) If so, safer is open computers, which might be found, e.g., at many libraries, at busy cyber-cafes where you can pay with cash, etc.
A Frolic of Her Own - November 17, 2005 at 4:35 pm
Secrets and lies
Concurring Opinions has a useful discussion about how to prevent your blog from being linked to your real-life identity. While a lot of the discussion focuses on protecting yourself from a subpoena, I imagine the goals of many bloggers are
The Volokh Conspiracy - November 17, 2005 at 5:37 pm
Anonymous Blogging:
In the wake of David Lat’s decision to come forward as A3G, Howard Bashman has some thoughts on the viability of anonymous blogging. Howard is absolutely corr…
anon - November 17, 2005 at 6:01 pm
The First Amendment protects anonymous speech, yes?
Shouldn’t it be actionable if someone “outs” you without your consent? Seems like there’d be damages…a subpoena is a different story, but in the fact of imminent bodily harm or national security one should have a leg to stand on if anonymity of past posts is desired. I’m not sure either way…
John Jenkins - November 17, 2005 at 6:54 pm
Paul Gowder: All network interface devices (NICs, wireless cards) have a MAC address that can be identified (go to start/run/ and type cmd, then type ipconfig /all and you will see your MAC address reported as “Physical Address” for each of your network connections).
John Jenkins - November 17, 2005 at 6:56 pm
I should have noted that only works with Windows XP, but there are ways to do it with other versions of Windows, and I assume other operating systems as well.
Paul Gowder - November 17, 2005 at 8:33 pm
John: thank you. I suspected as much, but wasn’t sure, since wireless can probably be done without such an individualized address by means of fancy frequency-shifting. Alas…
gr - November 17, 2005 at 8:45 pm
“I am by no means an expert on the technical issues involved here, so I would welcome the comments of those with greater expertise. Would the above way of blogging (if done carefully) prevent a person from being linked to her blog?”
If someone can get access to the records of the blog host, it gets harder. Because the host would know what IP addresses you’re using. And so would the service with the anonymous email account you’ve set up. This gets closer to finding you. Mine probably identifies my Comcast cable modem, which Comcast can link to my name on the bill. My housemates also get identified to my name
People who this blogger links to would be able to see the IP addreses of those who follow the link to their sites. The blogger should avoid clicking on the links on his own site, he is giving the target site his IP address connected with the fact that he followed the referrer link.
I don’t know if comment services like haloscan or the other comments allow img tags. Because with those then a commenter could introduce a ‘web bug’ a small image on the site. The commenter would know everytime a comment had been displayed, and to what IP address.
arbitraryaardvark - November 17, 2005 at 9:39 pm
If it’s so easy to know who’s who, then who was John Doe in Cahill v Doe (Del 2005)? Granted that was a discussion board and not a blog. I do know who Anonymous was, in Anonymous v Delaware (Ct Chanc. 2001). $1 to first proof of who Doe was.
Who I am is easy.. I’m that aardvark.
Chris Farris - November 18, 2005 at 1:27 am
I see two concerns on the blogging anonymously issue. The first is “I want to express myself and I’d rather not have what I said haunt me in the future”. The second is “I want to say something that is either a crime or libel and I don’t want a subpoena”.
In the first case it is very easy (with technical knowledge of the Internet) to blog anonymously. Like suggested above, you can setup fake yahoo or gmail addresses and setup an anonymous blog account. You want to be careful that the email service doesn’t put your originating IP address in the headers of the email. Ask a geek for help with that.
Now, if you want to do something that might generate a subpoena (or for that matter any of the various instruments of the PATRIOT Act) you need to be much more careful. You definatly need to use web anonymizers – proxies that encrypt your traffic and change the IP address you are coming from. Use several. If the Government or a plaintiff is motivated enough they can trace you back through each link in the chain. Making one or more links in that chain reside overseas is helpful.
Best bet in the latter case is to drive to a different city, find an insecure wireless access point, and bounce through a few anonymous gateways to get to your blogger or gmail account. I’d recommend using a residential unsecured accesspoint as there is less chance the MAC address (every wireless card has a unique identifier to prevent collisions on the network) will be logged.
gr - November 18, 2005 at 9:48 am
“I’d recommend using a residential unsecured accesspoint as there is less chance the MAC address (every wireless card has a unique identifier to prevent collisions on the network) will be logged.”
The latest issue of 2600 (Autumn, 05) has a script that will randomize your supposedly unique MAC address on unix systems.
Amanda - November 18, 2005 at 12:21 pm
Ethan Zuckerman (Berkman Fellow) and Nart Villeneuve (Citizen Lab), as well as Dmitri Vitaliev (Frontline Defenders) and Wojtek Bogusz (Tactical Technology Collaborative) gave a presentation on this today at WSIS. Please see: http://cyber.law.harvard.edu/home/home?wid=10&func=viewSubmission&sid=856
Crescat Sententia - November 24, 2005 at 11:06 am
Vigilance
To use the public-access internet in Rome requires that one produce a passport or national ID card. I believe the goal of this is to fight terrorism, but it also means it would probably be well-nigh impossible to run an…
Crescat Sententia - November 24, 2005 at 11:07 am
Vigilance
To use the public-access internet in Rome requires that one produce a passport or national ID card. I believe the goal of this is to fight terrorism, but it also means it would probably be well-nigh impossible to run an…
John - January 24, 2006 at 8:19 pm
It may not be possible to create a blog truly anonymously, there are thigns you can do to promote your own anonymity. First, don’t give out your name, and disguise your alias well. Second, sign up with a provider that would be hard pressed to release your identity, either through email addresses or IP traces, like Google/Blogger.
On the other hand, there are so-called “anonymous communitities” that provide allowances to blog on a particular subject or topic. On such example is Tangst, found at http://tangst.blogspot.com/, an anonymous community, run on Blogger, by teens and for teens. Posts are made anonymously (more often than not) by all its members, then one of the admins publishes the post to the main site, where it is discussed at length.
Everything is allowed to be anonymous; even many of the admins remain anonymous themselves. Some people choose to use an alias or name when posting, but many delightfully engage without care as to who each other may be.
This community is limited in scope, to be sure, but the concept is valid. The admins make a point not to record identifying traffic and tracing data beyond that which is collected by the Blogger server transaction logs. The users can post anonymously, and remain that way.
It would be interesting to see this concept spread to other venues of the web. Conceivably, a community could be used as a sham for one’s own blogging, but if really truly used, the concept provides a strong, intricate relationship among its readership.
Leave a Reply