Anonymity by Design versus by Policy
There have been some recent stories in the news about various "anonymous" bloggers and commenters being unmasked by court order. A business promises not to give up your identity unless forced to do so via court order. This is anonymity by policy. If a business doesn't have your identity, then there is nothing to divulge. This is anonymity by design.
Advocates for anonymous comments understand the value of being able to speak freely. However, if you're simply connecting from your home or office, parts of your identity are leaked to the site on which you commented. As shown above, you can be unmasked fairly easily. Some sites simply respond to a subpoena, others legal threats, and still others simply don't care; giving away your identity with any request. There are plenty of valid reasons to want to protect your identity in a blog, comment, or feedback form.
I've participated in "anonymous reviews" being conducted in a company where employees get to give their opinion on anything in the company: strategy, management, branding, etc. Human Resources rolls out the "anonymous survey" with great fanfare as a chance for the line employees to get their voice heard. At the same time, upper management asks IT to ascertain which IP address maps to which employee, whether connecting internally or not. Employees quickly figure out what's going on and feel undervalued and coerced into toeing the company line. And management lacks the feedback they probably should hear. In this case, anonymity by policy doesn't help anyone actually improve the company.
Another example is the Iraqi Rewards Program run by the CIA. It's designed such that concerned Iraqi's can report illegal activities and get a reward for verified intelligence. Essentially, an anonymous tip line. The issue is an Iraqi citizen will go into an Internet cafe and have an encrypted conversation with cia.gov. This is bad for the people who want to report something. An observer on the network only sees someone talking to cia.gov with encryption. A truly anonymous tip line should protect the identity of the tipster, and provide the tipster with the ability to divulge as much of their identity as comfortable.
The examples and news stories above show you the difference between anonymity by policy and anonymity by design. We encourage the courts to keep raising the requirements before forcing a provider to divulge your identity. We encourage companies to learn how privacy can enhance their relationship with their customers. We designed Tor such that relying on court tests and company policies isn't your only protection. Tor users and relay operators don't have the data to divulge. This is anonymity and privacy by design.
I recently dropped a comment on a blog, and they responded mentioning that tor isn't all its cracked up to be. The conversation had nothing to do with tor, they just saw I was using it based on their logs, I guess. They mentioned that it has exit nodes leakage issues or some such. I don't profess to understand all that, so what I'm wondering is if that means they can see more specific information about me, or if its just showing tha I use tor. Mind shedding some light?