[UPDATE: (Because I did not intend to make peeder's life miserable) Please understand that this diary was intended to give people the information they need to make a balanced decision of how much privacy and anonymity is appropriate for thier particular circumstances. If your dKos user ID hasn't caused you problems in the past, it probably won't cause you problems in the future. For the overwhelming majority of users, there is no need to e-mail peeder to try and change your user ID.]
In light of the impending loss of one of our best bloggers, I think it may be a good time to offer some tips on protecting your online anonymity. Keep in mind that these are not foolproof. If you are looking for a 100% absolute way to protect your internet privacy I can think of only one, reach over and disconnect your computer from the wall. Abstinence, as our Republican friends would surely remind us, is the only sure-fire way to protect yourself.
For those of us that are not willing to go to that extreme, I offer a privacy "condom" below the fold.
Before I get started, you should understand that there are two primary ways that your anonymity can be compromised. The first is by the content that you publish and the second is by the electronic "tracks" you leave in cyberspace.
We'll start with the content.
1) ALWAYS use a pseudonym. Choose a good pseudonym that does not give away your name, location, occupation, or any other identifying information about you. Picking a screen-name like JoeInNY may seem like a good idea at the time, but do you really want to give the bad guys that much of a head start?
2) ALWAYS choose good passwords. Good passwords are at least 6 characters long and use a combination of alpha and numeric characters. Do not use passwords that are real words as these can be easily hacked. Never use the user ID and password on a blog that you use for other websites that contain personal or sensitive data (ie bank accounts, email, etc.)
3) ALWAYS use a free webmail account when registering at web sites. Yahoo and Hotmail are a couple of examples of companies providing free webmail service. This way you don't have to use the unique e-mail address that is associated with your account at your ISP. I personally have three e-mail addresses, one for conducting business, one for friends and family, and one specifically for registration on websites.
4) NEVER give out any information, no matter how insignificant it may seem, that could serve to identify you. Remember that a small tidbit in one posting may seem like no big deal, but many small tidbits in many postings can add up quickly. For example, let's say that in one of your posts you mention that you work for a local TV station. Then, weeks later in a thread comment, you mention that you live in Columbus, Ohio. Months later, you go on a rant about how you hate the idea of working for a network that is associated with the likes of Bill O'Reilly and Sean Hannity. Standing alone, each of these tidbits of info say very little about you. But summed together I can say with a high degree of certainty that you work for WTTE-TV, the local Fox affilliate in Columbus, Ohio.
5) NEVER blog, post to a blog, or conduct any kind of personal business from your work computer. A majority of companies today monitor thier employee's internet activity in some fashion.
6) NEVER post your real name. Never post the real names of your family members or friends.
7) NEVER post your private e-mail address to a public forum. If you feel you must give someone your e-mail to contact you, be sure to use a free webmail account as described in #2 above.
8) NEVER post a picture of yourself, your neighborhood, your pet, your car, or anything else that could be used to uniquely identify you.
9) NEVER post your telephone number in a public forum. Reverse phone directory lookups are available that can identify your name and address from your phone number.
10) ALWAYS try to have a story and stick to it. For example, if you get in the habit of always saying you live in a "medium-sized midwestern city" you will be less likely to slip and give away that you live in Omaha, Nebraska.
Just remember to keep in mind that it is not what you are writing right now that will give you away, just as looking at a single puzzle piece does not tell you what the finished puzzle will look like. But if enough puzzle pieces are gathered, a picture of who you are will begin to emerge.
Now on to the technical, the electronic footprints you leave in your travels through cyberspace.
1) Do you have a "super-cookie"? Many ISPs assign a unique machine name to your account that can be read through reverse DNS. Unfortunately, you can not disable, delete, or alter this machine name. It uniquely identifies you to every website you visit, acting like a giant "super-cookie" over which you have no control. It can be used to track your surfing activity, and can also be used to identify your geographic location. Too find out if your ISP assigns this "super-cookie" you can visit the GRC website here. Scroll about halfway down the page till you get to the part that says "The text below might uniquely identify you on the Internet" and read what it says. Short of changing your ISP, there is really nothing you can do about this, but you should be aware that this is happening while you surf.
2) Consider using anonymous proxies. Proxies act as a relay between you and the internet site you are visiting. Your browser's request for a web page is sent to the proxy server, which then forwards it to the website you want to visit. The website responds by sending the requested web page to the proxy server which then relays that page back to your browser. The effect is that the website you visit cannot see your computer, it can only see the anonymous proxy server. One of the more popular anonymous proxy products is Anonymizer, but if you are somewhat technically savvy you can also use some of the free proxy servers that are available. For a list of some of the free proxy servers try publicproxyservers.com
3) Register your website anonymously. If you have your own blog or website you should consider registering your domain name anonymously. If you don't do this, a simple WHOIS lookup will provide details about your real name, address, phone number, and e-mail address to anyone who cares to look. For a small annual fee (usually less than $10 per year) most domain name services offer private domain registration so that your personal information is not viewable through a WHOIS lookup.
4) Secure your web browser. The way you set up and use your web browser can leak information about you to internet sites you visit. This topic could take up an entire diary in itself but here are a few simple things you should be aware of. If you fill out an online form on one website, it is possible that that information could be passed via you browser's request header to the next site you visit. Be sure you know how to clear your browser's private information before moving on to a new website. In Firefox this is a accomplished by clicking on "Tools--> Clear Private Data" or by clicking on the Ctrl+Shift+Del keys at the same time. Also you should be sure your browser is always configured to block popup windows. Consider disabling cookies, java, and javascript by default and only turning them on when needed for trusted sites (like DailyKos).
And finally, in case you are "outed", you should know the laws of your state when it comes to online speech. Some states have laws that protect you when discussing certain topics, although these laws do not specifically address online activity.
From the Electronic Frontier Foundation website
One way to make sure your blog doesn't earn you a pink slip is to make sure that you write about certain protected topics. Most states have laws designed to prevent employers from firing people who talk openly about their politics outside of work, for example. Be warned that laws like this do vary widely from state to state, and many are untested when it comes to blogging.
1. Political Opinions
Many states, including California, include sections in their Labor Code that prohibit employers from regulating their employees' political activities and affiliations, or influencing employees' political activities by threatening to fire them. If you blog about membership in the Libertarian Party and your boss fires you for it, you might very well have a case against him or her.
2. Unionizing
In many states, talking or writing about unionizing your workforce is strongly protected by the law, so in many cases blogging about your efforts to unionize will be safe. Also, if you are in a union, it's possible that your contract may have been negotiated in a way that permits blogging. Some states protect "concerted" speech about the workplace, which means that if two or more people start a blog discussing the conditions in their workplace, this activity could be protected under local labor laws.
3. Whistleblowing
Often there are legal shields to protect whistleblowers--people who expose the harmful activities of their employers for the public good. However, many people have the misconception that if you report the regulatory violations (of, say, toxic emissions limits) or illegal activities of your employer in a blog, you're protected. But that isn't the case. You need to report the problems to the appropriate regulatory or law enforcement bodies first. You can also complain to a manager at your company. But notify somebody in authority about the sludge your company is dumping in the wetlands first, then blog about it.
4. Reporting on Your Work for the Government
If you work for the government, blogging about what's happening at the office is protected speech under the First Amendment. It's also in the public interest to know what's happening in your workplace, because citizens are paying you with their tax dollars. Obviously, do not post classified or confidential information.
5. Legal Off-Duty Activities
Some states have laws that may protect an employee or applicant's legal off-duty blogging, especially if the employer has no policy or an unreasonably restrictive policy with regard to off-duty speech activities. For example, California has a law protecting employees from "demotion, suspension, or discharge from employment for lawful conduct occurring during nonworking hours away from the employer's premises." These laws have not been tested in a blogging context. If you are terminated for blogging while off-duty, you should contact an employment attorney to see what rights you may have.
Keep in mind that while the First Amendment protects your right to free speech, it does not necessarily protect you from the consequences of that speech.
Good Luck and Safe Blogging!