Regulated Anonymity-A Solution towards Privacy compatible
with National Security
Internet developed in the 70’s because of its ability to provide
an opportunity for anonymous expression by individuals. Even
today Privacy activists are fighting for anonymity as a matter
of right. “Right to be Forgotten” is the new prescription of
privacy laws under development in EU.
There is admittedly, a strong case for
“anonymity” and also “Pseudonomity” as means of protecting the
privacy of an individual on the Internet. However looking from
the perspective of increasing Cyber Crimes and their escalation
to Cyber Terrorism and Cyber Wars, there is an equally strong
case for the demand of the law enforcement for absolute
surveillance and need to identify individuals conducting any
transaction on the Internet. The new laws in most countries
including India and US try to provide for such “ Authorized
Invasion of Privacy”. This brings forth the direct conflict
between Privacy and Crime Prevention while formulating
regulations.
If we agree that even “Democracy” needs to defend Cyber attacks
on its individuals and therefore do everything within its powers
to identify criminals and punish them if they are hiding behind
the privacy rights, then it is necessary to find a solution to
this conflict of interest.
The biggest problem in Privacy advocates accepting to any form
of surveillance is the proven fact that a power meant to secure
the society is always misused by the Government to secure its
own power to rule. Thus, surveillance will be used to gather
information on the activities of the political opponents and to
intimidate the opponents. Thus a dictatorship under the garb of
democracy can always use the powers assumed for national
security of the security of the political party.
It is in this context of both “Anonymity” and “Regulation”
having their own justification that I suggest a system of
“Regulated Anonymity”. This could be a solution to resolving the
conflict between Privacy advocates and the regulators.
The system of “Regulated Anonymity” envisages that a
“Non-Governmental” body of the Netizens will regulate the
anonymity. The system would be similar to the presently
available “Anonimizer” services. However, at present the
anonimizers are either run with a profit motive by a private
company or known groups of law evaders. While an anonimizer run
by a private company will only replace the Government with a
private entity who can be corrupted for an organized breach of
information, an anonimizer run by law evaders will not cooperate
with the regulators even when it is necessary in the interest of
the society.
We therefore need to have an agency which is not a Government
body with political interests, nor a private body with profit
interest nor a criminal body with self protective interests. It
is a challenge of the “Regulated Anonymity” system to find such
an agency.
Perhaps the answer lies in the system of how Wikipedia runs or
some thing similar to it. The control should be with a
distributed set of persons committed to Privacy and Safe
Internet. The interaction with the law enforcement should be
with people who are another set of persons who can evaluate the
requirements of the law enforcement and invoke a trusted
cooperation from the technical team to reveal the identity of
persons behind any offending transaction.
I invite suggestions and comments from legal and technical
persons about how such a system can be designed.
(Part II
in continuation)
Related Article:
Right to be Forgotten
Download
the entire article
Naavi
March 2, 2012
