Helping people with computers... one answer at a time.

Google was forced by court order to reveal the identity of an "anonymous" blogger. It's worth understanding the risks that this implies.

A few days ago, Google was ordered to reveal the identity of an otherwise anonymous blogger as part of a defamation court case. And of course, said no-longer-anonymous blogger is now planning on suing Google in return.

One of the very common topics here on Ask Leo! is, in fact, privacy, along with its companion topics anonymity and security. As a result,I think it's very important that everyone consider carefully what all this implies.

I am not a lawyer, and I'm in no way going to suggest that laws were or were not broken, that one side or the other is right or wrong. This is about understanding what's possible and realizing that the things you say on the internet - even "anonymously" - can often be traced back to you.

I get questions all the time about the ability to trace back an IP address to an address, a phone, or a person. My answer: you can't do it. The information that's required to do all that is simply not available to the average consumer. Anyone that tells you otherwise is either lying or misinformed.

"... the things you say on the internet - even 'anonymously' - can often be traced back to you."

But... that doesn't mean it can't be done.

The second half of my response to these kinds of queries is exactly that: "you'd need a court order".

That's exactly what Google was responding to ... a court order. And that's where the blogger lost their anonymity. (I realize that I may be comparing apples and oranges somewhat here: in addition to IP information Google probably had the blogger's account login information to the Google-owned service - - being used. That just made the technical steps involved slightly easier for Google. The point and the concerns are the same, regardless.)

So what does all this mean for the "average" person using the internet?

In short: be aware of what you say realizing that you may not be as protected as you think. Not necessarily from any legal perspective - laws can change and can be quite different from place to place - but from a technical perspective.

Let's use an example. Say you post an inflammatory comment here on Ask Leo!. Something that is clearly slanderous or threatening someone, for which you include no information that would personally identify yourself.

That person you've slandered then contacts law enforcement or just hires a lawyer to file suit against you - the "anonymous commenter".

I get served with a court order to release any information pertaining to the comment. I then turn over the server logs that include the IP address from which the comment was posted, and the date and time on which it was done.

The investigators then use that IP address to locate your ISP, whom they then serve with another court order to release any and all information about that IP address on that date and time. The ISP turns over their log information that says on that day and time that IP address was connected to this physical location, or via that telephone number.

That's a simplified case, and indeed sites and your ISP may not have, or may not have kept, the very logs that this back trace relies on, but then again - many sites and ISPs do. You just don't know which. Similarly, if a school or a business is involved, the respective IT department may get involved to narrow the search with whatever logs they have available.

Ultimately, there's a very real risk that with sufficient motivation and resources and with enough legal backing or ambiguity you can be found. Absolute "they'll never find me" privacy is nearly impossible to achieve. You can certainly make it harder using various techniques and technologies, but you're putting a lot of faith in whatever those techniques might be.

The bottom line is simply this: the internet has enabled a level of public discourse that's allowed people to speak out and be heard with ease to a degree never before seen. Not unexpectedly, the boundaries of what is and is not legal and protected, and perhaps even moral, are constantly being tested.

If you're one to push the envelope, realize that sometimes the envelope breaks.

Article C3851 - August 24, 2009 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

August 25, 2009 3:40 AM

So Leo, does this mean that the buck stops with the owner of the line/internet link? ie Am I right in thinking that if a comment was posted at say, a MacDonalds or Starbucks, then the only possible trace would be through cctv in the store, or am I missing something?

Well, that's one scenario, but we also don't know if there's other information available depending on the software being used. Perhaps that Starbucks router also logs MAC addresses, which ID specific machines. Some email programs include the machine name in the email headers - that would be a peice of data to help ID the sender. There's often more. It's not as easy as the crime TV shows make it out to be, but there's random bits of data that when collected by someone with enough motivation and smarts can often lead further than you might think.

Glenn P.
September 1, 2009 8:37 AM

You wrote:

So what does all this mean for the "average" person using the internet?

A nitpick on spelling, Leo -- That grates! -- the word "Internet" is always capitalized! Grrr!          :(

Actually, as another poster has already commented, that's subject to debate. The internet is as ubiquitous as the automobile these days, and IMO no longer warrants capitalization.
September 1, 2009 9:26 AM

Glenn P. - your comment is irrelevant to this post. Also, please read up:

In formal usage, the noun for the Internet has traditionally been treated as a proper noun and written with an initial capital letter, that is, a majuscule or upper-case "I".

