Send As SMS

Wednesday, September 20, 2006

Risks to privacy of using pseudonyms in public

Frankowski et. al. have performed an interesting investigation into the Privacy Risks of Public Mentions in which they examine means of determining whether a user in one context is the same person as a user in another context by comparing what they choose talk about in the two contexts (what movies they rate in a ratings database and mention in a public forum in this case). The entire paper is worth a read if you're interested in this sort of thing, but I took away in particular that:
  • there is a substantial re-identification risk to users who mention items that few others mention (you're more likely to identify yourself if you talk about Manual of Arms than if you talk about Titanic); so acting to maintain privacy will mean not talking about non-mainstream topics both in your own name and under an alias; here is another means by which surveillance will tend to chill speech, even if it's anonymous/pseudonymous,
  • in a particularly sparse relation space, you'll have to suppress an awful lot of what you might otherwise talk about (88% of mentions in this case!) to remain free from identification,
  • misdirection (inserting red herrings) is somewhat effective, but may require many red herrings (an anonymous blogger wishing to remain anonymous may need to weave in mentions of lots of irrelevant stuff, perhaps turning off his/her audience) and/or co-ordination.
The corollary of the increasingly unusual subject matter leading to an increasing risk of re-identification strikes me as being particularly interesting. It means that people who want/need to communicate about something that they can't/don't-wish-to be caught discussing need not only hide their trails with great care, but they also need to very carefully segment what they talk about in such a situation, and/or not talk about it at all.

I don't see that there's any fault here, it's just a little sad. I believe that anonymous/pseudonymous public communication ("speech") has value; such communication is difficult and becoming more so.

(via Schneier on Security)