How is anonymity formally defined, and what types of anonymity exist?
According to Petrlic & Sorge, a subject is anonymous when an attacker cannot sufficiently identify them within their anonymity set. Types include sender anonymity, receiver anonymity, and location anonymity.
* Three types of anonymity — sender, receiver, and location. *
Formal definition:
A subject is anonymous if an attacker cannot identify the subject within the anonymity set — the group of all possible subjects who could be responsible for a particular action.
Types of anonymity:
| Type | What it protects | Example |
|---|---|---|
| Sender anonymity | Who sent a message | Anonymous whistleblowing — the sender is unknown |
| Receiver anonymity | Who received a message | Accessing a website without the server knowing who you are |
| Location anonymity | Where someone is | Using a VPN to hide your geographic location |
Challenges of maintaining anonymity online:
- IP address tracking — Your IP address reveals your ISP and approximate location
- Cookies — Track your behavior across websites and sessions
- Browser fingerprinting — Your browser configuration (fonts, plugins, screen resolution) creates a unique fingerprint
- Activity patterns — When you're online, how you type, what you click — all create behavioral signatures
Key insight: True anonymity online is extremely difficult because even without explicit identifiers, behavioral patterns and technical metadata can narrow down or eliminate your anonymity set.
Go deeper:
Anonymity (Wikipedia) — sender/receiver anonymity and online de-anonymization vectors.