This question is at the center of the recent security breach involving Disqus, a widely used comment hosting service, and Gravatar, a service owned by WordPress co-founder Matt Mullenweg’s company Automattic. Gravatar allows users to maintain a consistent profile picture across websites enabling a Gravatar plugin. Until recently, Disqus enabled Gravatar which uses an MD5 hash, an algorithm designed in 1991, to mask the email addresses associated with each Gravatar account.
Gravatar’s MD5 hash has been proven to be easily hackable. In December, a group of investigative journalists at Sweden’s Researchgruppen was able to de-anonymize the identities of thousands of Disqus commenters who use Gravatar. To do so, Researchgruppen requested commenter data from Disqus using Disqus’s open API protocol and wrote a script to automate the download. Included in the data they downloaded was the un-hashed email addresses of Disqus users who also used the Gravatar plugin. Researechgruppen identified targeted Disqus users by aggregating data posted from various accounts tied to their email addresses.
According to Swedish news outlet, The Local, Researchgruppen’s investigative project began as an effort to identify right-wing commenters who post comments Researchgruppen deems hateful or racist. Researchgruppen sold the identities of targeted commenters, including public officials and private citizens, to the tabloid Expressen. Among the targeted commenters were members of the Sweden Democrat party, several of whom resigned due to Expressen’s publication of de-anonymized comments they had made on Gravatar-enabled sites.
Researchgruppen’s data mining did not stop there. They obtained data related to over 29 million comments as well as the identities of thousands of Disqus users. They have not made an announcement as to what they plan to do with this data. The original project was specifically targeted at right-wing policymakers and citizens in Sweden, and it remains to be seen how or if they will use the remainder of the data they obtained.
When Citizens Lack a Constitutional Right to Free Speech
Such de-anonymization of commenter data has different implications in Europe than in the US. Unlike Americans, European citizens are not protected by a constitutional right to free speech. Risks to de-anonymized commenters in Europe include getting sued for hate speech or libel, getting fired from their jobs, or getting physically harassed by political or ideological opponents. In China, authorities have used commenter data to track down and jail political dissidents.
Yet, de-anonymizing user data isn’t always bad. In the case of infamous redditor ViolentAcrz, doxxing, or revvealing the identity of anonymous commenters through hacking, revealed and put an end to an abhorrent collection of content including pornographic galleries of upskirt shots (photos taken literally “up the skirts” of unsuspecting women). At the time, reddit abdicated responsibility for posts or galleries by users such as ViolentAcrz, and according to the first amendment, what he posted was legal. But any reasonable person would be offended by his content, and indeed he lost his job and briefly became the internet’s enemy #1 when his identity was exposed.
Gravatar and WordPress
Disqus and Reddit aren’t the only publishing platforms vulnerable to doxxing. WordPress, along with other major tools like social publishing platform Hootsuite and collaborative software building site GitHub, use Gravatar. In fact, Gravatar was created by WordPress co-founder Matt Mullenweg, who says Gravatar hosts over 20 billion images per day. If Gravatar users are as easily attacked as it in the case of Researchgruppen and Disqus, all owners of Gravatar-enabled sites should be concerned, especially in countries where citizens can be persecuted for expressing controversial political opinions.
Content producers, developers, and designers know how important it is to understand our audiences. Data collected by services such as Gravatar is a valuable commodity, but data is only useful up to a certain point. Ultimately, numbers are important, but they are not a replacement for creative ingenuity. At what point should marketers depart from what numbers say and rely upon great, original creative?
No matter how one answers that question, users should always have to opt-in to share their opinions or personal information and it should always be clear if the data they opt to share will be sold to third parties or monetized in any way. Bottom line: marketers need to find ways of understanding audiences that preserve their right to privacy.
Internationally, it is vital that social platforms educate their users about the law in the country where that user resides and possible repercussions of comments made online. Currently, there is a lack of easy-to-understand material about privacy concerns online or the legal ramifications of certain types of posts. Instead, there is a lot of paranoia, trolling, and careless posting among users, fueled by over-eager marketers who are failing their users in pursuit of data about them. We would all benefit from better user education about privacy and more effective opt-in tactics and incentives for users who choose to share opinions or personal information online.
Add your thoughts in the comments: what are some solutions for preserving user privacy while monitoring content that is libelous, illegal or potentially dangerous?
Megan Blanchard graduated from UCLA with a B.A. in Film, Television and Digital Media. She has been writing and designing content strategy for online outlets since 2009.