Is Privacy possible without Anonymity?: The case for microblogging services

Traditional approaches to privacy are usually based on top of anonymizing or pseudonymizing systems. For example, users who would like to protect their identity and/or hide their activities while browsing the web frequently use anonymizing systems (e.g., Tor) or services (e.g., VPNs and proxies). Although anonymizing systems are usually effective, recent revelations suggest that anonymization can be compromised and can be used to provide a false sense of security. In this paper we assume a world where anonymization is (practically) not possible. Imagine, for example, a community where the use of anonymizing systems is frowned upon or even forbidden. Is it possible for users to protect their privacy when they can not hide their identity? In this paper, we focus our question on users interested in following information channels in microblogging services and we show that it is possible for users to protect their privacy even if they can not hide their identity. To do so, we propose two obfuscation-based algorithms and quantify their effectiveness. We show that obfuscation can be used in such a way so that attackers can not use this service to increase their a priori knowledge on whether a user is interested in a channel or not.