Root Privileges

anonymity

artificial intelligence Bharatiya Janata Party blogging CERN Chandrayaan 2 climate change Covaxin COVID-19 COVID-19 pandemic Donald Trump Elon Musk Facebook fantasy fiction Gaganyaan Higgs boson India-based Neutrino Observatory Indian Council of Medical Research Indian Space Research Organisation ISRO journalism K Sivan Large Hadron Collider NASA nationalism Nobel Prizes novel coronavirus Open Access particle physics peer review Prime Minister Narendra Modi pseudoscience Quantum mechanics Science science communication science fiction science journalism science writing scientific publishing scientific research scientism social media SpaceX The Hindu The Wire Twitter

  • Anonymity in journalism and a conflict of ethics

    I wrote the following essay at the invitation of a journal in December 2020. (This was the first draft. There were additional drafts that incorporated feedback from a few editors.) It couldn’t be published because I had to back out of the commission owing to limitations of time and health. I formally withdrew my submission on April 11, 2022, and am publishing it in full below.

    Anonymity in journalism and a conflict of ethics

    Tiger’s dilemma

    I once knew a person, whom I will call Tiger, who worked with the Government of India. Tiger was in a privileged position within the government, not very removed from the upper echelons in fact, and had substantial influence on policies and programmes lying in their domain. (Tiger himself was not a member of any political parties.) Tiger’s work was also commendable: their leadership from within the state had improved the working conditions of and opportunities for people in the corresponding fields, so much so that Tiger was generally well-regarded by their peers and colleagues around the country. Tiger had also produced high-quality work in their domain, which I say here to indicate Tiger’s all-round excellence.

    But while Tiger ascended through government ranks, the Government of India itself was becoming more detestable – feeding communal discontentment, promoting pseudoscience, advancing crony capitalism and arresting/harassing dissidents. At various points in time, the actions and words of ministers and senior party leaders outright conflicted with the work and the spirit that Tiger and their department stood for – yet Tiger never spoke a word against the state or the party. As the government’s actions grew more objectionable, the more Tiger’s refusal to object became conspicuous.

    I used to have trouble judging Tiger’s inaction because I had trouble settling a contest between two ethical loci: values versus outcomes. The question here was that, in the face of a dire threat, such as a vengeful government, how much could I ask of my compatriots? It is undeniably crucial to join protests on the streets and demonstrate the strength of numbers – but if the government almost always responds by having police tear-gas protesters or jail a few and keep them there on trumped-up charges under draconian laws for months on end, it becomes morally painful to insist that people join protests. I might wither under the demand of condemning anyone, but especially the less privileged, to such fates. (The more-privileged of course can and should be expected to do more, and fear the consequences of state viciousness less.)

    If Tiger had spoken up against the prime minister or any of the other offending ministers, Tiger would have lost their position within the government, could in fact have become persona non grata in the state’s eyes, and become earmarked for further disparagement. As symbols go, speaking up against an errant government is a powerful one – especially when it originates from a person like Tiger. However, speaking up will still only be a symbol, and not an outcome. If Tiger had stayed silent to continue to retain their influential place within the government, there is a chance that Tiger’s department may have continued its good work. The implication here is that outcomes trump values.

    Then again, I presume here that the power of symbols is predictable or even finite in any way, or that they are always inferior to action on the ground, so to speak. This need not be true. For example, if Tiger had spoken up, their peers could have been motivated to speak up as well, avalanching over time into a coordinated, collectivised refusal to cooperate with government initiatives that required their support. It is a remote possibility but it exists; more importantly, it is not for me to dismiss. And it is at least just as tempting to believe values trump outcomes, or certainly complement them.

    Now, depending on which relationship is true – values over outcomes or vice versa – we still have to contend with the same defining question before we can draw a line between whom to forgive and whom to punish. Put another way, when confronted with deadly force, how much can you ask of your compatriots? There can’t be shame in bending like grasses against a punishing wind, but at the same time someone somewhere must grow a spine. Then again, not everyone may draw the line between these two sides at the same place. This is useful context to consider issues surrounding anonymity and pseudonymity in journalism today.

