Anonymity vs. Privacy

Last updated: 25-Oct-25

Douglas Crawford at Proton wrote this great summary of the differences between anonymity and privacy. He notes that they are not synonyms and contrasts them:

Anonymity – Keeping your identity private, but not your actions. For example, using a pseudonym to post messages to a social media platform. Privacy – Keeping some things to yourself, which can include your actions. For example, messaging friends privately so they know who sent the message, but only they can read it.

So you can be anonymous but not private, and vice versa. You can also be both, or neither.

Put another way:

Anonymity is like saying “hello” in public to another person while you wear a mask and mask your voice. The message / action is open, but the actor (you) is hidden.
Privacy is like discreetly whispering “hello” to another person, unmasked. The message / action is hidden, but the identity of the actor is open.

As Crawford also notes, these are different from “security”, though they are often used interchangeably.

Security – The precautions used to keep you safe. What exactly “safe” means can very much depend on your threat model.

It may be helpful to read “security” in the sense of assurances – they are actionable practices that you can take to ensure you have the outcome you want, in the presence of a “threat model.” The amount of assurances you need depends entirely on your “threat model.”

Iron Triangle of Security

Choose any two:

Effectiveness
Convenience
Low-cost

For example, storing the computed values for 8,000 bitcoin on a hard drive and then losing that hard drive in a landfill is both a cheap and effective way of securing that the bitcoin are inaccessible… but as the owner found, it’s terribly inconvenient.

More practically, “cheap and effective, but inconvenient” could be using Multi-factor authentication where you provide a one-time-pad code or get an SMS message when attempting to log in to a service.

Similarly, you could use the same password for every site and have that password be something easy to remember (cheap and convenient), but this isn’t very effective at securing your privacy.

Lastly, something that isn’t cheap but would be effective and more or less convenient might be using unique and complex password each time, storing that password in a password manager service, or using a Yubikey. These aren’t expensive but they do add some cost.

Why do these matter?

The Pew Research Center has found that, in America at least:

Most Americans see privacy issues in commercial settings as contingent and context-dependent {…and…} would share personal information or permit surveillance in return for getting something of perceived value.

The “context-dependent” part here is key, and gets back to the “threat model” mentioned above. The key factors found by respondents include (paraphrased):

Will the company continue to pester me after the initial contact?
Will this data be used maliciously if the service were compromised?
Will this invade the privacy of my location?
Will the company be passively “stalking” me as I use the Internet?
Will the company be unethical and use the information I’m providing in ways that are different than what I agree to?

Having a deeper understanding of the differences between “anonymity”, “privacy”, how to secure them both, and what you’re securing them against are all key aspects of digital hygiene.

Sources & Further Reading

Proton.me: Privacy Decrypted #4: Understanding anonymity vs. privacy, Douglas Crawford
Wikipedia: Bitcoin buried in Newport landfill
Wikipedia: Yubikey
Pew Research: Privacy and Information Sharing
Book: Tor and the Dark Art of Anonymity, Lance Henderson
How to Use a Password Manager, Consumer Reports