An anonymous blog is a
blog without any acknowledged author or contributor. Anonymous bloggers may achieve
anonymity through the simple use of a
pseudonym, or through more sophisticated techniques such as
layered encryption routing, manipulation of post dates, or posting only from publicly accessible computers.[1] Motivations for posting anonymously include a desire for privacy or fear of retribution by an employer (e.g., in
whistleblower cases), a government (in countries that monitor or censor online communication), or another group.
Deanonymizing techniques
Fundamentally, deanonymization can be divided into two categories:
Social
correlation compares known details about a person's life with the contents of an anonymous blog to look for similarities. If the author does not attempt to conceal their identity, social correlation is a very straightforward procedure: a simple correlation between the "anonymous" blogger's name, profession, lifestyle, etc., and the known person. Even if an author generally attempts to conceal their identity (by not providing their name, location, etc.), the blog can be deanonymized by correlating seemingly innocuous, general details.[2]
Technical identification determines the author's identity through the blog's technical details. In extreme cases, technical identification entails looking at the server logs, the
Internet provider logs, and payment information associated with the
domain name.
These techniques may be used together. The order of techniques employed typically escalates from the social correlation techniques, which do not require the compliance of any outside authorities (e.g., Internet providers, server providers, etc.), to more technical identification.
Types
Just as a blog can be on any subject, so can an anonymous blog. Most fall into the following major categories:
Political: A commentary on the political situation within a country, where being open may risk prosecution.[3] Anonymous blogging can also add power to a political debate, such as in 2008 when blogger
Eduwonkette, later revealed as
Columbia University sociology graduate student Jennifer Jennings, successfully questioned
New York MayorMichael Bloomberg's takeover of New York schools.[4]
Revolutionary and counter-revolutionary: These can either be inspiring activity or counter activity, often against a violent state apparatus. For example,
Salam Pax, the Baghdad blogger, wrote for The Guardian newspaper under a pseudonym that he could shed only when
Saddam Hussein no longer ruled in
Iraq. Similar bloggers appeared during the
Arab Spring.[5]
Dissident: Dissident blogs may document life under an oppressive or secretive regime, while not actively promoting or inspiring revolutionary or counter-revolutionary action. Mosul Eye, which has described life under ISIL occupation in Mosul, Iraq, has been called one of the few reliable sources of information on life inside the city since it began in June 2014.[6]
Religious: Views and comments about religious view points and issues, perhaps questioning some written standpoints.[7]
Whistleblower: The whistleblower blog is a modern-day twist on the classical "insider spotting illegality" theme. This can cover all sectors or issues. Among the most notable is that by the
Irish Red Cross head of the international department Noel Wardick, who highlighted that
€162,000 in donations to the
2004 Indian Ocean earthquake and tsunami had sat in an account for over three years. After spending over €140,000 on private investigators and legal expenses to find the whistle blower, including court orders to obtain Wardick's identity from
UPC and Google,[8] the IRC disciplined and later dismissed Wardick. In 2010, an internal enquiry into Wardick's allegations found other such bank accounts, and proposals to overhaul the IRC's management were discussed in the
Dáil on 15 December. Questions were answered by
Tony Killeen, then the Minister of Defence. Wardick later successfully sued the IRC for
unfair dismissal.[9]
Company insider: A company employee or insider reports on company operations and issues from within the organisation. The most famous is probably the Dooce.com blogger
Heather Armstrong,[10] who was fired for writing
satirical accounts of her experiences at a
dot-com startup on her personal blog,
dooce.com.[11]
Community pressure: Written by a citizen of an area, on a particular subject, to bring about a change. In 2007, reporter and blogger
Mike Stark came out in support of anonymous blogger Spocko, who was trying to bring what he called "violent commentary" on
San Francisco area radio station
KSFO to the attention of its advertisers.[12]
Experience/Customer Service: Most experience blogs focus on personal insights or views of
customer service, frequently with dissatisfaction. Most anonymous experience blogs are written anonymously as they allow the customer/user to keep experiencing and using the service, and reporting/blogging, while nudging at a defined and appropriate level against the target organisation. Among these are Sarah Wu's/Mrs Q.
"Fed Up With Lunch" blog, a chronicle of her experience as an adult eating
Chicago area
high school lunch every day for a year,[13] which has now been turned into a book.[14]
Personal: The personal blog strays into personal life in ways that allow more risk taking and open in terms of detail. Hence, many of these blogs are sexual in nature,[15] although many also exist for those with health problems and disabilities and how they see the world and cope with its challenges. Some of the latest personal blogs are seen by many as extended
group therapy, covering issues including
weight loss.[16]
Recently, anonymous blogging has moved into a more aggressive and active style, with organized crime groups such as
the Mafia using anonymous blogs against mayors and local administrators in
Italy.[17]
How online identity is determined
IP addresses
An
IP address is a unique numerical label assigned to a computer connected to a
computer network that uses the
Internet Protocol for communication.[18] The most popular implementation of the Internet Protocol would be the
Internet (capitalized, to differentiate it from smaller
internetworks). Internet Service Providers (ISPs) are allocated chunks of IP addresses by a
Regional Internet registry, which they then assign to customers. However, ISPs do not have enough addresses to give the customers their own address. Instead,
DHCP is used; a customer's device (typically a modem or router) is assigned an IP address from a pool of available addresses. It keeps that address for a certain amount of time (e.g., two weeks). If the device is still active at the end of the lease, it can renew its connection and keep the same IP address. Otherwise, the IP address is collected and added to the pool to be redistributed. Thus, IP addresses provide regional information (through Regional Internet registries) and, if the ISP has logs, specific customer information. While this does not prove that a specific person was the originator of a blog post (it could have been someone else using that customer's Internet, after all), it provides powerful circumstantial evidence.
Word and character frequency analysis
Character frequency analysis takes advantage of the fact that all individuals have a different vocabulary: if there is a large body of data that can be tied to an individual (for example, a public figure with an official blog), statistical analysis can be applied to both this body of data and an anonymous blog to see how similar they are. In this way, anonymous bloggers can tentatively be deanonymized.[19] This is known as
stylometry;
adversarial stylometry is the study of techniques for resisting such stylistic identification.