anonymity | Sue Gardner's Blog

So. A year ago I left my position running the Wikimedia Foundation and began the process of figuring out what to do next. (Spoiler: not yet complete.)

I had eaten, slept and breathed nothing but Wikimedia for seven years — in effect, I had embodied it. That may sound unhealthy but it really wasn’t: there was lots of overlap between me and Wikimedia, and I didn’t mind parking the stuff the job didn’t need. But it did mean that afterwards, it made sense for me to do some self-scrutiny and a kind of reset. What had been actually me versus what was just the job, and therefore what did I want to keep doing, to discard, or maybe revive.

The first thing I did was spend a month in Iceland looking at volcanoes and lounging in hot springs. That was glorious and I recommend it to anyone.

I’d guessed by the time I got back I’d be ready to dive into something, but I was wrong. And so I spent many months in a kind of lazy exploratory mode. Making risotto. Playing board games. Collecting together and synthesizing everything that is known about the gender gap in tech. (Yes, for real. It’s here.) Travelling. Reading. Giving talks. Advising friends.

And simultaneously, trying on possible futures like they were hats. Did I want to run an important cultural institution whose influence was starting to wane? No. How about a campus speaking tour? No. A start-up with a difficult business model and some tough marketing challenges? Ha. No.

My goal has always been the same. I want to work on stuff i) that’s aiming to make the world better for ordinary people; ii) that is actually making the world better, not just trying and failing. And iii) where I can personally be most useful. I care about impact and scope and scale and effectiveness. And so the question for me was pretty simple: where were the biggest and most important problems, that need help from someone like me.

Gradually that answer started to come, at least provisionally, into focus. By now we know that the internet shakeout is well underway, with power and money increasingly consolidated among a tiny number of players. As Bruce Schneier has famously said, the internet’s business model is surveillance: most of the industry makes its money by tracking and stockpiling and monetizing information about its users. (Of those who don’t, many have no obvious business model at all, which is .. not reassuring.) That mountain of user data has turned out to be irresistible to state actors and other authorities, who now find themselves able to know vastly more about the habits and activities of ordinary people than was ever previously imaginable.

This all sucks. Initially it looked like the internet would rebalance the scales and empower ordinary people, but what’s actually happening is the opposite.

So here’s what I’m going to do.

Starting now, and supported by the First Look organisation, I’m beginning two projects related to anonymity, privacy, and free speech.

The first is narrowly focused on Tor, where I’ll be developing a strategic plan for and with the Tor Project.

I’m doing that because Tor is important — it’s the most secure and widely-used anonymity-supporting software that we’ve got. Tor is controversial because (like phones and cars and banks) its users include criminals. But what matters more to me is its use by people like Chelsea Manning and Edward Snowden. I want the organisation behind Tor be as strong and effective as possible, and so I am going to put some energy towards helping make that happen.

My second project will be to research the broader state of “freedom tech” — all the tools and technologies that enable free speech, free assembly, and freedom of the press. I want to figure out, from a user-centric perspective, what kinds of freedom-enabling technology products and services people have access to today, what impediments they’re running up against in trying to use them, what functionality is needed that’s entirely missing from the current landscape, and what kinds of interventions would need to be made in order to start getting it built. Do we need easier, faster funding, and/or other forms of support, for individuals and tiny teams? Or bigger, better-funded organisations, with expertise the space currently doesn’t have? What would move the needle? That’ll be my focus.

I’m extremely grateful to Pierre Omidyar and First Look for funding this, and to the Tor Project for being so fabulously welcoming to me. This is important work, and I’m super-pleased to embark upon it.

A while back I was startled while researching someone in a work context, to come across a bunch of NSFW self-portraits she’d posted online under her real name. She was mid-career in compliance-related roles at big, traditional companies, and the photos raised questions for me about her judgement and honestly her competency. Didn’t she realise the images were public? Hadn’t she ever thought about what could happen when somebody –a colleague, a boss– randomly googled her? Was she making a considered decision, or just being clueless?

