When it comes to anonymity on the Internet, we may face with the situation where there’s no middle ground between complete anonymity and control.
We could have anonymity through trusted authority. For example, I may trust google, yahoo, microsoft, my ISP, my blog providers, and other entities not to expose my real identity. This kind of anonymity is easy to obtain, but the question is can we trust them?
In Thailand, there’s computer crime act law that forces ISPs and content distribution sites (e.g., sites providing web discussion boards) to keep access logs for 90 days. If you post something, the police can trace back to you. Unless you do something clever about the way you post.
Yes, you can trust the web sites, but they can’t help you in this case because they’ll also get fined. The site can host the content abroad, but if the site owners (or operators) is in Thailand, they’ll be charged as well. (And, the fine is not so small; also, the police could put them in jail.)
You can use sophisticated platforms, e.g., Tor network. In this case you trust the design of the system that even when intermediate parties try to disclose your identity, you’ll be safe. (However, if large fraction of the nodes in the network try to identify you, they probably can.)
In the case of (sort of) complete anonymity, we face a situation where one can use this “freedom” to attack others.
I can’t see the middle ground. Do you see some way to get around this? If not, which way do you like? Who can we trust? And, if there’s no one we can trust, how can we deal with the case of complete anonymity?