Sun 21 August 2016
I've been thinking a lot about privacy and anonymity recently. It's reasonably possible to create a new online identity, with no links to your real-world identity, as long as you don't need to buy anything and you're careful. Use Tor, get an email address from SIGAINT, and you can sign up for accounts on a lot of other services and speak your mind freely.
New identities created in this manner come with a few limitations:
It is almost impossible to purchase anything online both anonymously and legally. Cash only works offline. Stealing credit card numbers allows you to be anonymous but is illegal, and rather distasteful (you're stealing from real people). Any other conventional payment method that works online is not at all anonymous (PayPal, bank transfers, spending from your own credit card). And furthermore, thanks to anti-money laundering regulations, I don't think any anonymous payment method can be created unless there is nobody to prosecute.
Bitcoin improves the situation here: if you can acquire the BTC anonymously (e.g. by selling your services on a dark market) then you can safely spend it without any link to your real-world identity. But thanks to the public ledger, transferring value from your real-world identity to your new identity without any traces is very difficult and probably still leaks some information even if a concrete connection can't be drawn.
Monero purports to solve the anonymous payments problem, but I've not looked in any detail.
Even if you can solve the purchasing problem, naive delivery of physical goods would reveal your physical location.
If you could anonymously acquire a PO Box or similar, this would still leak a lot of information about your location (e.g. it's impractical to use a PO Box in Canada if you live in England).
Maybe a concept like Tor could be made to work? The packages would have to be well-secured to ensure that the middlemen can't reasonably open them, both to protect the content of the package from inspection/modification, and to protect the middlemen from liability.
There would need to be a disincentive against theft. The cost paid to each middleman would need to be higher than the net profit he could make by stealing the package. Either his delivery fee must be expensive, or the package must be expensive to open. Either way, it's going to be expensive.
As presented here, this idea is unworkable, but if you have any insights into how it could work, please get in touch.
As an experiment, I recently tried to rent a VPS anonymously. I habitually signed off a support ticket with "Thank you. James" and sent it before realising my mistake. This isn't enough to uniquely identify me, but it opened my eyes to how easy it is to slip up. And each mistake reduces the set of real-world people who could be behind the identity.
As part of the anonymous VPS experiment, I requested a refund of my 0.06 BTC. I still haven't received it. If the people running the hosting company can be sure enough that I signed up using "false" information, they can quite easily get away with not sending the refund. What am I going to do? A "false" identity can't participate in the legal system so my only recourse is to complain about it.
This article isn't about the problems that come with creating new identities. Let's instead assume a society in which we can use cryptography to create first-class identities whenever we want. Just create another keypair, and that's another identity. What are the implications of such a society?
To be clear, I'm not talking about identity theft. The current systems make it easier to assume a new identity by stealing one from somebody else than by creating a fresh one. No, I'm talking about the ability to create completely new identities, backed entirely by cryptography, not by national registers of births, immigrations, etc.
On this point, the world is currently diverging. On one hand, governments are increasing their control and surveillance over ordinary people. Technology is allowing them to make connections between different parts of our lives in ways that weren't possible even 20 years ago. On the other hand, technology like Tor, Bitcoin, and plenty more, are allowing people to assume new online identities without asking permission from anyone, outside the scope of government databases. I don't know if this divergence can continue forever, and I don't know how it can be resolved.
In a world where identities are proven by cryptography rather than by passport photos and bank statements, identity theft becomes a lot more difficult. In the current world, anybody who can verify an identity (for example by receiving a copy of a passport and bank statement) gets all the info they need in order to steal that identity. If, instead, identities are backed by cryptography, you just sign a message and never reveal your private key.
It might make credit scores less effective. Anybody who wants to default on a loan can do so, easily, without any impact on the credit scores of their other identities.
It might not be possible to conduct elections where each person has exactly one vote. Which identities are allowed a vote and which ones aren't?
Our current system of taxes might not work well. At minimum, tax bands would have to be reconsidered, otherwise people could create many identities, and keep each one in the lowest band, rather than paying more tax. And, more likely, taxes wouldn't even work: if I can create a new identity outside any government database, how will the government even know to try to collect taxes from me? And how can they punish me if I don't pay?
How would driving licences work? If I run over an old lady and have my licence revoked, what stops me from simply creating a new identity and getting a new driving licence?
Anything based on proof of age would probably have to change (laws around buying alcohol, for instance) because any mechanism that could tie an identity to a person's age could also be used to tie all of that person's identities together (or, at minimum, would leak information that could be used to help tie them together).
Some identities could be controlled by groups rather than an individual, without anybody else knowing how many people are behind it. If this group identity had a driving licence then it would allow all members of the group to drive even though only one of them had actually passed the test.
The ideas here are not well-formed, but perhaps the Nash equilibrium is somewhere close to governments requiring you to tell them about all of your identities so that they can assign voting rights, collect taxes, etc. There could be a punishment for anybody found to be using an identity that their local government hasn't been informed of, and probably driving licences etc. would not be granted to identities that are controlled by multiple people. There would probably be some way for companies not only to verify an identity (use cryptography) but to check with the local government to make sure it is a "legitimate" identity, and possibly even to get a list of other identities possessed by the same person. Perhaps crypto-anarchy is destined to be forever confined to the virtual world.If you like my blog, please consider subscribing to the RSS feed or the mailing list: