The Federal Trade Commission and privacy advocates have challenged that premise, but it's not clear whether Web companies, or the public at large, is convinced that individuals can be identified based on "anonymous" data collection.
Now, two researchers at the University of Texas at Austin have authored a paper attempting to debunk once and for all the concept that "anonymous" means private. In the report, "De-anonymizing Social Networks," the authors say they were able to use "anonymous" information to unmask one in three Twitter users' identities who also had accounts on Flickr.
"The main lesson of the paper is that anonymity is not sufficient for privacy when dealing with social networks," the report concludes.
The authors also cited some Web companies, including behavioral targeting company NebuAd, that attempted to claim they didn't pose privacy risks because they only dealt with anonymous information.
"Anonymity has been unquestionably interpreted as equivalent to privacy in several high-profile cases of data-sharing," state the authors, Arvind Narayanan and Vitaly Shmatikov. "The CEO of NebuAd, a U.S. company that offers targeted advertising based on browsing histories gathered from ISPs, dismissed privacy concerns by saying that 'We don't have any raw data on the identifiable individual. Everything is anonymous.'"
NebuAd's former CEO Bob Dykes stepped down soon after making that statement to The New York Times. The company then retreated from its plan to purchase information about Web users' activity from broadband providers.
The researchers say social networking sites "should stop relying on anonymization as the 'get out of jail' card insofar as user privacy is concerned."
While the specific research into social networking sites is new, some say it's always been possible -- online or offline -- to unmask some "anonymous" speakers, given sufficient information.
"When you leave a data trail behind you, there is always some potential that with some level of work, somebody can tie that to your real identity," said Jules Polonetsky, director of the think tank Future of Privacy Forum. "The more data you leave behind, the greater the probability that somebody could put together that information," he said.
For instance, in the book publishing world, a "literary forensics" specialist unmasked Joe Klein as the author of "Primary Colors" by analyzing the writing.