Internet developed in the 70’s because of its ability to provide an opportunity for anonymous expression by individuals. Even today Privacy activists are fighting for anonymity as a matter of right. “Right to be Forgotten” is the new prescription of privacy laws under development in EU.
There is admittedly, a strong case for “anonymity” and also “Pseudonomity” as means of protecting the privacy of an individual on the Internet. However looking from the perspective of increasing Cyber Crimes and their escalation to Cyber Terrorism and Cyber Wars, there is an equally strong case for the demand of the law enforcement for absolute surveillance and need to identify individuals conducting any transaction on the Internet. The new laws in most countries including India and US try to provide for such “ Authorized Invasion of Privacy”. This brings forth the direct conflict between Privacy and Crime Prevention while formulating regulations.
If we agree that even “Democracy” needs to defend Cyber attacks on its individuals and therefore do everything within its powers to identify criminals and punish them if they are hiding behind the privacy rights, then it is necessary to find a solution to this conflict of interest.
The biggest problem in Privacy advocates accepting to any form of surveillance is the proven fact that a power meant to secure the society is always misused by the Government to secure its own power to rule. Thus, surveillance will be used to gather information on the activities of the political opponents and to intimidate the opponents. Thus a dictatorship under the garb of democracy can always use the powers assumed for national security of the security of the political party.
It is in this context of both “Anonymity” and “Regulation” having their own justification that I suggest a system of “Regulated Anonymity”. This could be a solution to resolving the conflict between Privacy advocates and the regulators.
The system of “Regulated Anonymity” envisages that a “Non-Governmental” body of the Netizens will regulate the anonymity. The system would be similar to the presently available “Anonimizer” services. However, at present the anonimizers are either run with a profit motive by a private company or known groups of law evaders. While an anonimizer run by a private company will only replace the Government with a private entity who can be corrupted for an organized breach of information, an anonimizer run by law evaders will not cooperate with the regulators even when it is necessary in the interest of the society.
We therefore need to have an agency which is not a Government body with political interests, nor a private body with profit interest nor a criminal body with self protective interests. It is a challenge of the “Regulated Anonymity” system to find such an agency.
Perhaps the answer lies in the system of how Wikipedia runs or some thing similar to it. The control should be with a distributed set of persons committed to Privacy and Safe Internet. The interaction with the law enforcement should be with people who are another set of persons who can evaluate the requirements of the law enforcement and invoke a trusted cooperation from the technical team to reveal the identity of persons behind any offending transaction.
I invite suggestions and comments from legal and technical persons about how such a system can be designed.