Tools that enable internet users to "anonymize," or conceal their online identities, have benefitted many people, such as activists fearing government persecution. It has also enabled people engaging in illegal online activity. People may wish to keep their online identities private out of genuine concern for their own safety, or out of a belief that what they do online is simply no one else's business. Efforts to investigate and track allegedly illegal online activities, however, often threaten to infringe on everyone's privacy rights. Law enforcement has had little success in cracking anonymizing technology, but ordinary human errors have assisted them in many cases by allowing them to connect anonymous activity to specific suspects. As The Daily Dot put it, the users themselves might be anonymizing technology's only "glaring weakness."
A software package known as Tor is one of the most well-known and widely-used anonymizing technologies available today. Its name is short for "The Onion Router," which refers to the use of multiple network nodes and encryption levels, sort of like the layers of an onion, to conceal the source of online communications. While a normal web browser sends and receives data along a relatively direct route, Tor uses a global network of computers and routers to transmit data along a winding, encrypted path. The Tor Project, a nonprofit organization that makes the software available for free, was originally funded by the U.S. military and still receives funding from the federal government.
The National Security Agency (NSA) has reportedly tried to "de-anonymize" Tor, but has not had any success. While it can reveal the identities of small numbers of users through "manual analysis," it has not come close to being able to de-anonymize all of Tor's users at once. Perhaps most importantly from a privacy standpoint, it cannot de-anonymize any one specific user, such as in response to a criminal investigation. Statutes regarding cybercrime require the state to prove beyond a reasonable doubt that a defendant engaged in certain acts. Investigators might try to establish these elements by showing that specific communications originated from a defendant's computer's IP address, or that a defendant was logged into their user account at the time certain acts occurred.