Some people have asked if the informing function of the Bangbai app could allow the anonymous reporting of incidents and issues. They believe that potentially useful information (for example, information about criminals) might not be reported because people are afraid of their identities being discovered.

To what extent might it be technically possible for the Bangbai app to guarantee the anonymity of its users if this feature was approved?

The answer could include the following:

• It is very difficult to guarantee anonymity as so many technologies and levels of logging are involved.
• Encryption can be used to make the contents of the communication inaccessible (or at least much more difficult to access).
• Information such as IP address, can be used to trace somebody but would need the cooperation of an ISP etc.
• IP Addresses are logged at various different levels: Client OS, ISP, routers on the internet (many of them), host webserver (in a weblog file). The server could be set up to not log this information.
• Logging of IP addresses by the ISP, local router at client’s point of origin and routers all along the internet cannot necessarily be controlled or secured to prevent them logging accesses.
• MAC addresses that identify the specific device used are logged by switches.
• VPNs or proxy servers could be used to make the users’ origin difficult to obtain.
• IP addresses can be shared between many different computers in one area/organization, using NAT (network address translation) so might not uniquely identify a person.
• The client device itself could be compromised with key loggers, spyware etc. and therefore even if all transmission risks were removed, someone could still get access to the information and source.
• Various products/services/protocols exist which try to make anonymity easy (such as Tor browser) but this is still an area that is developing
• If the servers are vulnerable to physical attack, then people could forcefully enter the hosting facility and install monitoring software or steal data. Sufficient security, biometric access locks etc. could help to prevent this.
• If the data is backed-up, then this historic data should be anonymised or destroyed.
• How ethically correct is it for the providers of the emergency services to receive what could be hoax calls and have no way of knowing themselves who has made them. Could this be counterproductive and therefore allow people to drain emergency resources and potentially send police to unnecessary operations? The equivalent to this online service would be the “confidential telephone” services available by the police in several countries, but these are not anonymous either (though they don’t necessarily pass through an open communications platform like the Internet).