Online anonymity: the debate so far

Since the internet was in its infancy, the rights of users to use it to express their opinions was sacrosanct. When the first laws of the internet were being forged by legislature and in the courts, internet service providers (ISPs) were the focus of these sacred rights and they avoided liability by claiming they were “mere conduits” of these views and not “publishers” of them (and the ECommerce Directive of 2000 confirmed this). This felt like the right approach; by not making the “engineering back office” of the internet liable for the content on it, the internet could flourish. It would remain free thinking and free to use, and freedom of speech would be preserved.

Since that time, we’ve seen revolutions and uprisings overthrow corrupt governments – and allowing people to remain anonymous has protected their views and their freedom. Masses of people have been empowered by access to world-wide information sources, education and communication. The world feels smaller and we’ve celebrated this.

But the flip side of the free speech coin is that trolling and online hate crimes from people who deliberately hide or obscure their identity online has increased. The ability of a person to remain hidden on the internet draws as much criticism as the right to free speech online gets praise. So which should remain enshrined: freedom of speech or freedom from abuse?

How the law approaches free speech

Article 19 of the Universal Declaration of Human Rights (to which the UK became a signatory on adoption in 1948) declares that: “Everyone has the right to freedom of opinion and expression; the right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media regardless of frontiers.” The argument goes that this includes protection for freedom of expression by the right to remain anonymous online.

The GDPR and the Data Protection Act 2018 give internet users the right to privacy and the right to withhold their personal details (from name to location) online.

When the free-speech line is crossed and becomes abuse, criminal law steps in. If an internet user suffers harm because of the activities of an anonymous (or a known) persecutor online, the police have powers to investigate those suspected of sending the messages – whether done anonymously or not. The Malicious Communication Act 1988 and the Communications Act 2003 make it possible to prosecute “trolling” – and many other forms of online harassment are also now covered by legislation.

If the police suspect criminal or terrorist activity, they have wide powers to investigate both the known and dark web (see What is the Deep Web? in the September 2015 issue of this Newsletter) and to arrest, detain and prosecute offenders. We all sleep better knowing this and few people object to these powers being granted to the police.

Are we ever really anonymous?

What has become clear since the Cambridge Analytica scandal is that there was a price for “free” internet and that we’ve given up more of ourselves than we ever intended to. As we have become constantly connected, none of us are as anonymous as we think. Browsing in private mode means cookies aren’t stored and no browsing history is logged on your computer – but that doesn’t stop other computers you are connected to from logging your activity or other applications on your computer monitoring what you are searching. Private browsing is never truly anonymous and even “going dark” will likely still leave a silicon crumb-trail all across the internet (see Tracking: your digital trail in the July 2018 edition of this Newsletter).

Government intervention

There have been famous cases where state authorities have asked tech companies to hand over data and been stone-walled. Perhaps the most famous instance of this is Apple, who refused to unlock the phones of the San Bernadino terrorists who killed 15 people in a mass shooting in December 2015. Apple refused a request from the FBI to add an operating system that would allow an infinite number of passcode attempts to be entered until the right one was selected. Their view was that it would compromise security of millions of Apple device users. At the time most people agreed they would not be comfortable with any government having what amounted to a digital skeleton key to their lives, but does that still feel right?

Flash forward a few years though and, in 2018, the then Digital Minister Margot James promised that new legislation requiring people to register their identity when using the internet would be tabled “at the earliest opportunity after Brexit.” This proposal was in response to a general public perception and acknowledgement that people are emboldened in their opinions online, that cyber-stalking/bullying and overall abuse has risen and that voluntary codes are not effective. We are entitled to know who we are dealing with on the internet and to know who is calling us out, shouting us down or just shadowing us. The main issue with requiring people to register their identity when using the internet is that anyone with criminal intent is unlikely to give correct details and this type of “online passport” might just result in “fake online identities” being purchased. As of writing, we have no further details on this and it seems unlikely that it will top the Governments’ agenda any time soon, though it probably remains the best deterrent against trolling and bullying by the general public.

Changing landscape

What does seem apparent though is that the landscape around what is considered permissible and acceptable online is shifting. One indicator of this is that in September 2019 Facebook pronounced that it was a publisher (whilst defending itself in a lawsuit brought by Laura Loomer) and thus had a right to express its own opinions by blocking what it considered to be extreme views. This is a complete U-turn in policy because, as a publisher, Facebook can be held liable for allowing publication and reproduction of content published on its platform and it opens the business up to potential claims stretching back years. Enabling itself to act as judge and jury of content on its site, Facebook has said it will establish a de facto court for complaints … a difficult position to balance and one which will inevitably cause concern about it being both a regulator and regulated entity.

Might Facebook’s new “curated” approach to content limit the information we have access to? Concern already exists that Facebook and similar social media platforms act as echo chambers that validate opinions we already hold – fuelling precisely the type of extreme views that Facebook says it has a right to edit. Might this new position simply result in more fake news? George Orwell presciently realised that if citizens don’t know what is true and what is false, they can’t make a judgement about what to object to in their lives.

Where does this leave anonymity?

There are genuine public safety concerns around the ability for people to remain hidden online. With every heart-breaking tale of cyber-bullying or grooming and the massive rise in cybercrime as a whole, Governments have to step up and step in and it is clear that there will have to be a move away from anonymity to address these concerns. This debate is much like the current one around “burner phones” and the call to verify ones’ identity before buying a phone; honest people will do so, dishonest people will not and, if they are compelled to, the information they give will almost certainly not be true and this will also be the case with online identity verification.

There are already innumerable platforms that verify identity – some using blockchain to provide immutability and others drawing on verified sources to create a “wallet” or online passport and which could easily be adopted by everyone online. In this respect the technology industry is already finding workable solutions for these problems and if there is a groundswell of public adoption of such programs, it is likely that this type of positive action will be far more effective than law and regulation which quickly becomes obsolete or outmoded. It may be even more relevant to call for verification of identity and origin of information as we move into a world where our reality is digitally augmented and we need clear markers of what is actual and what is virtual.

Further reading

New York Times: Anonymity May Have Killed Online Commenting

Wired: Austria’s general election could spell the end of anonymity online

Financial Times: When online anonymity is a good thing (paywalled)

Joanne Frears is IP & Technology Leader at Lionshead Law, a virtual law firm specialising in employment, immigration, commercial and technology law. She advises innovation clients on all manner of commercial and IP matters and is a regular speaker on future law. Email j.frears@lionsheadlaw.co.uk. Twitter @techlioness.

Image by kalhh from Pixabay.