    Anonymity in journalism

    Every now and then, The Wire and The Wire Science receive requests from authors to not have their names attached to their articles. In 2020, The Wire Science, which I edit, published at least three articles without a name or under a pseudonym. Anonymity as such has been commonly around for much longer vis-à-vis government officials and experts being quoted saying sensitive things, and individuals whose stories are worth sharing but whose identities are not. It is nearly impossible to regulate journalism, without ‘breaking’ it, from anywhere but the inside. As evasive as this sounds, what is in the public interest is often too fragile to survive the same accountability and transparency we demand of government, or even what the law offers to protect. So the channels to compose and transport such information should be able to be as private as individual liberties and ethical obligations can allow.

    Anonymity is as a matter of principle possible, and journalists (should) have the liberty, and also the integrity, to determine who deserves it. It may help to view anonymity as a duty instead of as a right. For example, we have all come across many stories this year in which reporters quoted unnamed healthcare workers and government officials to uncover important details of the Government of India’s response to the country’s COVID-19 epidemic. Without presuming to know the nature of relationships between these ‘sources’ and the respective reporters, we can say they all likely share Tiger’s (erstwhile) dilemma: they are on the frontline and they are needed there, but if they speak up and have their identities known, they may lose their ability to stay there.

    The state of defence reporting in India could offer an important contrast. Unlike health (although this could be changing), India’s defence has always been shrouded in secrecy, especially on matters of nuclear weapons, terrorist plots, military installations, etc. Not too long ago, one defence reporter began citing unnamed sources to write up a series of articles about a new chapter of terrorist activities in India’s north. A mutual colleague at the time told me he was unsettled by the series: while unnamed sources are not new, the colleague explained, this reporter almost never named anyone – except perhaps those making banal statements.

    Many health-related institutions and activities in India need to abide by the requirements of the Right to Information Act, but defence has few such obligations. In such cases, there is no way for the consumers of journalism – the people at large – to ascertain the legitimacy of such reports and in fact have no option but to trust the reporter. But this doesn’t mean the reporter can do what they wish; there are some simple safeguards to prevent mistakes. One as ubiquitous as it is effective is to allow an offended party in the story to defend itself, with some caveats.

    A notable example of such an incident from the last decade was the 2014 Rolling Stone investigation about an alleged incident of rape on the University of Virginia campus. The reporter had trusted her source and hid her identity in the article, using only the mononym ‘Jackie’. Jackie had alleged that she had been raped by a group of men during a fraternity party. However, other reporters subsequently noticed a series of inconsistencies that quickly snowballed into the alarming revelation that Jackie had probably fabricated the incident, and Rolling Stone had missed it. In this case, Rolling Stone itself claimed to have been duped, but managing editor Will Dana’s note to readers published after a formal investigation had wound up contains a telling passage:

    “In trying to be sensitive to the unfair shame and humiliation many women feel after a sexual assault, we made a judgment – the kind of judgment reporters and editors make every day. We should have not made this agreement with Jackie and we should have worked harder to convince her that the truth would have been better served by getting the other side of the story.”

    Another ‘defence’ is rooted in news literacy: as a reader, try when you can to consider multiple accounts of a common story, as reported by multiple outlets, and look for at least one independently verifiable detail. There must be something, but if there isn’t, consider it a signal that the story is at best located halfway between truth and fiction, awaiting judgment. Fortunately (in a way), science, environment and health stories frequently pass this test – or at least they used to. While an intrepid Business Standard reporter might have tracked down a crucial detail by speaking to an expert who wished to remain unnamed, someone at The Wire or The Hindu, or an enterprising freelance journalist, will soon have been able to get someone else on the record, or find a document in the public domain attesting to the truth of the claim.