However, critics argue that some things that are unique yet distributed, such as "the power grid", "the telephone network", and even "the sky", are not considered proper nouns, and are thus not capitalized. Since at least 2002 it has been theorized that Internet has been changing from a proper noun to a generic term.[1] Words for new technologies, such as Phonograph in the 19th century, are sometimes capitalized at first, later becoming uncapitalized.[1] It was suggested as early as 1999 that Internet might, like some other commonly used proper nouns, lose its capital letter.[2]

- That said -
Thanks for the article Leo! I actually think it is comforting to know the internet isn't so anonymous. A child pornographer shouldn’t be anonymous, and neither should those who maliciously spread false information (be it of a personal nature or false information to mislead the public about a product or service). It’s good to know that via a court order, some of these people can be caught.

September 1, 2009 10:05 AM

The sources you provided had some interesting details. According to CNET article of August 18th, the judge didn't order the identity to be released. According to it, the judge told Google to tell the blogger to "inform the blogger that he or she should probably get a lawyer, as there is a risk of unmasking."
The lawyer then said that the blogger had called a person "psychotic, lying, whoring...skank" but it wasn't meant as defamatory.

According to the blogger's twisted logic, Google has a lot of money, so it should spend it defending her against repercussions of what she says.

Lutz Pansegrau
September 1, 2009 10:48 AM

Dear Leo,

as said "it is (technically) possible to trace someone back, for what ever reasons", I wonder why it is than not possible to get rid of those persons/institutions who spread virus software, malware etc over the internet? On the other hand realizing that there has been established a huge industry which sells with great profit software to fight against such intrusions, I must come to the conclusion that it is (technically) Not possible. Or is it? Why must we use a pill to superimpose the disease instead of eradicating it?

Remember, "possible" is not the same as "easy". In spammers cases specifically they have adopted techniques that make it extremely difficult and time consuming to trace them back. So much so that the amount of work required to do it is often simply out of reach of all but the largest and most well funded organziations. And even after having done so (because it has been done, repeatedly) a hundred new spammers shows up to take their place, and the expensive process repeats.
Charles Tilley
September 1, 2009 8:44 PM

If these nitpicky things can be traced,than why can't the crooks who are daily trying to get me to click onto a link to "properly prove my idenity" be caught? I forward these very professonial lookalikes to the abuse department of Bank of America almost on a daily basis. And they always email me back,"thanking me" and they are very close to catching these people and shutting down their website. I believe every email I get from them are basically "form letters",because they all say the very same thing! My real point is,all this technology is available, why not use it to catch the REAL bad guys, freaks who like child porno, crooks who try to get people to "click" onto a link so they can rip them off,etc.

See my previous response to Lutz: "possible" is not the same as "easy".

September 3, 2009 1:00 AM

The basic moral of the story is that the moment you commit a crime, you lose your privacy. In fact, even if you don't commit a crime you can lose your privacy if a court order inadvertently includes access to your details.

September 5, 2009 12:20 PM

So, to clarify, it's POSSIBLE, but difficult and often prohibitively expensive. Which means someone would be spending lots of money on subpoenas to identify the source of defamation for potentially little recovery of "damages". Basically, "So sue me for everything I don't own." It just seems to me that it's not all that much risk for a blogger to "talk mean" about someone on the internet, and a lot of expense trying to get even for it.

Lutz Pansegrau
September 8, 2009 8:40 AM

Thanks Leo for enlighten me here. Yet, in this regard I would like to give a suggestion. Instead of producing/developing and maintaining Antivirus/AntiSpam/AntiMalware software to fight against intrusions or asign huge and costly human effort to trace back offenders, it makes more sense to me in developing software which does the back tracing with a minimum of human interference and with an automatic result of blocking or forwarding the addressee. Unfortunately, even possible, who pays for it and therefore there's no profit. May be governments would do to protect their community.

with zombie botnets now responsible for the majority of the spam, automated backtrace and block would actually accomplish very little.

Lutz Pansegrau
September 16, 2009 1:40 AM

Thanks again Leo, I wasn't aware of that fact. Did the reading about zomie botnets and how they created (Kaspersky, Symantec).

May 20, 2012 7:55 AM

This article is "old", but I think a comment is merited. To avoid any backtracking, 'Ultrasurf' can be used. All internet access using Ultrasurf is anonymized by being routed through their servers, and all data transfers between their servers and your machine are encrypted both ways. Some posts I've seen around indicate that some people suspect that Ultrasurf may be malware, but it is not. See their site.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to to ask your question.