Pentagon drops plan to curb Net anonymity

Pentagon drops plan to curb Net anonymity
By Declan McCullagh
22 November 2002
CNET News.com

A Defense Department agency recently considered--and rejected--a far-reaching plan that would sharply curtail online anonymity by tagging e-mail and Web browsing with unique markers for each Internet user.

The idea involved creating secure areas of the Internet that could be accessed only if a user had such a marker, called eDNA, according to a report in Friday's New York Times.

eDNA grew out of a private brainstorming session that included Tony Tether, president of the Defense Advanced Research Projects Agency (DARPA), the newspaper said, and that would have required at least some Internet users to adopt biometric identifiers such as voice or fingerprints to authenticate themselves.

A DARPA spokeswoman said on Friday that the idea, which had been proposed by the agency, was no longer being considered. "We were intrigued by the difficult computing science research involved in creating network capabilities that would provide the same level of accountability in cyberspace that we now have in the physical world," spokeswoman Jan Walker said in a telephone interview.

Walker said it was a "decision by DARPA management" not to pursue the idea, which was explored at a two-day workshop in California in August and which drew sharp criticism from the group of computer and privacy experts that DARPA convened to review the proposal.

Depending on how eDNA might have been implemented, Congress could have enacted a law requiring Internet providers to offer connectivity only to authenticated users, or government regulations could have ordered that fundamental protocols such as TCP/IP be rewritten or new ones created to handle authentication techniques.

Friday's report comes as a DARPA unit, the Information Awareness Office (IAO), has come under fire for its plan to create a prototype of a massive database that would collect information about everything from Americans' credit card purchases to veterinary records and public information. Run by John Poindexter, the retired vice admiral who was an adviser to President Ronald Reagan and who became embroiled in the Iran-Contra scandal, the IAO also was involved in the eDNA review.

At the same time, the government has had notable success in strengthening its oversight of Internet activities. Earlier this week, the Senate passed a bill, expected to be signed by President Bush this month, to create a Department of Homeland Security in a massive reorganization of federal agencies. A portion of the bill, the Cyber Security Enhancement Act, expands the ability of police to conduct Internet or telephone eavesdropping without first obtaining a court order, and grants Internet providers more latitude to disclose information about subscribers to police.

Also this week, a secretive federal court removed procedural barriers for federal agents conducting surveillance, giving them broad authority to monitor Internet use, record keystrokes and employ other surveillance methods against terror and espionage suspects.

Defense official: No privacy at risk
On Wednesday, Defense Department undersecretary Pete Aldridge defended the Total Information Awareness (TIA) program to reporters, saying "there are no privacy issues" at stake with a prototype under development. DARPA was just creating a system that would be turned over to police and intelligence agencies for operational use when complete, Aldridge said.

"The purpose of TIA would be to determine the feasibility of searching vast quantities of data to determine links and patterns indicative of terrorist activities," Aldridge said. "This is an important research project to determine the feasibility of using certain transactions and events to discover and respond to terrorists before they act."

For the last few years, the federal government has fretted about Internet anonymity, which can exist in a weak form when people connect from behind firewalls or through large Internet providers, or in a strong form when technologies such as anonymous remailers or Zero Knowledge's now-moribund Freedom network are used.

In March 2000, then-Attorney General Janet Reno complained about law enforcement's "inability to trace criminals who hide their identities online" at an event to release a report on unlawful conduct online that suggested restrictions on anonymity. Former FBI director Louis Freeh also called for the Internet industry to keep records on customers' activity, saying the bureau would "encourage the Internet provider industry to maintain subscriber and call information."

In 1995, the U.S. Supreme Court said in the McIntyre vs. Ohio Elections Commission case that broad restrictions on anonymity violate the First Amendment's guarantee of freedom of speech: "Anonymity is a shield from the tyranny of the majority."