    Identity as privilege

    I use the past-tense because, since 2014, the Bharatiya Janata Party (BJP) – which formed the national government then – has been vilifying any part of science that threatens the mythical history the party has sought to construct for itself and for the nation. The BJP is the ideological disciple of the Rashtriya Swayamsevak Sangh and the Vishwa Hindu Parishad, and soon after the BJP’s ascent, members of groups affiliated with these organisations have murdered at least three anti-superstition activists and others have disrupted many a gathering of scholars, even as senior ministers in government have embarked on a campaign to erode scientific temper, appropriate R&D activities into the party’s communal programme and degrade or destabilise the scope for research that is guided by researchers’ interests, in favour of that of bureaucrats.

    Under the party-friendly vice-chancellorship of M. Jagadesh Kumar, the Jawaharlal Nehru University in New Delhi has slid from being a national jewel to being blanketed in misplaced suspicions of secessionist activity. In January, students affiliated with the BJP’s student-politics wing went on a violent spree within the JNU campus, assaulting students and damaging university property, while Kumar did nothing to stop them. In November, well-known professors of the university’s school of physical sciences alleged that Kumar was intervening in unlawful ways with the school’s administration. Moushumi Basu, secretary of the teachers’ association, called the incident a first, since many faculty members had assumed Kumar wouldn’t interfere with the school of physical sciences, being a physical-sciences teacher himself.

    (Edit, April 11, 2022: Kumar was succeeded in February 2022 by Santishree Pandit, and at the end of the first week of April, members of the Akhil Bharatiya Vidyarthi Parishad assaulted JNU students on campus with stones over cooking non-vegetarian food on the occasion of Ram Navami.)

    Shortly before India’s COVID-19 epidemic really bloomed, the Union government revoked the licence of the Manipal Institute of Virology to use foreign money to support its stellar, but in India insufficiently supported, research on viruses, on charges that remain unclear. The party’s government has confronted many other institutes with similar fates – triggering a chilling effect among scientists and pushing them further into their ivory towers.

    In January 2020, I wrote about the unsettling case of a BJP functionary who had shot off an email asking university and institution heads to find out which of their students and faculty members had signed a letter condemning the Citizenship (Amendment) Act 2019. I discovered in the course of my reporting two details useful to understand the reasonable place of anonymous authorship in journalism. First, a researcher at one of the IISERs told me that the board of governors of their institute seemed to be amenable to the argument that since the institute receives funds via the education ministry (formerly the human resource development ministry), it does not enjoy complete autonomy. Second, while the Central Civil Services (Conduct) Rules 1964 do prevent employees of centrally funded institutions, including universities and research facilities, from commenting negatively on the government, they are vague at best about whether employees can protest on issues concerning their rights as citizens of the country.

    These two conditions together imply that state-funded practitioners of scientific activities – from government hospital coroners to spokespersons of billion-dollar research facilities, from PhD scholars to chaired professors – can be arbitrarily denied opportunities to engage as civilians on important issues concerning all people, even as their rights on paper seem straightforward.

    But even under unimaginable pressure to conform, I have found that many of India’s young scientists are still willing to – even insistent on – speaking up, joining public protests, writing and circulating forthright letters, championing democratic and socialist programmes, and tipping off journalists like myself to stories that need to be told. This makes my job as a journalist much easier, but I can’t treat their courage as permission to take advantage. They are still faced with threats whose full magnitude they may comprehend only later, or may be unaware of methods that don’t require them to endanger their lives or careers.

    Earlier, postdoctoral scholars and young scientists may have been more wary than anything else of rubbing senior scientists the wrong way by, say, voicing concerns about a department or institute in the latter’s charge. Today, the biggest danger facing them is indefinite jail time, police brutality and avoidance by institutes that may wish to stay on the party’s good side. (And this is speaking only of the more privileged male scientists; others have only had it increasingly worse.)

    Once again: how much can we ask of our compatriots? How much in particular can we ask of those who have reason to complain even as they stand to lose the most – the Dalits, the women, transgender people, the poor, the Adivasi, the non-English non-Hindi speakers, environmentalists, healthcare workers, migrant labourers, graveyard and crematorium operators, manual scavengers, the Muslims, Christians and members of other minority denominations, farmers and agricultural traders, cattle-rearers, and indeed just about anyone who is not male, rich, Brahmin? All of these people have stories worth sharing, but whose identities have been increasingly isolated, stigmatised and undermined. All of these people, including the young scientists as well, thus deserve to be quoted or published anonymously or pseudonymously – or their views may never be heard.

    Paying the price of fiction

    There are limitations, of course, and this is where ethical and responsible journalism can help. It is hard to trust an anonymous Twitter user issuing scandalous statements about a celebrity, and even harder to trust an anonymous writer laying claim to the credibility that comes with identifying as a scientist yet making unsubstantiated claims about other scientists – as necessary as such a tactic may seem to be. The safest and most responsible way forward is for a ‘source’ to work with a journalist such that the journalist tells the story, with the source supplying one set of quotes. This way, the source’s account will enjoy the benefit of being located in a journalistic narrative, in the company of other viewpoints, before it is broadcast. The journalist’s fundamental role here is to rescue doubts about one’s rights from the grey areas it occupies in the overlap between India’s laws and the wider political context.

    However, it is often also necessary to let scientists, researchers, professors, doctors, etc. to say what they need to themselves, so that they may bring to bear the full weight of their authority as well as the attitudes they don as topical experts. There is certainly a difference between writing about Pushpa Mittra Bhargava’s statements on one hand and allowing Pushpa Mittra Bhargava to express himself directly on the other. Another example, but which doesn’t appeal to celebrity culture (such as it is in the halls of science!), is to let a relatively unknown but surely qualified epidemiologist write a thousand words in the style and voice of their choice about, say, the BJP’s attempts to communalise the epidemic. The message here is contained within the article’s arguments as well as in the writer’s credentials – but again, not necessarily in the writer’s religious or ethnic identity. Or, as the case may be, in their identity as powerless young scientists.

    Ultimately, the most defensible request for anonymity is the one backed by evidence of reasonable risk of injury – physical or otherwise – and the BJP government has been steadily increasing this risk since 2014. Then again, none of this means those who have already received licence to write anonymously or pseudonymously also have license to shoot their mouths. Journalists have a responsibility to be as selective as they reasonably can to identify those who deserve to have their names hidden – with at least two editors signing off on the request instead of the commissioning editor alone, for example – and those who are selected to be reminded that the protection they have received is only for the performance of a necessary duty. Anonymity or even pseudonymity introduces one fiction into the narrative, and all fictions, now matter how trivial, are antithetical to narratives that offer important knowledge but also a demonstration of what good journalism is capable of. So it is important to not see this device as a reason for the journalist to invent more excuses to leave out or obfuscate yet other details in the name of fear or privacy. In fact, the inclusion of one fiction should force every other detail in the narrative to be that much more self-evidently true.

    Though some authors may not like it, the decision to grant anonymity must also be balanced with the importance and uniqueness of the article in question. While anonymity may grant a writer the freedom to not pull their punches, the privilege also foists more responsibility on the editor to ensure the privilege is being granted for something that is in the public interest as well as can’t be obtained through any other means. One particular nuance is important here: the author should convince the editor that they are compelled to speak up. Anonymity shouldn’t be the only reason the article is being written. Otherwise, anonymity or pseudonymity will easily be excuses to fire from behind the publication’s shoulders. This may seem like a crude calculus but it also lies firmly in the realm of due diligence.

    We may not be able to ask too much of our compatriots, but it is necessary to make sure the threats that face them are real and that they will not attempt to gain unfair advantages. In addition, the language must at all points be civil and devoid of polemic; every claim and hypothesis must be substantiated to the extent possible; if the author has had email or telephone conversations with other people, the call records and reporting notes must be preserved; and the author can’t say anything substantial that does not require their identity to be hidden. The reporter or the editor should include in the article the specific reason as to why anonymity has been granted. Finally, the commissioning editor reserves the right to back out of the arrangement anytime they become unsure. This condition simply reflects the author’s responsibility to convince the editor of the need for anonymity, even if specific details may never make it to the copy.

