Defending Online Anonymity in the Era of Trump.

Cian Heasley
8 min readNov 21, 2018

Bruce Schneier contends, in his excellent article “Surveillance Kills Freedom by Killing Experimentation”, that for society to evolve, for societal norms to change, “People need to be able to read critiques of those norms without anyone’s knowledge, discuss them without their opinions being recorded, and write about their experiences without their names attached to their words.”

We are living in a world where mass surveillance is rampant, where corporations and governments track as much of our activities as they can manage to and in which we all live our lives with a trail of digital breadcrumbs left in our wake.

Children and college students are being conditioned to accept constant surveillance in schools, either through facial recognition systems, their own phones or tracking bracelets. Adults are being presented a vision of an online world where everything must be tracked and recorded for their own safety.

Inpixon markets essentially the same surveillance technology to schools, prisons and shopping malls.

Defending online anonymity is no easy task in 2020. In the era of Trump and Johnson, of troll farms, twitter bots and covertly funded political influence campaigns people are instinctively fearful of the online unknown. A lot of the arguments that have shaped our debates are framed by politicians, pundits and journalists, people in a position of privilege with less limitations on how and where they can express their opinions.

Back in 2017 the Trump administration targeted three organisers of an anti Trump protest. The US Department of Justice demanded that Facebook turn over their passwords, their physical addresses and all activities associated with their accounts which would have swept up anyone they had ever interacted with on the platform. A separate warrant asked for information on around 6,000 Facebook users who had interacted with the page (simply by “liking” or “following”) used to organise the protest, all of this under the guise of investigating “evidence of rioting or intent to riot”.

Ultimately the judge in that case decided to limit the information the DoJ could request from Facebook but it should be pretty obvious from this story that handing more identifying data to the company will just make them an even more tempting target for government litigation designed to chill freedom of expression.

In 2018 in Tanzania Paul Makonda, Regional Commissioner for Dar es Salaam, proposed the creation of an anti-LGBTQ surveillance squad to hunt down and prosecute gay people in Tanzania’s largest city. He planned to do this through a network of informants but also he proposed to track gay people online, or as he put it “these homosexuals boast on social networks.” Without online anonymity, or pseudonymity, what hope do people in such repressive countries have to escape prosecution for their sexuality, for their politics, for their religion?

The implications of these ill considered demands for tech companies to further weaken privacy online are not thought through and cheapen the entire discourse around platform moderation and government oversight of social media in the process.

Meanwhile in Thailand last year a Facebook user was arrested for posting a photo of an anti-government placard from a protest. In 2017 a man was sentenced to 35 years in prison for insulting the Thai monarchy on Facebook, also in 2017 it emerged that Facebook was censoring posts that the Thai military junta deemed unsuitable.

These events are just a handful of the stories worldwide that have taken place since Trump was elected, the era of Trump is one that requires greater strengthening of privacy and anonymity online, not less.

Vietnam, Iran, Turkey, Saudi Arabia and other similarly authoritarian governments have all arrested journalists or bloggers in the last year for their speech. The more we place an onus on internet users to be trivially identifiable the more we hand ammunition to these governments to use against activists or political dissident movements within their own country. Politicians in countries with adequate protection of free speech and journalists must take the time to consider how their comments will play out in countries that do not.

When governments turn on their own citizens will social media platforms stand up for their users? The more data these companies have, the greater the risk that this information will fall into the hands of criminals or authoritarian regimes.

More recently we can see politicians like Shadow Home Secretary Diane Abbott here in the UK calling for an end to anonymity online, without any thought as to the consequences. “You can post under a pseudonym but Twitter, Facebook — whoever, should actually have your name and address,” Diane Abbott said during an interview recently.

This reminds me of Barack Obama handing an unconstrained surveillance and drone apparatus to Donald Trump, Labour MPs are calling for a weakening of online privacy that will surely be taken advantage of by an increasingly authoritarian, surveillance obsessed UK government.

This is the worst kind of irresponsible, disproportionate knee-jerk reaction.

Similar to the now abandoned UK “porn block” there seems to be very little consideration among politicians as to how these changes would even be implemented on a purely technical level. The implications of these ill considered demands for tech companies to further weaken privacy online are not thought through and cheapen the entire discourse around platform moderation and government oversight of social media in the process.

