[Air-L] Ensuring Anonymity when online - long

John white, Ph.D. john.white at wku.edu
Tue Feb 3 06:32:41 PST 2009 

All,

A researcher has asked an interesting question:

> I am in the process of embarking on my own internet-based study that 
 > assesses internet child pornography related behaviors. I have
 > run into several challenges with regard to the anonymity of
 > data, as such data may be particularly interesting to law
 > enforcement. I am writing to call on your expertise in working
 > to resolve this issue. Given that you assessed illegal activities,
 > how did you prevent against the possibility of law enforcement
 > seizing data and connecting it to individuals via IP addresses


My reply:

> If I read your note correctly, you are most concerned about IP matches 
 > against a source computer.  The simplest way to defeat this would be
 > to identify multiple proxy servers that 'wash' this information away.
> 
> In essence, you encourage participants to utilize one of the many 
 > free servers that have been established on the internet.  You
 > can also make arrangements with your own University to have the IP
 > logs scrubbed on a regular basis (or even turned off).  Frankly, you
 > can set up almost any computer to act a server with these logs set
 > to 'off'.  You cannot block the ip logs on intervening 'hops' in
 > the data stream, but using a proxy server for entry, and your own
 > server that doesn't keep originating IPs complicates any tracing of
 > the source computer.
> 
> Wikipedia has an entry on proxy servers that is written in English:
> http://en.wikipedia.org/wiki/Proxy_server
> 
> There is also a website that appears to rank proxy servers:
> http://www.topfreeproxy.com/
> 
> There is also a program, administered through NIH that allows a 
 > researcher to obtain a government document declaring the project of
 > such interest to public health that none of the collected information
 > can be used by law enforcement, regardless of how much they would
 > like to obtain it.  Dr. Duncan is more aware of this particular
 > procedure than I am and could best answer any questions should
 > you seek this classification.
> 
> You can also arrange to have the survey hosted on a web site in the 
 > EU, which has a better history of enforcing privacy laws over the
 > past decade.  Additionally, identifying proxy servers overseas, may add
 > a further layer of security.
> 
> Lastly, you can obtain a security certificate and arrange for the 
 > data transmission to be secure using 128 bit encryption.  That way
 > the data stream is as secure as possible.  The technical personnel
 > at your University can help create a secure webpage for you.
> 
> There may be other security holes in your protocol I'm not aware of, 
 > but I can think of some procedures that will work in your favor:
> 
> 1) Lots of studies on the internet. The fact it is so large makes 
 > it harder to stumble across your site.
> 2) Block search engine access so you don't show up in Goggle/Yahoo, 
 > etc.  They use bots (autonomous programs) that search and check for
 > permission to search a page.
> 3) Don't link from other pages.  Create a stand alone survey where 
 > you have to type in a unique address to get the page.

Now, what other suggestions can be made as I am certain this will occur 
again in my own research and others?

JW

-- 
======================================================================
John B. White, Ph.D.                |               john.white at wku.edu
Dept. of Public Health - WKU        |             Office: 270.745.5867
College Heights Blvd.               |                Fax: 270.745.4437
Bowling Green, KY 42101-3576        |   http://www.wku.edu/~john.white
======================================================================

More information about the Air-L mailing list