Anonymity and the Internet

[HVC]

"Thinking of the children" to push through poorly thought out (or worse malicious) legislation is so cliche even the Simpsons were making fun of it 40 years ago. Sad that it still works on so many.

[Sheilbh]

Regulation is not a buzz word.  And you do a lot of damage by suggesting that it so.  Not the first time and I really wish you would think more carefully about your broad generalizations.

You empower those who think regulation is evil. Much better to do what you did at the beginning of your post to critique the regulation and suggest ways in which it could be made more robust.

I think I do zero damage by having trenchent views and expressing them here

But on the buzzword point I think part of this is a difference in perspective. I'm in Europe and I work in tech and digital law. Regulation absolutely s a buzzword here. There are sweeping regulations that have been brought on tech companies in the last 10 years (all following the justifiable and impressive success of GDPR) - I think the desire to regulate and say we have regulated has taken priority over questions of what the purpose, effectiveness and trade off of those regulations are. This is the point that Breton (and Draghi) have made. There were big celebrations within EU official circles and it was a big point that VDL made that Europe was the first to regulate AI (not really true but I'll leave that to one side).

The purpose of the regulation was to pass a regulation to say we're first. I think part of it is just the European self-image of the EU as a regulatory super-power - I've literally seen this in presentations from European civil servants that America is capitalist and leads the world in developing new technology quickly without regarde to risk, China leads the world in implementing it in support of political and  very "national security" objectives and Europe leads the world in ethics and regulation. I'd add that factually I don't think that's true recently (lots of the world copied GDPR - no-one except the UK has copied the DSA, DMA, AI Act etc).

But also to Breton and Draghi's point why are we celebrating regulating the technologies of the future when we don't actually have any European champions to regulate? It is a chimera of tech sovereignty - and I'd question how meaningfully the Chinese and American tech companies we are relying on are meaningfully complying with those regulations. And as Draghi especially has flagged these regulations meaningfully increase the cost and difficulty for European competitors to emerge. Just within the last few years the EU has passed or started drafting the Data Act, the AI Act, the Cyber Resilience Act, the Digital Markets Act, the Digital Services Act, the EU Accessibility Act, the Digital Fairness Act - there's at least another one or two data and cyber security regulations that are coming but I can't remember. Relatively few businesses will be impacted by all of them - but even just assessing what does or doesn't apply is a lot of work and despite covering very, very similar concepts/issues they don't all fit together ("without regard to x Act/Regulation" does a lot of lifting in the drafting of these). But as I say, the regulation is the point. It is the end rather than the means (and this despite Draghi's recommendations).

I'm reasonably sure that the government already has ways to do entity resolution to associate anonymous accounts with people, but enabling all vendors to do it by removing Internet anonymization would be really bad.  ChatGPT already has a very good read on my personality, strengths and weaknesses.  The idea that, for example, a sales agent can do an AI query on my personality before deciding on what buttons to push to make a sale feels dystopian.

Yeah. On the dystopian front I think the conversation around personalised advertising within AI is interesting for exactly those reasons and it is very much the next frontier in the online behavioural advertising world.

To my eyes, it seems to be regulating users, though. Not big tech. It gifts big tech (and presumably the government) lots of information and helps big tech cover themselves in case of lawsuits. It does nothing to benefit the public, though, only cost them privacy, time, and giving up even more data to more "partners".

I think this is how it entrenches their dominance because they way it's broadly been implemented is as "duties" on the big platforms. It is for them to determine and consider how much they really want to spend on fine grained judgements. It is strengthening their position as gatekeepers/walled gardens - which lets them capture more economic value, which lets them strengthen their dominance etc.

I'd add from a Euro-perspective tax helps but it's the reason OpenAI, Amazon, Meta, TikTok, Google etc all have their European headquarters in Dublin or Luxembourg because it means they interact with those regulators on the day-to-day. Even with the best will in the world and assuming there was no regulatory capture (and there 100% is) we're talking regulators of very small member states taking point dealing with some of the biggest, most technically advanced and well-funded companies in the world. In a way I also think the American model of regulation which you see through state AGs, but also the SEC, may be more effective - where regulation is effectively a form of law enforcement. They hire lots of lawyers who are basically prosecutors, they have warrant powers etc.