How do you verify people’s identities? Do we all scan our IDs and send them to Facebook and Twitter? What about people who don’t have photo IDs? What about legitimate concerns over handing over this kind of data? Would Facebook and Twitter be willing to implement an entire separate registration system just for people in the UK? How do you make sure that people are in the UK in the first place?

On the one hand UK politicians bemoan Mark Zuckerberg’s refusal to appear in front of parliament to discuss his platform’s lack of accountability, on the other they want us to hand him even more of our sensitive data, it makes absolutely no sense.

Facebook discloses worldwide government requests for user data which continue to grow year by year

Last year in just one breach alone Facebook leaked the phone numbers of 419,000,000 Facebook users, what happens when it isn’t phone numbers but passport scans that are left unprotected online for anyone to access?

Twitter meanwhile has finally admitted that it used phone numbers that users provided for added two factor authentication security on their accounts to instead serve them targeted ads. In 2018 it emerged that the Saudi Arabian government had “groomed” a Twitter employee to persuade him to spy on Saudi dissidents communicating via the platform, it shows just how flimsy the protections that these companies have in place can be when faced with a nation state.

Do you really want to have to hand either of these two companies any more data than you already have?

The US government’s own Office of Personnel Management was hacked in 2015, data that went back to 1985 was stolen, in all 22.1 million people were affected. This data included fingerprints, background check information and information about friends, family and references. If this data cannot be safeguarded by the US government itself then why are we proposing to hand it over to private companies who will simply become an even bigger target for nation state or criminal gang related espionage as a result?

A lot of the conversation around online privacy and anonymity is not just shaped by politicians and journalists, it is shaped specifically by politicians and journalists in Europe and North America.

There is a race to the bottom when it comes to surveillance and destruction of privacy, governments in Europe and the US criticise regimes like China or North Korea for surveilling their citizens, for Orwellian intrusions into people’s private lives, and then try to sell their own citizens on exactly the same technology with very similar justifications.

The arguments against online anonymity have followed a familiar trajectory for anyone who tracks these kinds of political bugbears:

  1. Terrorists will use online anonymity to conceal themselves
  2. Pedophiles will mask their activity online
  3. Drug dealers will take advantage of privacy on the internet

Now though we have made it right through these obvious arguments and out the other side, to the point where politicians are asking us to submit to the enforcement of online civility at the end of a truncheon and handcuffs. Politicians want us to consent to the creation of vast databases, entrusted to unregulated unconstrained tech giants, of our most sensitive data so that the authorities can more easily arrest people for speech online.

I understand the desire on many people’s parts to see government more involved in regulating tech giants and social media, it is increasingly hard to argue against this. The problem that we need to face up to is that the very same governments that are looking to impose their will on corporations like Facebook and Twitter are not operating in good faith.

The Republican Party in the US is obsessed with the notion that social media platforms are conspiring to silence conservative voices, even though there is no evidence to support that notion. The Tory Party in the UK has benefitted more than any other UK political party from misinformation online and has actively wielded it as a weapon against their rivals. Even though Facebook already has a “real names” policy, one that has actively hurt minorities and vulnerable people, that still is not enough and UK politicians have still called for “private groups” to be banned.

Are these the politicians that we can trust to strike a balance between privacy and accountability? I think we know the answer.

The arguments against anonymity online that are based around the 2016 election and election interference on social media just don’t stand up to scrutiny either. As we found out during the Mueller investigation the Russian operatives who created Facebook pages to spread misinformation did so using the stolen identities of actual Americans. Facebook already has a real names policy, this was not a problem to do with anonymity, it was a problem with the platform itself not taking the time to hunt down suspicious activity.

Likewise in the UK one of the big stories from our last general election centred around erroneous claims that a photo of a little boy sleeping on a hospital floor due to lack of beds was staged. The person who originally seemed to have posted this story on Facebook later claimed that her Facebook was hacked, once again this was online misinformation but once again it was not linked to an “anonymous” account but in fact an actual person.

We need to think about what kind of an internet we want going forward, one shaped by the opinions of politicians without any technical knowledge or consideration for the consequences or a medium on which people can express themselves without fear of reprisal.

Will we follow the shrill warnings from tabloid journalists who themselves revel in racist, sexist language whilst decrying internet trolls or will we try to find a reasonable, measured response to the complex issue of online privacy and free speech and find a path that leads to solutions that will cause as little harm as possible?

I know which internet I want to be a part of.



Cian Heasley

I work in infosec and live in Scotland, I am fascinated by computer security, privacy and the intersection of the internet, technology and human rights.