With recent reforms in Austria set to remove the possibility to leave anonymous comments on the internet, the question of the right to anonymity is on the agenda.
The justification for the reforms in Austria is concern about the rise of ‘hate speech’, and the sense that anonymity can give people the possibility to spread discriminatory views without consequences. If there’s a risk of being identified and caught, the argument goes, people will moderate their speech.
Civil liberties groups have, however, opposed this, pointing out that it is often the usual victims of hate speech – marginalised groups, those in vulnerable positions – who have benefitted most from the opportunity to use the Internet without giving up their identities.
How does this affect libraries, both as concerns their values and their practice?
Anonymity is included as a concept in IFLA’s own Statement on Intellectual Freedom, which is celebrating its 20th Anniversary this year:
‘Library users shall have the right to personal privacy and anonymity. Librarians and other library staff shall not disclose the identity of users or the materials they use to a third party’.
Talking about privacy and anonymity is perhaps a little awkward. In effect, anonymity is rather one means – a particularly effective one – of ensuring privacy. If you are never identified in what you do, then there is no possibility of someone else learning about your preferences or activities.
For example, it is the difference between paying for your groceries with a credit or debit card, and paying with cash. Paying with a card leaves a trace which a shop or card provider can use to build a profile. Paying with cash leaves no trace. It is far easier to be anonymous in the latter case.
Of course, privacy can be achieved without anonymity. There are conditions under which personal data collection is acceptable – and even desirable.
Indeed, this is recognised in legislation such as the General Data Protection Regulation in Europe. This both looks to ensure that no more data is collected than necessary (data minimisation), and that what data is collected is done with consent, and then stored and used properly.
In short, privacy implies a mixture of anonymity in some cases, and careful and ethical collection and management of data in others.
The question then is of how to decide when we should opt for anonymity, and when not, acknowledging that the highest level of privacy comes from keeping people anonymous.
Anonymity vs Data Protection
There are some interesting examples in the wider world that offer some insights into this question. For example, it is seen as normal that we need to identify ourselves in order to buy and drive a car. Nonetheless, the list of who owns which car is not made public.
However, if we were asked for the same in order to ride a bicycle, this would seem shocking.
Why is this? The reason likely lies in the fact that it is far more likely that someone can do harm in a car than on a bicycle. In order to catch those who are driving too fast, or causing accidents, giving the police a means of identifying the owner of a car can be seen as justifiable (if not perfect).
A second example comes from contrasting medical records with information about how someone travels around within a country.
We generally accept that medical professionals should have access to records about allergies, conditions and past treatment in order to improve our care. We of course expect that these are properly looked after.
In contrast, in most parts of the world, we don’t expect to be tracked as we move around within the cities, regions or countries we live in. While, of course, our phones often do this for us, when we become aware of it, we often remember to update our settings to prevent this.
In short, while there may be some situations where being tracked is helpful (for example to find missing people or to make using online maps easier), many given the option will choose anonymity.
In this case, even though medical information is arguably far more personal than travel information, we accept this breach of anonymity because it brings real benefits.
What about libraries?
Many libraries do not require identification for someone to be able to enter a building and use resources on site (although policies do vary when it comes to using library computers). However, in order to borrow books, a library card is necessary, implying a loss of anonymity.
The justification is that lending only works when there are limits on what any individual can borrow, and that there is a time-limit on this. This is only possible with an account attached to a person.
The IFLA statement implicitly recognises this divergent approach, accepting that in addition to anonymity in some circumstances, libraries will also hold personal information which could (but shouldn’t, at least not without consent) be shared with third parties.
How does this choice apply when it comes to using – and expressing yourself – on the internet?
The Man Without an IP Address
Clearly the argument of the Austrian government is that the harm done by online hate speech is cause enough to oblige people to use their real names.
At first, this logic is attractive. Hate speech does indeed do harm to people who may already be vulnerable, and it is important to stop it when it risks leading to real harm.
However, it is not necessarily the case that identifying a person stops this from happening – in the end, it is taking down the content itself that resolves the issue. This can be done through notice and (transparent) moderation.
The subject of hate speech itself is also difficult. While there may be some black-and-white cases, there are many more nuanced ones where it is hard to draw a clear distinction. Just because something is rude or offensive for some, it does not necessarily make it hate-speech.
This recalls the situation with other reasons often given for restricting content, such as security (many governments claim that any criticism of their actions is a security threat) or morality (used in many situations to repress LBGTQI expression).
It is clear of course that perhaps some sources of hate speech will think twice if they need to share their identities. But this does not necessarily stop them holding such views, or carrying out acts motivated by them.
Furthermore, we also have to accept that removing the right to anonymity risks opening the doors to other moves away from anonymity as default, and so weakening a key protection for vulnerable individuals and groups.
People who have found a community and a voice online that has been denied to them in the physical world risk losing it when their names are shared. Through this, they can become the victims of attacks on their persons and property.
At a less extreme level, the feeling of being watched can have a chilling effect on online behaviour, restricting people’s ability to follow their interests and develop their personalities. In any case, for a democratic government to take such a step, even for the most honest of intentions, simply risks legitimatising those who will use restrictions on anonymity to crack down on diversity and dissent.
The implication of the General Data Protection Regulation, as well as of IFLA’s Statements on Intellectual Freedom and Privacy in the Library Environment is that the default in any situation should be the highest possible level of privacy – i.e. anonymity.
It follows that the collection of data should be the exception, not the rule, and in this case be justified, with cases such as that of Austria provide an opportunity to remind ourselves what’s at stake.
Nonetheless, decisions about when it is acceptable to derogate from anonymity also appear in the work of libraries. It is important to be conscious of these, in order to take the best decisions for users.