Choosing Your Friends: Shaping Ethical Use of Anonymity Networks

Abstract

Anonymity networks protect the metadata of communication between participants. This is an important privacy guarantee for whistleblowers, activists, journalists and others who rely on anonymity networks. However, these same guarantees can also help criminals and disruptive users evade the consequences of their actions. Existing literature and research has little to say on what designers and operators of such networks can do to maximize beneficial uses while minimizing harm. We build on lessons learned from the widespread deployment of another strong privacy technology, end-to-end encrypted messaging applications, as well as on existing examples from anonymity networks, to formulate a set of design methods which anonymity networks can use to discourage harmful use. We find better solutions exist when networks are specialized to particular application domains since such networks are then able to provide a better trade-off between benefits and harms. One drawback of such specialization is that it may lead to smaller numbers of users and therefore an increased risk of insufficient anonymity.