    At the same time, in times as fraught as ours, it may be unreasonable to expect reporters and editors to never make a mistake, even of the Rolling Stone’s proportions (although I admit the Columbia University report on Rolling Stone’s mistakes is unequivocal in its assessment that the magazine made no mistakes it couldn’t have avoided). The straightforward checks that journalists employ to weed out as many mistakes as possible can never be 100% perfect, particularly during a pandemic of a new virus. Some mistakes can be found out only in hindsight, such as when one needs to prove the negative, or when a journalist is caught between the views of two accomplished scientists and one realises a mistake only later.

    Instead, we should expect those who make mistakes to be prompt, honest and reflexive, especially smaller organisations that can’t yet afford independent fact-checkers. A period in which anonymous authorship is becoming more necessary, irrespective of its ad hoc moral validity, ought also to be a period in which newsroom managers and editors treat mistakes not as cardinal sins but as opportunities to strengthen the compact with their readers. One simple first step is to acknowledge post-publication corrections and modifications with a note plus a timestamp. Because let’s face it – journalists are duty-bound to walk the same doubts, ambiguities and fears that also punctuate their stories.

  • A call for a new human right, the right to encryption

    The Wire
    June 2, 2015

    DUAL_EC_DRBG is the name of a program that played an important role in the National Security Agency’s infiltration of communication protocols, which was revealed by whistleblower Edward Snowden. The program, at the time, drew the suspicion of many cryptographers who wondered why it was being used instead of the NIST’s more advanced standards. The answer arrived in December 2013: DUAL_EC_DRBG was a backdoor.

    A backdoor is a vulnerability deliberately inserted into a piece of software to allow specific parties to decrypt it whenever they want to. When the NSA wasn’t forcibly getting companies to hand over private data, it was exploiting pre-inserted backdoors to enter and snoop around. Following 9/11, the Patriot Act made such acts lawful, validating the use of programs like DUAL_EC_DRBG that put user security and privacy at stake to defend the more arbitrarily defined questions of national security.

    However, the use of such weakened encryption standards is a Trojan horse that lets in the weaknesses of those standards as well. When engineers attempt to use those standards for something so well-defined as the public interest, such weaknesses can undermine that definition. For example, one argument after Snowden’s revelations was to encrypt communications such that only the government could access them. This was quickly dismissed because it’s open knowledge among engineers that there are no safeguards that can be placed around such ‘special’ access that would deter anyone skilled enough to hack through it.

    It’s against this ‘power draws power’ scenario that a new report from the UN Office of the High Commissioner for Human Rights (OHCHR) makes a strong case – one which the influential Electronic Frontier Foundation has called “groundbreaking”. It says, “requiring encryption back-door access, even if for legitimate purposes, threatens the privacy necessary to the unencumbered exercise of the right to freedom of expression.” Some may think this verges on needless doubt, but the report’s centre of mass rests on backdoors’ abilities to compromise individual identities in legal and technological environments that can’t fully protect those identities.

    On June 1, those provisions of the Patriot Act that justified the interception of telephone calls expired and the US Senate was unable to keep them going. As Anuj Srivas argues, it is at best “mild reform” that has only plucked at the low-hanging fruit – reform that rested on individuals’ privacy being violated by unconstitutional means. The provisions will be succeeded by the USA Freedom Act, which sports some watered-down notions of accountability when organisations like the NSA trawl data.

    According to the OHCHR report, however, what we really need are proactive measures. If decryption is at the heart of privacy violations, then strong encryption needs to be at the heart of privacy protection – i.e. encryption must be a human right. Axiomatically, as the report’s author, Special Rapporteur David Kaye writes, individuals rely on encryption and anonymity to “safeguard and protect their right to expression, especially in situations where it is not only the State creating limitations but also society that does not tolerate unconventional opinions or expression.” On the same note, countries like the US that intentionally compromise products’ security, and the UK and India which constantly ask for companies to hand over the keys to their data to surveil their citizens, are now human rights violators.

