The Traceability of an Anonymous Online Comment

Yesterday, I described a simple scenario where a plaintiff, who is having difficulty identifying an alleged online defamer, could benefit from subpoenaing data held by a third party web service provider. Some third parties—like Facebook in yesterday’s example—know exactly who I am and know whenever I visit or post on other sites. But even when no third party has the whole picture, it may still be possible to identify me indirectly, by combining data from different third parties. This is possible because loading one webpage can potentially trigger dozens of nearly simultaneous web connections to various third party service providers, whose records can then be subpoenaed and correlated.

Suppose that I post an anonymous and potentially defamatory comment on a Boing Boing article, but Boing Boing for some reason is unable to supply the plaintiff with any hints about who I am—not even my IP address. The plaintiff will only know that my comment was posted publicly at “9:42am on Fri. Feb 5.” But as I mentioned yesterday, Boing Boing—like almost every other site on the web—takes advantage of a handful of useful third party web services.

For example, one of these services—for an article that happens to feature video—is an embedded streaming media service that hosts the video that the article refers to. The plaintiff could issue a subpoena to the video service and ask for information about any user that loaded that particular embedded video via Boing Boing around “9:42am on Fri. Feb 5.” There might be one user match or a few user matches, depending on the site’s traffic at the time, but for simplicity, say there is only one match—me. Because the video service tracks each user with a unique persistent cookie, the service can and probably does keep a log of all videos that I have ever loaded from their service, whether or not I actually watched them. The subpoena could give the plaintiff a copy of this log. Continue reading.

Related Posts

REAL Net Neutrality Last fall, the Federal Communications Commission proposed rules for “Net Neutrality” — a set of regulations intended to help innovation and free speec...
Why free software shouldn’t depend on Mono or C# by Richard M. Stallman Debian's decision to include Mono in its principal way of installing GNOME, for the sake of Tomboy which is an application w...
Software sniffs out criminals by the shape of their nose Forget iris and fingerprint scans -- scanning noses could be a quicker and easier way to verify a person's identity, according to scientists at the Un...
Why “Open Source” misses the point of Free Software By Richard Stallman: When we call software “free,” we mean that it respects the users' essential freedoms: the freedom to run it, to study and change ...
Internet Explorer’s dominant market share eroding Remember when Internet Explorer ruled the Web, to the tune of about 98% of the browser market share? Those were happy days for Internet Explorer. Unti...
Unintended Consequences: Twelve Years Under the DMCA Twelve years after the passage of the controversial Digital Millennium Copyright Act (DMCA), the law continues to stymie fair use, free speech, scient...

We Recommend These Vendors and Free Offers

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


Leave a Comment

Your email address will not be published. Required fields are marked *

*