The UK regulator on data for example is the best funded in Europe, and I think broadly one of the most technologically sophisticated (the French are also excellent). I was at an event with the former Information Commissioner a few years ago and asked about this and she said the biggest shock was just how much they had to spend on litigation. Because European regulators are administrators - the investigation is led by a case worker with some rights to information, not a prosecutor and not quite as strong as warrant power (the UK regulators now actually have warrant power). There is a trend of European regulators going pretty gung-ho and then it getting overturned on appeal/as soon as judges get involved because they're kind of administrators who keep on fucking up procedurally rather than prosecutors building a case.

In part I think this also reflects the very, very broad remit of a lot of European tech law - so lots of focus is spent on, for example, public sector uses like hospitals and schools or providing guidance for charities or small businesses. All of which is really important but I think needs a slightly different skillset and mindset than the sharp-elbowed, aggressive approach needed with big tech.

[Crazy_Ivan80]

To my eyes, it seems to be regulating users, though. Not big tech. It gifts big tech (and presumably the government) lots of information and helps big tech cover themselves in case of lawsuits. It does nothing to benefit the public, though, only cost them privacy, time, and giving up even more data to more "partners".

indeed.

[viper37]

I came across this article online recently: Security software CEO warns: We could be facing the 'death of anonymity online'

The specific article itself doesn't matter that much, but the general trend towards age verification for adult stuff is real. Similarly, there's the ongoing back and forth in the EU about Chat Control.

I'm curious if any of you have any thoughts or insight on possible less-or-no-anonymity-on-the-net scenarios and potential impacts.

It seems to me that the primary framing of the public discourse is around the following:

• It will allow us to keep children from accessing porn (and other stuff deemed harmful).
• It'll make loads of adults feel weird about accessing porn becuase it'll be linked to their actual identities somehow.
• It'll allow governments way too much insight into political speech and that's going to lead to bad places.
• Something about free speech.

But what are the other possible ramifications?

What's the possible impact on social media if anonymity is curtailed? Will it render large parts of the social media economy reliant on bot farms and the like inoperative? How much of an impact will it have on foreign (or domestic) online influence operations?

How big of a threat is it to the bottom lines of social media companies like Meta, Twitter, etc (and therefore, how much should we expect to see them oppose it)? Or is it not a threat?

To what degree will malicious (or simply profit seeking) actors be able to get personal data on individual people if there's no anonymity? And is it actually that different from what is available to Google, Meta, Microsoft et. al. now?

I'm curious if any of you have any insight or have read any compelling analysis on the topic?

This whole puritanical idea of keeping porn out of children hands is so stupid.

Our data keeps getting leaked by corporations and government who don't invest as much as they should in security, or use antiquated practices.

And we have seen the danger with authoritarian countries such as China, Russia and the US of allowing governments easy access to dissenter's speech.

ICE is requesting information on Reddit's Canadian users who criticized its agents.  The US govt easily censored free speech on social media platforms and traditional media for general users, it's now going after private users.

The Canadian government is going to do the same at some point, don't kid yourself. It's not about porn or pedophilia.  

[HisMajestyBOB]

Probably prudent to put a copy of TailsOS on a USB stick.

[crazy canuck]

"Thinking of the children" to push through poorly thought out (or worse malicious) legislation is so cliche even the Simpsons were making fun of it 40 years ago. Sad that it still works on so many.

Framing regulation in that way is beyond cliché. It's just fucking lazy thinking.

[crazy canuck]

I came across this article online recently: Security software CEO warns: We could be facing the 'death of anonymity online'

The specific article itself doesn't matter that much, but the general trend towards age verification for adult stuff is real. Similarly, there's the ongoing back and forth in the EU about Chat Control.

I'm curious if any of you have any thoughts or insight on possible less-or-no-anonymity-on-the-net scenarios and potential impacts.

It seems to me that the primary framing of the public discourse is around the following:

• It will allow us to keep children from accessing porn (and other stuff deemed harmful).
• It'll make loads of adults feel weird about accessing porn becuase it'll be linked to their actual identities somehow.
• It'll allow governments way too much insight into political speech and that's going to lead to bad places.
• Something about free speech.

But what are the other possible ramifications?

What's the possible impact on social media if anonymity is curtailed? Will it render large parts of the social media economy reliant on bot farms and the like inoperative? How much of an impact will it have on foreign (or domestic) online influence operations?

How big of a threat is it to the bottom lines of social media companies like Meta, Twitter, etc (and therefore, how much should we expect to see them oppose it)? Or is it not a threat?

To what degree will malicious (or simply profit seeking) actors be able to get personal data on individual people if there's no anonymity? And is it actually that different from what is available to Google, Meta, Microsoft et. al. now?

I'm curious if any of you have any insight or have read any compelling analysis on the topic?

This whole puritanical idea of keeping porn out of children hands is so stupid.

Our data keeps getting leaked by corporations and government who don't invest as much as they should in security, or use antiquated practices.

And we have seen the danger with authoritarian countries such as China, Russia and the US of allowing governments easy access to dissenter's speech.

ICE is requesting information on Reddit's Canadian users who criticized its agents.  The US govt easily censored free speech on social media platforms and traditional media for general users, it's now going after private users.

The Canadian government is going to do the same at some point, don't kid yourself. It's not about porn or pedophilia. 

Oh, for fuck sakes, the stupidity of this is astounding.

People share so much fucking personal information online it's ridiculous.  People post their personal views online all the time in a way that is easily traceable to them.

Are you really so naïve as to not understand that state actors can already obtain the information about who is posting information online.

Do yourself a favour and look up what a Norwich Order is.  I can walk into court today and get an order, revealing the identity of anyone in the world who has allegedly defamed my client.

You guys are living in an infantile fantasy that never existed. Most of you wave around the principle of free speech without even understanding what it is you're talking about or the legal context in which it exists.  And you guys are the smart ones in society.

[viper37]

I came across this article online recently: Security software CEO warns: We could be facing the 'death of anonymity online'

The specific article itself doesn't matter that much, but the general trend towards age verification for adult stuff is real. Similarly, there's the ongoing back and forth in the EU about Chat Control.

I'm curious if any of you have any thoughts or insight on possible less-or-no-anonymity-on-the-net scenarios and potential impacts.

It seems to me that the primary framing of the public discourse is around the following:

• It will allow us to keep children from accessing porn (and other stuff deemed harmful).
• It'll make loads of adults feel weird about accessing porn becuase it'll be linked to their actual identities somehow.
• It'll allow governments way too much insight into political speech and that's going to lead to bad places.
• Something about free speech.

But what are the other possible ramifications?

What's the possible impact on social media if anonymity is curtailed? Will it render large parts of the social media economy reliant on bot farms and the like inoperative? How much of an impact will it have on foreign (or domestic) online influence operations?

How big of a threat is it to the bottom lines of social media companies like Meta, Twitter, etc (and therefore, how much should we expect to see them oppose it)? Or is it not a threat?

To what degree will malicious (or simply profit seeking) actors be able to get personal data on individual people if there's no anonymity? And is it actually that different from what is available to Google, Meta, Microsoft et. al. now?

I'm curious if any of you have any insight or have read any compelling analysis on the topic?

This whole puritanical idea of keeping porn out of children hands is so stupid.

Our data keeps getting leaked by corporations and government who don't invest as much as they should in security, or use antiquated practices.

And we have seen the danger with authoritarian countries such as China, Russia and the US of allowing governments easy access to dissenter's speech.

ICE is requesting information on Reddit's Canadian users who criticized its agents.  The US govt easily censored free speech on social media platforms and traditional media for general users, it's now going after private users.

The Canadian government is going to do the same at some point, don't kid yourself. It's not about porn or pedophilia. 

Oh, for fuck sakes, the stupidity of this is astounding.

People share so much fucking personal information online it's ridiculous.  People post their personal views online all the time in a way that is easily traceable to them.

Are you really so naïve as to not understand that state actors can already obtain the information about who is posting information online.

Do yourself a favour and look up what a Norwich Order is.  I can walk into court today and get an order, revealing the identity of anyone in the world who has allegedly defamed my client.

You guys are living in an infantile fantasy that never existed. Most of you wave around the principle of free speech without even understanding what it is you're talking about or the legal context in which it exists.  And you guys are the smart ones in society.

You can obtain a court order to know my real identity and where I live.

I did not post here publicly for everyone to see, inviting the highest bidder to get everything they need to impersonate me at my bank over the phone.

No one is supposed to have public access to my SSN, driver's license with picture, RAMQ id and so on.

I keep reasonable stepts to maintain a degree of privacy, I'll be taking some more later this summer/fall.