    By securing the importance of strong encryption and associating it with securing one’s identity, the hope is to insulate it from fallacies in the regulation of decryption – such as in the forms of the Patriot Act and the Freedom Act. Kaye argues, “Privacy interferences that limit the exercise of the freedoms of opinion and expression …  must not in any event interfere with the right to hold opinions, and those that limit the freedom of expression must be provided by law and be necessary and proportionate to achieve one of a handful of legitimate objectives.”

    This anastomosis in the debate can be better viewed as a wedge that was created around 1995. The FBI Director at the time, Louis Freeh, had said that the bureau was “in favor of strong encryption, robust encryption. The country needs it, industry needs it. We just want to make sure we have a trap door and key under some judge’s authority where we can get there if somebody is planning a crime.”

    Then, in October 2014, then FBI Director James Comey made a similar statement: “It makes more sense to address any security risks by developing intercept solutions during the design phase, rather than resorting to a patchwork solution when law enforcement comes knocking after the fact.” In the intervening decades, however, awareness of the vulnerabilities of partial encryption has increased while the law has done little to provide recourse for the gaps in online protection. So, Comey’s arguments are more subversive than Freeh’s.

    Kaye’s thesis is from a human rights perspective, but its conclusions apply to everyone – to journalists, lawyers, artists, scholars, anyone engaged in the exploration of controversial information and with a stake in securing their freedom of expression. In fact, a corollary of his thesis is that strong encryption will ensure unfettered access to the Internet. His report also urges Congress to pass the Secure Data Act, which would prevent the US government from forcibly inserting backdoors in software to suit its needs.

  • The federation of our digital identities

    Facebook, Twitter, email, WordPress, Instagram, online banking, the list goes on… Offline, you’re one person maintaining (presumably) one identity. On the web, you have many of them. All of them might point at you, but they’re still distinct packets of data floating through different websites. Within each site, your identity is unified, but between them, you’re different people. For example, I can’t log into Twitter with my Facebook username/password because Facebook owns them. When digital information becomes federated like this, it drives down cross-network accountability because my identity doesn’t move around.

    However, there are some popular exceptions to this. Facebook and Twitter don’t exchange my log-in credentials – the keys with which I unlock my identity – because they’re rivals, but many other services and these sites are not. For example, I can log into my YouTube account using my GMail credentials. When I hit ‘Submit’, YouTube banks on the validity of my identity on GMail to log me in. Suddenly, GMail and YouTube both have access to my behavioral information through my username now. In the name of convenience, my online visibility has increased and I’ve become exposed to targeted advertising, likely the least of ills.

    The Crypto-Book

    John Maheswaran, a doctoral student at Yale University, has a solution. He’s called it ‘Crypto-Book’, describing its application and uses in a pre-print paper he and his colleagues uploaded to arXiv on June 16.

    1. The user clicks ‘Sign up using Facebook’ on StackOverflow.

    stackoverflow

    2. StackOverflow redirects the user to Facebook to log in using Facebook credentials, 3. after which the user grants some permissions.

    facebook

    4. Facebook generates a temporary OAuth access token corresponding to the permissions.

    5. Facebook redirects the user back to StackOverflow along with the access token.

    redirection

     

    6. StackOverflow can now access the user’s Facebook resources in line with the granted permissions.

    Crypto-Book sits between steps 1 and 6. Instead of letting Facebook and StackOverflow talk to each other, it steps in to take your social network ID from Facebook, uses that to generate a username and password (in this context called a public and private key, respectively), and passes them on to StackOverflow for authentication.

    OpenID and OAuth

    It communicates with both sites using the OAuth protocol, which came into use in 2010. Five years before this, the OpenID protocol had launched to some success. In either case, the idea was to reduce the multiplicity of digital identities but in the context of sites like Facebook and Twitter that could own your identities themselves, the services the protocols provided enabled users to wield more control over what information they shared, or at least keep track of it.

    OpenID let users to register with itself, and then functioned as a decentralized hub. If you wanted to log into WordPress next, you could do so with your OpenID credentials; WordPress only had to recognize the protocol. In that sense, it was like, say, Twitter, but with the sole function of maintaining a registry of identities. Its use has since declined because of a combination of its security shortcomings and other sites’ better authentication schemes. OAuth, on the other hand, has grown more popular. Unlike OpenID, OAuth is an identity access protocol, and gives users a way to grant limited-access permissions to third-party sites without having to enter any credentials (a feature called pseudo-authentication).

    So Crypto-Book inserts itself as an anonymizing layer to prevent Facebook and StackOverflow from exchanging tokens with each other. Maheswaran also describes additional techniques to bolster Crypto-Book’s security. For one, a user doesn’t receive his/her key pair from one server but many, and has to combine the different parts to make the whole. For another, the user can use the key-pair to log in to a site using a technique called linkable ring sgnatures, “which prove that the signer owns one of a list of public keys, without revealing which key,” the paper says. “This property is particularly useful in scenarios where trust is associated with a group rather than an individual.”

    The cryptocurrency parvenu

    Interestingly, the precedent for an equally competent solution was set in 2008 when the cryptocurrency called bitcoins came online. Bitcoins are bits of code generated by complex mathematical calculations, and each is worth about $630 today. Using my public and private keys, I can perform bitcoin transactions, the records of which are encrypted and logged in a publicly maintained registry called the blockchain. Once the blockchain is updated with a transaction, no other information except the value exchanged can be retrieved. In April 2011, this blockchain was forked into a new registry for a cryptocurrency called namecoin. Namecoins and bitcoins are exactly the same but for one crucial difference. While bitcoins make up a decentralized banking system, namecoins make up a decentralized domain name system (DNS), a registry of unique locations on the Internet.

    The namecoin blockchain, like its website puts it, can “securely record and transfer arbitrary names,” or keys, an ability that lets programmers use it as an anonymizing layer to communicate between social network identities and third-party sites in the same way Crypto-Book does. For instance, OneName, a service that lets you use a social network identity to label your bitcoin address to simplify transactions, describes itself as

    a decentralized identity system (DIS) with a user directory made of entries in a decentralized key-value store (the Namecoin blockchain).

    Say I ‘register’ my digital identity with namecoin. The process of registration is logged on the blockchain and I get a public and private key. If Twitter is a relying partner, I should be able to log in to it with my keys and start using it. Only now, Twitter’s server will log me in but not itself own the username with which it can monitor my behavior. And unlike with OpenID or OAuth, neither namecoin or anyone on the web can access my identity because it has been encrypted. At the same time, like with Crypto-Book, namecoin will use OAuth to communicate with the social networking and third-party sites. But at the end of the day, namecoin lets me mobilize only the proof that my identity exists and not my identity itself in order to let me use services anonymously.

    If everybody’s wearing a mask, who’s anonymous?

    As such, it enables one of the most advanced anonymization services today. What makes it particularly effective is its reliance on the blockchain, which is not maintained by a central authority. Instead, it’s run by multiple namecoin users lending computing resources that process and maintain the blockchain, so there’s a fee associated with staking and sustaining your claim of anonymity. This decentralization is necessary to dislocate power centers and forestall precipitous decisions that could compromise your privacy or shut websites down.

    Services like IRC provided the zeroth level of abstraction to achieve anonymity in the presence of institutions like Facebook – by being completely independent and ‘unhooked’. Then, the OpenID protocol aspired, ironically, to some centrality by trying to set up one set of keys to unlock multiple doors. In this sense, the OAuth protocol was disruptive because it didn’t provide anonymity as much as tried to provide an alternative route by limiting the number of identities you had to maintain on the web. Then come the Crypto-Book and blockchain techniques, both aspiring toward anonymity, both reliant on Pyrrhic decentralization in the sense that the power to make decisions was not eliminated as much extensively diluted.

    Therefore, the move toward privatization of digital identities has been supported by publicizing the resources that maintain those identities. As a result, perfect anonymity becomes consequent to full participation – which has always been the ideal – and the size of the fee to achieve anonymity today is symptomatic of how far we are from that ideal.

    (Thanks to Vignesh Sundaresan for inputs.)