Pseudonymity is a word derived from
pseudonym, meaning 'false name', and describes a state of disguised identity resulting from the use of a pseudonym (also called nym). The pseudonym identifies a "holder", that is, one or more human beings who possess but do not disclose their true names (that is, legal identities). [May, Timothy C. (1991). [http://www.activism.net/cypherpunk/crypto-anarchy.html The Crypto Anarchist Manifesto ] .] Most pseudonym holders use pseudonyms because they wish to remain anonymous, but anonymity is difficult to achieve, and is often fraught with legal issues. [du Pont, George F. (2001) [http://www.mttlr.org/volseven/du%20pont.html The Criminalization of True Anonymity in Cyberspace] 7 Mich. Telecomm. Tech. L. Rev.] True anonymity requires unlinkability, such that an attacker's examination of the pseudonym holder's message provides no new information about the holder's true name. [Post, David G. (1996). [http://www.cli.org/DPost/paper8.htm Pooling Intellectual Capital: Thoughts on Anonymity, Pseudoanonymity, and Limited Liability in Cyberspace] . "University of Chicago Legal Forum."]
Although the term is most frequently used today with regards to identity and the Internet, the concept of pseudonymity has a long history. For example, all of the
Federalist Paperswere signed by Publius, a pseudonym representing the trio of James Madison, Alexander Hamilton, and John Jay. The papers were written partially in response to several Anti-Federalist Papers, also written under pseudonyms. As a result of this pseudonymity, historians know that the papers were written by Madison, Hamilton, and Jay, but have not been able to discern which of the three authored certain papers.
Pseudonymity has become an important phenomenon on the
Internetand other computer networks. In computer networks, pseudonyms possess varying degrees of anonymity, [Froomkin, A. Michael (1995). [http://www.wm.edu/law/publications/jol/95_96/froomkin.html "Anonymity and Its Enemies (Article 4)] ". "Journal of Online Law."] ranging from highly linkable "public pseudonyms" (the link between the pseudonym and a human being is publicly known or easy to discover), potentially linkable "non-public pseudonyms" (the link is known to system operators but is not publicly disclosed), and "unlinkable pseudonyms" (the link is not known to system operators and cannot be determined). [Pfitzmann, A., and M. Köhntopp (2000). " [http://dud.inf.tu-dresden.de/literatur/Anon_Terminology_v0.23.pdf Anonymity, Unobservability, and Pseudonymity: A Proposal for Terminology] ". In H. Federrath (ed.), "Anonymity" (Berlin: Springer-Verlag), pp. 1-9.] For example, true anonymous remailerenables Internet users to establish unlinkable pseudonyms; those that employ non-public pseudonyms (such as the now-defunct Penet remailer) are called pseudonymous remailers.
The continuum of unlinkability can also be seen, in part, on
author = Jasmine Novak, Prabhakar Raghavan and Andrew Tomkins
title = AntiAliasing on the Web
Association for Computing MachineryProceedings of the 13th international conference on World Wide Web
location = New York, NY, USA.
date = 2004-05-17
url = http://www.cs.ualberta.ca/~tszhu/webmining/paper/search/1p30.pdf
accessdate = 2009-02-10]
System operators (
sysops) at sites offering pseudonymity, such as Wikipedia, are not likely to build unlinkability into their systems, as this would render them unable to obtain information about abusive users quickly enough to stop vandalism and other undesirable behaviors. Law enforcement personnel, fearing an avalanche of illegal behavior are equally unenthusiastic. [Clarke, Roger (1998). [http://www.anu.edu.au/people/Roger.Clarke/II/ICrimPrev.html "Technological Aspects of Internet Crime Prevention."] Paper presented at the Australian Institute for Criminology's Conference on Internet Crime (February 16-17, 1998).] Still, some users and privacy activists like ACLUbelieve that Internet users deserve stronger pseudonymity so that they can protect themselves against identity theft, illegal government surveillance, stalking, and other unwelcome consequences of Internet use (including unintentional disclosures of their personal information, as discussed in the next section). Their views are supported by laws in some nations (such as Canada) that guarantee citizens a right to speak using a pseudonym. [http://www.eff.org/legal/cases/2TheMart_case/20010420_eff_2themart_pr.html] This right does not, however, give citizens the right to demand publication of pseudonymous speech on equipment they do not own.
