Saturday

Wikipedia to Release IP Address in Search for Anonymous Blackmailer

There's an interesting case in respect of anonymous surfing which has just been through the UK courts. It concerns a businesswoman, and some blackmail attempts apparently centering on personal details and alleged false expenses claims. The unamed business woman had received threats by email, and an entry on a Wikipedia page had been modified with personal details about her and her daughter.

The case was brought so that an order could be made for Wikipedia to release the IP address of the person editing the Wiki page. Here's a link to the privacy court case

Incidentally if you want to retain more anonymity when editing Wiki pages it is ironically better to login with a valid account.

Here's why
  1. If you login anonymously and edit a Wiki Page, your IP address is recorded and preserved in the WIki Page itself
  2. If you login as a valid account holder your IP address is stored for a short time before being deleted.
So basically  your IP address will be stored and logged indefinately if you don't login properly.  So you can be identified as the author from your IP address (unless you use Identity Cloaker of course!)

Anyway back to the case, the court have ruled in favour of Wikipedia releasing the IP address of the possible blackmailer in order that they can be identified and investigated.    Unless this person has taken steps to remain anonymous by using a proxy or security software, then it is very likely they will be easy to identify when the IP address is released.

It's an odd stance in some ways that Wikipedia is taking, they state that they are not bound by court orders in foreign countries to release this information however they also say that they will comply in most cases with these orders.

Here's the relevant sections from Wikimedias policy on when and why they will release such information -

1. In response to a valid subpoena or other compulsory request from law enforcement,

2. With permission of the affected user,

3. When necessary for investigation of abuse complaints,

4. Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues,

5. Where the user has been vandalizing articles or persistently behaving in a disruptive way, data may be released to a service provider, carrier, or other third-party entity to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers,
6. Where it is reasonably necessary to protect the rights, property or safety of the Wikimedia Foundation, its users or the public.

It's quite wide ranging as you can see, which I think many people would be surprised at their lack of privacy when anonymously editing wiki articles.    This is yet another reason why people should be careful what they do online, I see often people making quite libelous remarks on forums and social networking sites thinking that their nickname protects their identity when making comments.   It's simply not true and it's a simple matter to identify the people making these comments simply by looking up  their IP address.

It is also why there is a huge risk to privacy and anonymous surfing in all the logs and distributed information that sits on servers, routers all across the internet.   The simple fact is that absolutely everything we do online can be traced back and monitored and it routinely is by the authorities.   If you want some privacy and anonymity online you have to do something about it as you won't get anything by default.

0 comments: