‘I have nothing to hide, so why worry?’ or so many people think. If you are so sure, then please email me the username and password for all your email and social media accounts… I didn’t think so! Privacy and anonymity are not the same thing and many people get them confused. We all know what the words privacy and anonymity mean, but many of us don’t know how to apply those concepts to today’s digital world. Without a clear understanding of privacy and anonymity they are impossible to protect and, as we learned through Edward Snowden’s revelations, protecting them is more difficult than we ever imagined and apparently more important than we thought.
Privacy is your right. In fact, stealing your personal and private information is a crime in many countries. Privacy concerns content, for example the content of an email.
You also have the right to remain anonymous, if you so choose. Anonymity is about your identity, the sender and recipient of an email for example.
Let’s look at both concepts and how they relate using a few simple examples:
A whistle-blower might want to protect his identity (Snowden didn’t), but he wants the content of his message known to others; or in other words, he wants to remain anonymous while making his message public.
When you send an e-mail, both the sender’s e-mail address and the recipient’s e-mail address are public, and unless you set up an anonymous e-mail account, the e-mail can easily be traced back to you – hence, you are not anonymous. If the email is not encrypted the content of it is public, similar to a post card you drop in the mail. If you choose to encrypt your message, the sender and receiver are still public, but the content of your message is private, because it remains hidden from everyone but you and the receiver.
A phone call is very similar to email, as both the calling number and the number called are publicly known – hence, you are not anonymous. Again, if you don’t encrypt the conversation the content is public, whereas with encryption the content remains between you and the receiver.
Privacy and anonymity are a little more difficult to determine when you browse the web. Most people access the Internet via an unencrypted connection, so both their identity and their activities can be accessed by anyone with the technical capabilities and knowledge, which in some cases doesn’t take much at all.
For example your ISP (Internet Service Provider) assigned your router an IP (Internet Protocol) address and records this assignment, and so, is capable of determining who used what IP at what time – which means you are not anonymous and your activity is not private.
A website you visit will know the IP address your access request came from, but can’t easily translate that into your name, though they will have a lot of technical information about the computer or mobile device you used to access a website. Obviously the website owner knows what content you accessed, how much time you spent, and how you interacted with the site. The best way to describe this case is that you are semi-anonymous, and your activities are not private.
Online storage is a great example to summarize everything we’ve looked at so far. All unencrypted information you upload is readable by the service you are using, and should be considered public; however, if you encrypt the data BEFORE uploading it, that makes your data private. It is important to note that anyone with the decryption keys will be able to view your data, so it is important that only you hold those keys, and that the data is encrypted prior to uploading it.
Depending on the amount of online storage you need you might be able to remain anonymous – if your needs can be satisfied with a free account and you don’t reveal your identity during the signup process.You can, for example, provide false information and use an anonymous email address. Obviously, if you pay for additional storage you will have to provide financial information, which, unless you are using an anonymous payment method, will reveal your identity, and you will no longer be anonymous.
We all have the right to both privacy and anonymity, and understanding both concepts is critical to protecting them. While it is your right to protect your identity, remaining anonymous in today’s interconnected environment is often challenging, but not impossible. The NSA’s elaborate algorithms are darn good at what they are designed to do (uncovering identities, for example) and even the slightest mistake on your part will give your reveal your true identity. Fortunately, hiding from everybody else is a lot easier…
Protecting the privacy of your communication, documents, and online activity isn’t effortless either – it requires good encryption – but it might be easier to accomplish than protecting your anonymity, as long as you remember to keep your encryption keys secure and under YOUR control.
To summarize, anonymity is about concealing your identity, and privacy is about keeping content private. I hope that you now have a good understanding of both concepts and how they apply in today’s interconnected world. I apologize if something wasn’t clear and invite you to ask questions in the comments. I will address how to protect your privacy and anonymity in detail in subsequent posts.
Image Credit: Alex