Pseudonymity and confidentiality
Most Web sites that offer pseudonymity retain information about users. These sites are often susceptible to unauthorized intrusions into their non-public database systems. For example, in 2000, a Welsh teenager obtained information about more than 26,000 credit card accounts, including that of Bill Gates. [Reuters News Service (2000). [http://news.com.com/2100-1017-238427.html?legacy=cnet "Report: Hackers Had Gates' Credit Card Data"] (March 26, 2000).] In 2003, VISA and MasterCard announced that intruders obtained information about 5.6 million credit cards. [Katayama, F. (2003) [http://www.cnn.com/2003/TECH/02/17/creditcard.hack/ "Hacker accesses 5.6 Million Credit Cards" "CNN.com: Technology (February 18, 2003).] ] Sites that offer pseudonymity are also vulnerable to confidentiality breaches. In a study of a Web dating service and a
pseudonymous remailer, Cambridge University researchers discovered that the systems used by these Web sites to protect user data could be easily compromised, even if the pseudonymous channel is protected by strong encryption. Typically, the protected pseudonymous channel exists within a broader framework in which multiple vulnerabilities exist. [Clayton, R., G. Danezis, and M. Kuhn (2001). " [http://www.cl.cam.ac.uk/~rnc1/Patterns_of_Failure.pdf Real World Patterns of Failure in Anonymity Systems.] " "Lecture Notes in Computer Science" 2137:230-244.] Pseudonym users should bear in mind that, given the current state of Web security engineering, their true names may be revealed at any time.
Pseudonymity and online reputations
Pseudonymity is an important component of the
reputationsystems found in online auction services (such as eBay), discussion sites (such as Slashdot), and collaborative knowledge development sites (such as Wikipedia). A pseudonymous user who has acquired a favorable reputation gains the trust of other reputable users. When users believe that they will be rewarded by acquiring a favorable reputation, they are more likely to behave in accordance with the site's policies. [Kollock, P. (1999). [http://www.sscnet.ucla.edu/soc/faculty/kollock/papers/online_trust.htm "The Production of Trust in Online Markets."] In E.J. Lawler, M. Macy, S. Thyne, and H.A. Walker (eds.), "Advances in Group Processes" (Greenwich, CT: JAI Press).]
If users can obtain new pseudonymous identities freely or at very low cost, reputation-based systems are vulnerable to
whitewashing attacks [Feldman, M., S. Papadimitriou, and J. Chuang (2004). "Free-Riding and Whitewashing in Peer-to-Peer Systems." Paper presented at SIGCOMM '04 Workship (Portland, Oregon, Aug. 30-Sept. 3, 2004).] (also called serial pseudonymity), in which abusive users continuously discard their old identities and acquire new ones in order to escape the consequences of their behavior: "On the Internet, nobody knows that yesterday you were a dog, and therefore should be in the doghouse today." [Friedman, E. and P. Resnick (2001). [http://www.si.umich.edu/~presnick/papers/identifiers/081199.pdf "The Social Cost of Cheap Pseudonyms] ." "Journal of Economics and Management Strategy" 10(2): 173-199.] Users of Internet communities who have been banned only to return with new identities are called sock puppets.
The social cost of cheaply discarded pseudonyms is that experienced users lose confidence in new users, [Johnson, D.G. and K. Miller (1998). [http://portal.acm.org/citation.cfm?id=276758&coll=portal&dl=ACM "Anonymity, Pseudonymity, and Inescapable Identity on the Net."] "ACM SIGCAS Computers and Society" 28(2): 37-38.] and may subject new users to abuse until they establish a good reputation. [Friedman and Resnick, "op. cit."] System operators may need to remind experienced users that most newcomers are well-intentioned (see, for example, srlink|Wikipedia:Please do not bite the newcomers|Wikipedia's policy about biting newcomers). Concerns have also been expressed about sock puppets exhausting the supply of easily remembered usernames. Proposals have been made to raise the costs of obtaining new identities (for example, by charging a small fee or requiring e-mail confirmation). Others point out that Wikipedia's success is attributable in large measure to its nearly non-existent initial participation costs.
Public key encryption
* [http://www.freehaven.net/anonbib/ Anonymity Bibliography] Excellent bibliography on anonymity and pseudonymity. Includes hyperlinks.
* [http://www.tik.ee.ethz.ch/~rennhard/shopaware/ Anonymity Network] Describes an architecture for anonymous Web browsing.
* [http://www2.cddc.vt.edu/www.eff.org/Privacy/Anonymity/ Electronic Frontier Foundation (EFF) Anonymity/Pseudonymity Archive]
Wikimedia Foundation. 2010.