Mass Deanonymization: A Troubling Possibility
Anonymity has developed a bad reputation these days. In the early days of the internet, the public saw this as a boon to free speech. Now its seen as something that enables toxicity. That encourages bullying and trolling. People now use their real names on services like Facebook. If you choose to be anonymous, you might be frozen out of certain conversations.
Yet, anonymity is still both important and valuable. Especially when we exchange our information in return for services. Social media sites are the prime example. Our information is used for marketing purposes. However, the deal is that no individual person can be identified through their data. It's all one big anonymous mountain of data.
Or is it?
Mining for the Truth
Deanonymization is a data mining technique which is applied to large datasets. The sort of data sets that are collected all the time now. By using smart algorithms which can cross-reference other sets of data that are not anonymous, it's possible to figure out whose data belongs to who.
Each data set may need a unique approach, but it seems that in some cases it takes very few data points to actually name individual people.
For example, which cellphone tower you access the internet from can be cross-referenced with what sites were being accessed. As well as public posting records on something like Twitter. This could all be linked to you.
The same goes for anonymized records used for research or government purposes. When the secret is unlocked as to how a given set of data can be deanonymized, the consequences could be dire.
Are We Really Safe?
We are moving to bigger and more complex online systems. Those hungry for data are siphoning more and more of our information. The data recording devices are invading our private lives to a greater extent all the time too. The internet of things (IoT) provides more granular ways to track our info. Your smartwatch is recording your medical data. Your smartphone is recording your movements. It goes on and on.
We place this data into the hands of the companies. The same ones that make the technology. They anonymize the data, before selling it on. So really, the safety of our privacy relies on a few things here.
First, we have to hope that those anonymizing the data do it in such a way that deanonymization is hard or impossible to do. Second, we have to trust that the buyers of the data don't run algorithms to try and strip anonymity from it. Lastly, we have to hope that the custodians of the data keep it safe from third-party attackers such as hackers. Because they can use deanonymization methods too.
Deanonymization Attacks
It isn't even always necessary to hack data. For example, a proposed attack by researchers can identify anonymous users through their group membership and cookies. Even anonymous browser network Tor is vulnerable to several Tor deanonymization attacks.
The existence of these sorts of attacks is a direct threat to privacy. Whether perpetrated by hackers or the government.
Is The Future Deanonymized?
The more of our information on the web, the easier it becomes to cross-reference and identify individual people. As it stands, there doesn't seem to be anything you can do. Other than avoiding getting your data recorded in the first place. However, you would have to completely go off-grid for that to even make a difference. The more unique the sum total of your data is, the easier you are to tell apart from the rest.
The truth is that anonymity in the world of the future may be a rare commodity. Internet technology has already significantly eroded the privacy we had and that process will continue. Unless there are some pretty radical social and legal reforms, that is.
What do you think about Mass Deanonymization? Let us know in the comments below. Get instant updates on TechNadu’s Facebook page, or Twitter handle.