I was surprised because nowadays, that lack of caution is so rare. That’s partly because people have gotten a little more sophisticated about privacy controls, but mostly I think we’ve just given up. We can’t be confident our stuff is private today or will stay private tomorrow — if we didn’t know that already, we know it now from The Fappening and the Guardian’s uncovering that Whisper tracks its users.

And so I think that most people, most of the time, have decided to just assume everything we do online is public, and to conduct ourselves accordingly. It’s a rational decision that’s resulted in a tone and style we all recognize: we’re cheerful about work, supportive of friends, proud of family; we’ve got unobjectionable hobbies and we like stuff like vacations and pie. Promotions and babies and parties yes, layoffs and illnesses and setbacks not so much.

Secret, the app that was super-hot last winter, was briefly an exception. People talked on Secret about bad sex, imposter syndrome, depression and ADD, their ageing parents, embarrassments at work. You may remember the engineer who posted that he felt like a loser because he, seemingly alone in Silicon Valley, was barely scraping by financially. It was vulnerable and raw and awesome.

But I ended up uninstalling it pretty fast, after one too many humble-brags showed up in my feed. (The final straw was a guy boasting about how he’d bought a new iPad for a kid at the airport, after watching her mom get mad at her for dropping and breaking theirs. Blah.) I couldn’t bear seeing people diligently polishing up their self-presentation as confident and fun and generous and successful, on a service whose whole point was to enable risk-free vulnerability.

Reverse-engineering user behaviour on Secret, it read to me like people were hedging their bets. Secret users seemed to be operating (maybe without even thinking much about it) on the assumption that one day, due to a data breach or change in privacy policy or sale of the company, their activity on Secret might be available, linked to them, to their friends or insurance provider or boss or mom or bank. They didn’t trust their activity was permanently private, and so they acted as though it wasn’t.

That feeling of always being potentially in a spotlight leads us to relentlessly curate how we self-present online. And that is bad for us.

It’s bad for individuals because we run the risk of comparing our own insides to other people’s outsides, which makes us feel crappy and sets us up to make decisions based on flawed assumptions. Brene Brown: “If you trade your authenticity for safety, you may experience the following: anxiety, depression, eating disorders, addiction, rage, blame, resentment, and inexplicable grief.” Erving Goffman: “To the degree that the individual maintains a show before others that he himself does not believe, he can come to experience a special kind of alienation from self and a special kind of wariness of others.”

It’s bad for society because it makes people feel alienated and disconnected from each other, and also because it has the effect of encouraging normativity. If we all self-monitor to hide our rough edges, our unpopular opinions, our anxieties and ugly truths, we’re participating in the narrowing of what’s socially acceptable. We make it less okay to be weird, flawed, different, wrong. Which sucks for young people, who deserve to get to freely make the stupid mistakes of youth. It sucks for people who’ve been abused or poor or sick, and who shouldn’t have to hide or minimize those experiences. And it sucks for anybody with an opinion or characteristic or interest that is in any way unconventional. (Yes that is all of us.)

Anonymity was one of the great things about the early internet, and although we benefit enormously from the ability today to quickly find and research and understand each other, as individuals we also need private spaces. We need, when we want to, for our own reasons, to get to be predictably, safely, unbreakably anonymous/pseudonymous, online. That’s why I use Tor and other FLOSS services that support anonymity, and it’s why I avoid the closed-source, commercially-motivated ones. I trust Tor, like a lot of people do, because it has a track record of successful privacy protection, and because it’s radically transparent in the same way, and presumably for the same reasons, that Wikipedia is.

I’ve got nothing to hide (and oh how I hate that I feel like I need to type out that sentence), but I value my privacy, and I want to support anonymity being understood as normal rather than perverse or suspect. So I’m increasingly using tools like Tor, ChatSecure, TextSecure, RiseUp, and DuckDuckGo. I’ve been talking about this with friends for a while and some have been asking me how to get started with Tor, and especially how to use it to access the deep web. I’m working on a post about that — with luck I’ll get it done & published within the next few weeks.

Why I’m working with Tor and First Look

Why I’m in favour of online anonymity